Skip to main content

GRC Risk Analyst

Job ID 2024-10650 Date posted 11/11/2024 Location Cambridge, United Kingdom Category Security
Apply

Job Overview:

The GRC Risk Analyst will be responsible for identifying, analysing and influencing the management of Enterprise IT (EIT) and Enterprise Security (ES) risks.

Responsibilities:

- Support internal and external partners on matters of risk assessments, security controls, and framework requirements. Ensuring security and compliance requirements are understood.

- Coordinate EIT responses to regulatory inquiries and audits, making sure Arm is compliant.

- Support EIT business continuity management (BCM) needs. Operationalizing and assuring a capability of safeguarding our services and operations in the face of disruption and disaster. Further, to mature this capability to put us on a firm path to becoming operationally resilient.
- Ensuring continuity and recovery plans are detailed, approved, tested, and maintained by asset owners and custodians.

- Develop tactical and positive relationships within the business, partners and vendors.

- Develop Standard Operating Procedures (SOP) to detail procedures for risk assessments, third party assessments, and business process workflows for Security Governance, Risk, Resilience and Compliance.

- Ensure that fundamental information on accountable technology is accurate (e.g. KB Articles / process maps / training documents and presentations / RACI / Contract information).

- Identify and raise risks, threats and vulnerabilities of technology security matters. Working with risk owners to shepherd the risks to conclusion where possible.


Required Skills and Experience:
- Experience in conducting internal security assessments and reviews, articulating and documenting information security risks.

- Strong familiarity with security standards, and audit requirements including NIST CSF, 800-53, ISO 27001, PCI DSS, and SOC 2 Type 2 reports

- BCM programme governance - the development and maintenance of a strategy and enabling governance framework, ideally ISO22301 aligned. 
- Interpersonal skills are required to interact effectively within the Enterprise Security group, customers and vendors at a tactical level.
- Agile, self-starter and can prioritise quickly and effectively. Contributes through the quality, accuracy and timeliness of the tasks/services provided by self, and quality control of work provided by others.

“Nice To Have” Skills and Experience:
- Hands on experience implementing security within public cloud services (AWS, Azure, Google).
- Demonstrates a good understanding of the variety of technical security control concepts, procedures and systems (e.g., Email Security, AV, EDR, Firewalls).
- Security qualifications i.e., CISSP, CISM.
- Good familiarity with other Enterprise Security organization (can identify which team fulfils which roles) and a solid grasp of ITIL processes!

In Return:

You will be a key person to help our leaders focus on the risk that truly matters. This is a global role with responsibility for responding to information security needs across the entire Arm corporation!

#LI-JW

Accommodations at Arm

At Arm, we want our people to Do Great Things. If you need support or an accommodation to Be Your Brilliant Self during the recruitment process, please email accommodations@arm.com. To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process.

Hybrid Working at Arm

Arm’s approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team’s needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.

Equal Opportunities at Arm

Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don’t discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Life at Arm

  • Culture at Arm
    Culture at Arm

    Make an Impact

    We, not I. This belief is at the heart of Arm's company culture and it underscores the culture of collaboration alongside individual accountability in a supportive environment working together for the success of Arm. Across our entire ecosystem, we know that when you're able to be your most brilliant self, you can do great things.
    Read more

  • Diversity, Equity and Inclusion
    Diversity, Equity & Inclusion

    This is Collective Progress

    At Arm, we're committed to inspiring revolutionary ideas in a diverse, equitable, and inclusive environment. Be your most brilliant self, and empower others, via various avenues for active participation – Employee Resource Groups (ERGs), Employee Communities, DEI working groups, and DEI Council.
    Read more

  • Benefits at Arm
    Benefits at Arm

    Benefits Designed for You

    When our employees thrive, so does Arm. Because our teams are so remarkable, we offer remarkable benefits designed to nurture the professional and personal growth of the brilliant people building the future of computing.
    Read more

Jobs for You

  • Staff/Senior Software Engineer - AI Frameworks Develop, deliver and research basic building blocks to make key ML frameworks such as PyTorch performant on Arm-based hardware. Manchester, United Kingdom Machine Learning
  • Full Stack Engineer Identify, implement and test new product features. Ensure our business applications continue to grow and evolve. Maintain the existing stack (Python - Django - Postgres - REST APIs - Angular), while making sure our CI/CD pipelines (Azure DevOps, Terraform) and dataflow performs adequately Cambridge, United Kingdom Software Engineering
  • Principal Verification Engineer Responsible for verifying and testing sophisticated IP such as CPU/GPU/DSP processors with memory controllers and interconnect fabrics. You will ensure all these products work effectively with each other and the software to enable our partners to produce outstanding systems Sheffield, United Kingdom Verification

No previously viewed jobs

No jobs have been saved

Get Job Alerts

Can’t find the job you’re seeking? Register to be notified as soon as new jobs become available. Enter your email, select your preferred job category and/or location, then click Add to set your preferences and Subscribe to create your job alert.

Interested InSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

By submitting your information, you acknowledge that you have read our privacy policy, and consent to receive email communication from Arm.

Join our Talent Community, Unlock Opportunities

Subscribe to receive Arm communications directly to your inbox. Stay connected to be the first to hear about updates from our community and exciting roles that align with your skills.

Join Now