Sign in to auto-apply
Stillingsbeskrivelse
Security Risk & Compliance Analyst
The Security Risk and Compliance Analyst is the operational engine of AutoStore's Technology Risk and Compliance function, turning frameworks and policies into working processes, maintaining the evidence base for assurance activities, and keeping the compliance position current and visible.
Control Assurance and Audit
- Maintain control documentation, ownership records, and evidence in line with the framework owned by the SRCP.
- Coordinate IT General Controls (ITGC) and Internal Control over Financial Reporting (ICFR) requirements.
- Own the operational management of the risk exception and control deviation process.
Third Party Assurance & Reporting
- Execute the supplier assurance programme, maintaining the supplier risk register.
- Contribute timely, structured data to the SRCP’s dashboards and reporting outputs.
AI Governance and Support
- Support the SRCP in the operational delivery of AutoStore's AI governance programme.
- Monitor the AI obligations inventory and flag where new tool adoptions or regulatory updates affect compliance.
- Apply AI-assisted tools across day-to-day GRC work.
Security Education & Awareness
- Lead the design and delivery of AutoStore's security and privacy awareness programme.
- Develop and maintain metrics that measure genuine behavioural change.
Krav
- You must have experience in a compliance, GRC, risk, or information security role with hands-on operational delivery responsibilities.
- You should be familiar with control frameworks, including documenting, evidencing, and testing controls, and supporting audit activities.
- You must possess strong organisational skills with the ability to manage multiple concurrent workstreams.
- You need clear written communication skills to translate compliance requirements into plain-language guidance.
Ferdigheter
GRC (Governance, Risk, and Compliance)Information SecurityControl Frameworks (e.g., ISO 27001)Audit SupportAI GovernanceSecurity Awareness TrainingRisk AssessmentIT General Controls (ITGC)
Erfaring
mid-level