We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Governance, Risk and Compliance (GRC) Analyst at Mindera. Mindera works with a variety of clients across the world to innovate and solve tough technical problems. Our security team enables Mindera to meet a variety of security standards and keep all Minders safe from the bad guys’ hands.. This role primarily involves working within European time zones, requiring a significant overlap with team hours.. Expected travelling time (UK and USA): 0%-15%, varies according to project/client. You will be working with teams across different time zones and locations.. What you'll be up to. . Reviewing our information security policies and processes to keep them current in a changing regulatory landscape;. . Keeping up-to-date with local, national and international regulations regarding information security and data protection to ensure that Mindera is aligned with upcoming requirements;. . Supporting and advising Mindera regarding compliance and risk management;. . Working with teams across the organisation to ensure they align with our global information security requirements;. . Planning and preparing for audits such as ISO 27001 and the UK Cyber Essentials Plus;. . Developing and maintaining processes for third-party security risk management, including due diligence and incident management;. . Maintaining relationships with Mindera’s clients around information security compliance, including answering and reviewing security questionnaires and collecting evidence;. . Developing, facilitating and delivering workshops;. . What we’re looking for. . . Experience. . You know what you’re doing and want to learn more. You have at least 3 years of hands-on experience in the security field preferably working for a technology company;. . . Risk Management. . You will have knowledge of risk management and maintaining a risk register;. . . Security Principles. . You will have a strong understanding of Information Security Principles, to be able to understand and assess threats in a balanced way that is aligned to the business;. . . Compliance audits. . You are familiar with how ISO 27001 and how other audits are conducted, you have already been involved in audits and are confident speaking with an auditor;. . . Information security awareness and education. . You understand that information security is about supporting people to learn through positive engagement not fear. You know how to present information to diverse audiences: from the project manager to the super-techie Rust backend developer;. . . Security Controls. . Demonstrated ability to manage and think through problems. Being able to manage security risks in a dynamic environment;. . . Multitasking. . You need to be able to switch between tasks and be organised in making sure work is progressing;. . . Communication. . You’re a good communicator and are not afraid to ask. English is the main language used at Mindera, so you will be using it a lot, both spoken and in writing;. . . Interpersonal skills. . You will need to interact with a lot of people and be able to demonstrate that you can manage multiple stakeholders and support people to embed security into their work;. . . Mindset. . You can work autonomously and proactively in a distributed organisation. You want to get things done, and done well;. . . Nice to have. . Knowledge of data protection and privacy laws relevant to a technology organisation;. . Company Location: Portugal.