GRC Analyst

Please note that due to the nature of the work, you’ll need to hold a high level of UK security clearance

As the Policy & Governance Lead, you’ll be required to define, maintain, govern, and ensure compliance with the organisation’s ISMS policy framework, standards, and procedures, while supporting audit readiness and control assurance.

• Own and maintain all policies, standards, procedures, and guidelines aligned to ISO 27001.
• Manage updates, reviews, version control, and stakeholder approvals.
• Operate the evidence room, ensuring evidence is correctly catalogued, tagged, and mapped.
• Track control implementation and maturity across the organisation.
• Produce audit packs, control records, and compliance dashboards.
• Support GRC functions such as control assessments, policy exception reviews, and risk treatment monitoring.

• Experience in GRC, policy governance, or compliance.
• Strong knowledge of ISO 27001 Annex A controls and documentation requirements.
• Excellent analytical and writing skills.
• Have demonstrable background delivering architecture within MOD, Defence Digital, or UK aerospace environments.