Analyst, GRC Client Assurance
News Corp, The Borough, Southwark
Analyst, GRC Client Assurance
£31869
News Corp, The Borough, Southwark
- Full time
- Permanent
- Onsite working
Posted today, 3 May | Get your application in now to be one of the first to apply.
Closing date: Closing date not specified
Job ref: 9e6987c934db4eb5bf39e5e8d86ec974
Location ref: The Borough, Southwark
Full Job Description
As a GRC Client Assurance analyst, you will be supporting the Dow Jones Cyber GRC Program for News Corp along with the BISO and central GRC function. In this role, you will be providing Dow Jones corporate customers with the cyber related information necessary to feel confident that our organization's security policies and controls are reliable and meet Industry standards. This role sits at the intersection of security, compliance, and customer trust; ensuring our customers have confidence in our risk posture while supporting sales, renewals, and audits. What's the role?
- Assist with security questionnaires, RFPs, and assessments from Dow Jones' corporate customers to verify our organization's security posture, often against tight deadlines.
- Respond to client inquiries related to SOC2, ISO27001, GDPR, risk management, and other security controls.
- Support Sales during enterprise deals, renewals, and escalations by providing security related information.
- Participate in customer meetings to share evidence of security controls.
- Maintain standardized responses, evidence, and customer-facing security documentation.
- Collaborate frequently with Product, Technology, Legal, and other Cyber SMEs to gather accurate, timely information and validate responses.
- Track ownership, status, and deadlines for assurance deliverables to ensure on-time completion.
- Track and manage control gaps, risks, and remediation efforts.
- Support in the implementation of key security initiatives across the organisation.
- Assist in the development and maintenance of effective measurement and simplified reporting for the Client Assurance program.
- Assist with additional Cyber related projects as needed.
understanding of regulatory and compliance requirements affecting a global business., 3+ years' experience within Cyber Security or related fields. - Experience in a B2B SaaS or a cloud-native environment.
- Demonstrated experience working in a highly cross-functional environment.
- Strong knowledge and experience with Industry Frameworks and Standards such as NIST CSF, and ISO 27001.
- Knowledge of the Dow Jones B2B products (Risk & Compliance, Factiva, Newsplus) is a bonus.
- Good working knowledge of Cloud infrastructure, preferably AWS.
- Strong oral and written communication skills with the ability to translate technical security concepts into clear, customer-friendly language.
- Qualification in Information Security, Computer Science, Engineering or similar.
- Professional security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar are preferred.