Back to jobs
New

Security Governance, Risk & Compliance Analyst

London, England, United Kingdom

Who we are:

For over 25 years, Global Relay has set the standard in enterprise information archiving with industry-leading cloud archiving, surveillance, eDiscovery, and analytics solutions. We securely capture and preserve the communications data of the world’s most highly regulated firms, giving them greater visibility and control over their information and ensuring compliance with stringent regulations.

Though we offer competitive compensation and benefits and all the other perks one would expect from an established company, we are not your typical technology company. Global Relay is a career-building company. A place for big ideas. New challenges. Groundbreaking innovation. It’s a place where you can genuinely make an impact – and be recognized for it.

We believe great businesses thrive on diversity, inclusion, and the contributions of all employees. To that end, we recruit candidates from different backgrounds and foster a work environment that encourages employees to collaborate and learn from each other, completely free of barriers.

Your Role

 

As a Governance, Risk & Assurance Analyst, you execute governance, risk management and compliance activities that support Global Relay’s security program. Reporting to the Team Lead, Governance Risk & Compliance, you perform assessments, control testing, analysis, and reporting activities that provide visibility into security risks, control effectiveness, and compliance obligations.

You work closely with stakeholders across Security, Engineering, Operations and business teams to identify risks, assess controls, track remediation activities, and support assurance initiatives.

 

Your Job

  • Perform security and technology risk assessments and document findings, recommendations, and remediation activities.
  • Conduct independent testing and validation of security control design and operating effectiveness.
  • Execute control testing and continuous assurance activities in accordance with established methodologies.
  • Support risk assessments, governance reviews and assurance activities across security, technology, and AI-enabled solutions.
  • Assist in evaluating controls, governance processes and risk management practices associated with emerging technologies, including AI.
  • Maintain and update security risk registers, issue logs, and remediation tracking activities.
  • Support internal and external audits, certifications and assurance reviews through evidence collection and coordination.
  • Perform third-party security assessments and vendor reviews.
  • Collect, analyze, and report security metrics, risk indicators, and assurance results.
  • Support governance forums through reporting, action tracking, and documentation.
  • Assist with the development and maintenance of policies, standards, procedures, and control documentation.
  • Track audit findings, control deficiencies, and risk treatment activities through to resolution.
  • Collaborate with business and technology stakeholders to evaluate risks and strengthen controls.
  • Identify opportunities to improve governance, risk, and compliance processes.

 

About You

  • 3–5 years of experience in cybersecurity, governance, risk management, audit, or compliance.
  • Experience performing risk assessments, control reviews, assurance activities, or audits.
  • Understanding of security frameworks such as ISO 27001, SOC 2, NIST and CIS Controls.
  • Familiarity with emerging technology and AI-related risks, including associated security, privacy and operational considerations.
  • Strong analytical and problem-solving skills.
  • Experience collecting, analysing, and reporting security-related information.
  • Ability to communicate effectively with technical and non-technical stakeholders.
  • Strong organizational, documentation and time management skills.
  • Experience in SaaS, cloud or technology environments is considered an asset.
  • Certifications such as Security+, CISA, CRISC, CGRC or equivalent are preferred.

Global Relay is unable to offer visa sponsorship for this position. Candidates must have the right to work in the UK at the time of application.

What you can expect:

At Global Relay, there’s no ceiling to what you can achieve. It’s the land of opportunity for the energetic, the intelligent, the driven. You’ll receive the mentoring, coaching, and support you need to reach your career goals. You’ll be part of a culture that breeds creativity and rewards perseverance and hard work. And you’ll be working alongside smart, talented individuals from diverse backgrounds, with complementary knowledge and skills.

Global Relay is an equal-opportunity employer committed to diversity, equity, and inclusion.

We seek to ensure reasonable adjustments, accommodations, and personal time are tailored to meet the unique needs of every individual.

To learn more about our business, culture, and community involvement, visit www.globalrelay.com.

Create a Job Alert

Interested in building your career at Global Relay? Get future opportunities sent straight to your email.

Apply for this job

*

indicates a required field

Phone
Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf


Select...
Select...
Select...
Select...

Note: there is an expected minimum of 2-3 days p/week of working in office (potentially more, depending on the role). This is not a fully remote work opportunity.

Select...
Select...
Select...
Upon submission of your application, the personal data contained in your application will be collected by Global Relay Communications Inc. (“Global Relay” or “Controller”), whose headquarters are located at 220 Cambie Street, 2nd Floor, Vancouver, BC, Canada, V6B 2M9. Global Relay can be contacted at (604) 484-6630. Global Relay’s data protection officer is Laurence Lafond, who can be contacted at privacy@globalrelay.net.
Your personal data will be processed for the purposes of managing Global Relay’s recruitment related activities. This includes organizing and conducting interviews, assessing your suitability for the role, organizing and conducting tests (as applicable) and evaluating the results of such tests, and other processing activities that Global Relay deems necessary in the recruitment and hiring process. This processing is permitted under Article 6(1)(f) of Regulation (EU) 2016/679 (GDPR) and Article 6(1)(f) of UK General Data Protection Regulation for the purpose of Global Relay’s legitimate interests, which include growing the business and recruiting and hiring personnel best suited for roles at Global Relay. Further information on our legitimate interests may be available upon request. If you are applying for a role in the UK and Global Relay processes personal data relating to criminal offences or convictions under Article 10 of GDPR and UK GDPR, Global Relay will do so on the condition of “consent” as permitted under Section 29 of Schedule 1 of the Data Protection Act, 2018 (c.12). Global Relay may utilize automated decision and profiling tools, such as Predictive Index, to assist in determining whether a candidate is suitable for a particular role. Failure by an applicant to provide personal data required by Global Relay for the recruitment and hiring process may result in the applicant being removed from consideration for the role.
Global Relay is headquartered in Canada. Accordingly, upon submission, your personal data will be transferred to Canada, which is considered by the European Commission to provide adequate protection for the collection of personal data from EU data subjects. Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controller’s behalf, and may be shared with other third party service providers to the extent necessary for the assessment of candidates, to conduct tests for applicants or perform other due diligence necessary in the recruitment process (including, for example, credit checks or criminal offence checks). Where personal data is transferred to counties that are not considered to provide adequate protection by the European Commission (e.g. the United States), the transfer of your personal data to third parties in those countries will be transferred under additional safeguards permitted under GDPR, such as Standard Contractual Clauses.
If you are rejected from a role your personal data will be retained by Global Relay, by default, for 365 days from the completion of your submission for a particular role. Under the GDPR, you have the right to data portability, to request access to your personal data, to request that your personal data be rectified or erased, to request that processing of your personal data be restricted, and the right to object to processing. You also have the right lodge a complaint with an EU supervisory authority. To the extent that you have questions or concerns about your personal data, please reach out to privacy@globalrelay.net.

UK Diversity & Equality Survey

STRICTLY CONFIDENTIAL

Global Relay is committed to promoting equality, diversity and inclusion. To help ensure our processes are fair and accessible to everyone, we ask applicant to complete this voluntary monitoring form.

Global Relay’s policy is to ensure that no job applicant or employee receives less favourable treatment or is discriminated against under the Equality Act 2010. The protected characteristics under this act are (in no particular order): age, disability, gender reassignment, marriage and civil partnership, pregnancy or maternity, race, religion or belief, sex and sexual orientation.

Completing this form is voluntary. The information provided will be kept confidential. The information is going to be used to help us understand the diversity of our organisation.

None of the information you provide will be linked to your application.

Protecting your Data

Any information provided will be used only to help us monitor equality and diversity. It will be treated confidentially and reported in an anonymous, statistical format.

For more information about how we handle personal data and your rights, please refer to our Privacy Statement available on our website. 

Select...
Select...
Select...
Select...
Select...