Filter Results

  • Filter by Pay
  • Filter by Job Type
  • Filter by Working Pattern
  • Filter by Distance From
  • Filter by Industry

Find and Apply for Risk Management Jobs

Get alerts for this search
View Saved Jobs (0)
View Saved Jobs (0)

GRC Analyst – Third Party Risk Management

4784256
Apply Now
Save Job

  • Job type

    Permanent

  • Location

    Birmingham, hybrid

  • Working Pattern

    Full-time

  • Specialism

    Cyber Security

  • Industry

    Travel, Hospitality, Leisure & Tourism

  • Pay

    Up to £50k - 12 month FTC
Share Job

GRC Analyst - TPRM - £50k - B'ham hybrid

GRC Analyst – Third Party Risk Management
Fixed Term Contract, 12 months – £45k - £50k
Location: Hybrid – Birmingham

Your new company:

I am looking to recruit a GRC Analyst, focusing on Third Party Risk Management, to join a leader in the hospitality space, with the role focusing on GRC activities, with a strong focus on information security, privacy, and regulatory assurance across the organisation.

The role responsibilities:

This role focusses on supplier assurance and third-party risk management, ensuring that vendors handling company data or connecting to company systems operate in line with security, privacy, and compliance expectations. Key parts of the role:

  • Conducting and coordinating security and privacy risk assessments for new and existing third-party suppliers.
  • Evaluating supplier controls relating to data protection, information security, data hosting, subcontractor usage, and system access.
  • Cataloguing and maintaining records of data shared with third parties, including purpose of use, information security classification, data sensitivity, and processing location.
  • Ensuring third party data handling arrangements clearly define data retention, archiving, and deletion requirements in line with policies and regulatory obligations.
  • Maintaining third party risk documentation and tracking remediation actions with suppliers and internal teams.
  • Working closely with Vendor Management, Procurement, Legal, Information Security, and IT to ensure supplier risks are identified early and addressed prior to onboarding or renewal.
  • Escalating high risk supplier findings to the IT Licensing & Compliance Manager and relevant stakeholders.

You will need:

  • Strong understanding of GDPR, the UK Data Protection Act, and privacy and security control requirements.
  • Experience working in GRC, information security, data protection, supplier assurance, or a related compliance role.
  • Ability to interpret and assess technical and organisational controls.
  • Strong analytical skills with excellent attention to detail.
  • Confident written and verbal communication skills, able to engage across legal, technical, and operational teams.
  • Experience contributing to incident or breach investigations.
  • Ability to manage multiple competing priorities and constructively challenge established processes.
  • Minimum 3 years’ experience in a relevant role.
  • CIPP/E, CIPM, CompTIA Security+, or BCS Practitioner Certificate in Data Protection, desirable.

What you’ll get in return:

  • Salary of between £45k-£50k
  • Hybrid working
  • Company discounts
  • A pension contribution matched at 1.5x, up to 5%.
  • Private healthcare, dental plan, cycle to work, and keep-fit schemes.
  • 26 days annual leave plus bank holidays.

Get job alerts for this search

Be the first to hear about jobs which match your search criteria