Position Overview

Senior Governance, Risk and Compliance (GRC) Analyst – London. Hybrid work arrangement: 3 days in office.

Responsible for supporting and maintaining the News UK Cyber GRC Program, collaborating with the BISO and central GRC function. Tasks include developing and maintaining cybersecurity policies, standards, guidelines and processes to ensure compliance and effective risk management.

Responsibilities

• Work with key internal and external stakeholders to ensure compliance with PCI DSS, Privacy and GDPR, and related audit and assessment requirements.
• Assist in risk assessment processes and report on enterprise‑wide and third‑party security controls.
• Support implementation of key security initiatives across the organisation.
• Support management of audits, external assessments and assurance processes, including PCI DSS and NIST CSF.
• Develop and manage meaningful metrics to measure and tra...