×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Lead Information Security Analyst, GRC

Job in City of Edinburgh, Edinburgh, City of Edinburgh Area, EH1, Scotland, UK
Listing for: Cirrus Logic
Full Time position
Listed on 2026-04-27
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 GBP Yearly GBP 60000.00 80000.00 YEAR
Job Description & How to Apply Below
Location: City of Edinburgh

Overview

For over four decades, Cirrus Logic has been propelled by top engineers in mixed‑signal processing. Our team thrives on solving complex challenges with innovative end‑user solutions for the world's top consumer brands. Cirrus Logic is known for its award‑winning culture, built on inclusion and fairness, meaningful community engagement, and enjoyable employee experiences. We invite you to join us and help make Cirrus Logic an exceptional place to grow your career.

We are seeking a highly motivated, experienced professional to join the Cirrus Logic Information Security team as a Lead Information Security Analyst – Governance, Risk Management & Compliance (GRC).

You will be responsible for designing, operating, and continuously improving our ISO 27001‑aligned governance, risk, and compliance program, with a focus on integrated risk management, third‑party risk management, and security control effectiveness. You will also help define, refine, and ope rationalise the responsible use of AI technologies and services across the enterprise.

Key Responsibilities
  • Lead day‑to‑day operation and continuous improvement of our ISO 27001‑aligned ISMS, including policies, standards, and control procedures.
  • Develop, maintain, and socialise information security policies, standards, and guidelines; manage exceptions and ensure decisions are risk‑based, documented, and periodically reviewed.
  • Lead security risk and control assessments for new systems, services, and business initiatives, partnering with security, IT, and business owners to identify threats, evaluate design and operating effectiveness of controls, and document and track risk treatment plans. This includes evaluating AI/ML use cases for security, data protection, and misuse risks.
  • Plan and execute third‑party risk assessments for suppliers and service providers, including review of third‑party security questionnaires, trust documents, and remediation plans to ensure third‑party security meets Cirrus Logic’s requirements.
  • Analyze risks across technologies and business processes, prioritise remediation efforts based on business impact and likelihood, and prepare clear risk and control status reports for security leadership and key stakeholders.
  • Configure, administer, and optimise GRC tooling such as Service Now GRC or One Trust GRC to support risk registers, control libraries, assessments, exceptions, and third‑party workflows, including integration with IT and security platforms where appropriate.
  • Coordinate and provide evidence for internal and external audits, customer security assessments, and certifications such as ISO 27001 and SOC‑related reviews.
  • Partner with Legal, HR, and other stakeholders to identify and manage security‑related privacy and regulatory obligations; support privacy risk assessments and data protection controls, and assess privacy implications of AI/ML solutions.
  • Define and maintain security and risk guardrails for the use of AI/ML technologies, including acceptable‑use guidelines, control requirements, and review processes for new AI use cases and vendors.
  • Act as a trusted advisor to team members, IT, and business teams, translating security and risk requirements into practical, implementable solutions that align with engineering and operational realities. Partner closely with IT, engineering, and business teams to embed security, risk, and governance requirements into AI solution design and operation. Work effectively with a globally dispersed team across various time zones.
  • Maintain strong executive presence, outstanding written, verbal, and presentation skills. Communicate complex risk, control, compliance, and program matters clearly to technical teams, business stakeholders, and executive leadership. Develop high‑quality executive‑ready content and support GRC awareness, communications, and training initiatives.
Required

Skills and Qualifications
  • Proven experience in Information Security with a strong focus on GRC, risk management, and/or security compliance in a global environment.
  • Bachelor’s degree in cybersecurity, information systems, or a related field, or demonstrated equivalent experience as a security professional in a…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search