GRC Analyst

La Fosse have partnered with a well-known tech company in the Cambridge area. They are looking for a senior GRC contractor to come in and shape frameworks to drive faster decisions whilst reducing enterprise and supplier risk.

What they’re looking for

Strong experience in asset governance, including classification and control assurance for business-critical systems.

Skilled in third-party risk management assessing supplier security, reviewing contracts, and supporting customer due diligence processes.

Proven ability to lead risk assessments and control reviews, with hands-on experience integrating findings into ServiceNow IRM or similar GRC platforms.

Track record of identifying and remediating control failures, managing policy exceptions, and following through on audit findings.

Experience building scalable, automated workflows to improve audit readiness and reduce manual effort in GRC functions.

Deep understanding of control frameworks (NIST CSF, ISO 27001, SOC 2)

Ability to hit the ground running and proven track record of working in dynamic fast paced environments.

This role is initially a 6 month contract, hybrid with 2 days a week in office in Cambridge. Candidates must have the right to work in the UK. Day rate is between £500–£550 inside IR35.