×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Information Security Cybersecurity IT Consultant

Senior InfoSec GRC Specialist

Job in Greater London, London, Greater London, EC1A, England, UK
Listing for: Clearwater Analytics, Ltd
Full Time position
Listed on 2026-01-13
Job specializations:
  • IT/Tech
    Information Security, Cybersecurity, IT Consultant
Job Description & How to Apply Below
Location: Greater London

Senior Info Sec GRC Specialist

Location:

London
Time type:
Full time
Posted:
Yesterday
Job requisition : R6257

Overview

The Senior Info Sec GRC Specialist plays a pivotal role across multiple dimensions. They are instrumental in crafting responses to security inquiries within "request for proposals" (RFPs) and ensuring their prompt delivery. As the initial point of contact for addressing customer security concerns, they actively seek avenues to optimize the efficiency of the security customer engagement process. Moreover, they utilize structured methods and protocols to identify and assess risk, implement pertinent controls, formalize agreements, and diligently follow through on necessary procedures.

Effective communication is at the core of their responsibilities, encompassing the dissemination of strategies, standards, policies, procedures, and awareness campaigns to all business partners. They take purposeful actions to guarantee global business units' compliance with relevant frameworks and conduct comprehensive reviews of proposed vendor engagement terms and conditions. Additionally, they apply the company's risk profile, offer pertinent feedback, and meticulously document any deviations from the established processes.

Responsibilities
  • Assists in the production of response to security questions in "request for proposals" (RFP’s) or customer assessments (Due Diligence Questionnaires)
  • Acts as first point of escalation for security / compliance questions for current and prospective customers
  • Review third party vendors for security and compliance controls; assesses risk based on a given risk assessment framework (Third Party Risk Management / Vendor Assessment)
  • Assists and / or takes the lead in managing / overseeing annual SOC2 & ISO
    27001 audits
  • Contributes in annual Info Sec Policies review / edits / updates and provides considered input
  • Review proposed client engagement terms and conditions and apply the company risk profile, providing the appropriate feedback as to any changes needed and documenting exceptions to the process
  • Assists in the collation of Enterprise Risk, control and mitigation updates, along with KRIs
  • Identifies efficiency improvements in the security customer engagement process
  • Communicates strategies, standards, policies, procedures, communications, and awareness efforts with all business partners
  • Takes actions as directed to ensure compliance of global business units in actions necessary to ensure compliance with applicable frameworks
  • Keeps up to date with evolving regulations and legislation related to privacy and security as they pertain to Clearwater
Requirements
  • Knowledge of SOC2 and ISO 27001 control frameworks
  • Knowledge of risk frameworks and risk management processes
  • Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important
  • Excellent attention to detail and strong documentation skills
  • Excellent verbal, written and interpersonal communication skills
  • Experienced in Atlassian (JIRA) and proficient in Microsoft Office
Experience
  • 7+ years of role-specific experience, preferred
  • Demonstrated experience in owning, managing and responding to Client / Prospect Security Assessments (DDQs, RFPs etc.)
  • Experience working with Third Party Risk Management / Vendor Assessment tasks
  • Demonstrated experience with SOC 1, SOC 2, and / or ISO 27001 audits and monitoring control activities
  • Experience in owning / editing / contributing to Information Security Policies
  • Experience performing or undergoing internal and external audits
  • Experience with compliance, audit, or operations including development of internal controls, policies, and procedures
  • Experience assisting in risk management processes, control frameworks, KRIs
  • Experience communicating technical controls and processes with customers and stakeholders
  • Demonstrated professional application of information security, compliance, assurance and / or other security practices and principles
Diversity Statement

Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. We are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with the job description, we encourage you to still apply! You may be just what we're looking for.

#J-18808-Ljbffr
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search