Compliance Analyst, IT​/Tech

IT Governance, Risk & Compliance (GRC) Analyst

Location:

Norwich (Hybrid - 60% on-site)

Salary: £38,784 - £46,049 + Excellent Benefits

Contract:

Permanent

REED Technology is supporting a leading organisation in recruiting an experienced Governance, Risk & Compliance Analyst. This role strengthens governance frameworks, manages IT and cyber risk, and ensures compliance with internal policies and UK regulatory standards.

You will work closely with senior stakeholders and collaborate across IT and business teams to embed a culture of accountability and risk awareness. It is a fantastic opportunity to shape processes, influence tool selection, and contribute to the development of a growing security programme.

• Develop and maintain GRC processes, policies, and procedures.
• Ensure compliance with UK-centric frameworks and standards, including PCI‑DSS and Cyber Essentials Plus.
• Support internal audits, risk assessments, and governance reviews.
• Assist with new product reviews and collaborate on secure‑by‑design principles.
• Communicate GRC matters effectively to technical and non‑technical stakeholders.

• Minimum 2 years’ experience in Governance, Risk & Compliance roles.
• Hands‑on experience with PCI‑DSS and Cyber Essentials (ideally having completed these processes more than once).
• Strong understanding of UK regulatory frameworks and internal policy compliance.
• Experience conducting audits and risk assessments.
• Excellent communication and stakeholder engagement skills.

• Familiarity with NHS DSPT.
• Exposure to GRC tools (e.g., Archer, Service Now) and ability to recommend solutions.
• Knowledge of SOP/playbook creation and post‑incident reviews.
• Relevant certifications such as CRISC, CISM, CISSP, ISO 27001 Lead Auditor.

If you have the relevant skills and experience for the role outlined above, please apply using the link provided.

You must have full rights to work in the UK. A relocation package is available for this role.