Information Security Governance, Risk and Compliance Specialist
GWI
Posted about 2 hours ago
Location: London, UK
Weekly office requirement: Hybrid β 2 days per week
Employment type: Permanent
Seniority level: Mid-Senior
At GWI we're always looking for extraordinary people who thrive on making an extraordinary impact. Right now we're looking for an Information Security GRC Specialist to play a key role in our Legal team in London. If that's you, and making a difference gets you out of bed in the morning, keep reading. It could be the start of something, well, extraordinary.
Sounds great, what will I be doing? π€
As our Information Security GRC Specialist you'll play a pivotal role in shaping the future of security compliance at GWI. Reporting into our General Counsel and working closely with our Information Security, Product, and Technology teams, you'll own our compliance posture across security frameworks, vendor risk, and client-facing security requirements β while building a security-conscious culture across the business.
A few things you'll be responsible for:
π Own and maintain GWI's ISO 27001 certification and compliance across relevant security frameworks, keeping our posture sharp as the threat landscape evolves.
π Develop, implement, and maintain information security policies and procedures aligned with industry best practices.
π Lead vendor risk management and client security assessments β including responding to client security questionnaires and onboarding requirements.
π Build and maintain GWI's security trust portal, showcasing our credentials to clients and stakeholders using tools such as Drata or Vanta.
π Drive security awareness across the business through training programmes and internal communications that promote a strong GRC culture.
It's also fun; shaking things up is what working for GWI is all about. You'll need to be flexible, comfortable with continuous change, and working in a high-tempo environment.
What do I need to bring with me? π§³
You'll need to be able to demonstrate the core skills this role requires. You don't have to tick all the boxes right away; the important thing is that you're willing to learn. Here's what the team will be looking for in you:
π In-depth, practical experience obtaining and maintaining ISO 27001 certification, with solid knowledge of frameworks such as NIST β typically 3β5 years in an information security compliance role, though other experience levels will be considered.
π Proven ability to develop and maintain security policies and procedures that align with industry best practice.
π Experience conducting vendor security assessments and managing client security onboarding requirements, balancing risk against commercial objectives.
π Hands-on experience building or maintaining a security trust portal; familiarity with tools such as Drata or Vanta is a plus.
π Knowledge of SaaS and AI environments, with experience implementing and managing cloud security best practices.
π Strong communication skills β able to translate complex GRC topics into clear internal guidance and keep the wider business informed and engaged on security matters.
Equally important is attitude. We want people who think big (to make an impact), ask why (to find a better way), and show respect (to everyone, at every level, all the time). Those are our values, and they're a big part of what we're looking for in you.
What We Offer π§
At GWI, youβll find meaningful work, visible impact, and a culture that empowers you to do your best. Our package includes:
- Time to recharge β 25 daysβ annual leave, plus office closures over the holidays.
- Health & wellbeing β Health cash plan, enhanced family benefits, carer days, and mental health support.
- Financial benefits β Competitive salary, 4% pension matching, and recognition programs that celebrate success.
- Flexibility & balance β Flexitime, early Friday finishes, hybrid and remote options, plus a βwork from homeβ budget.
- Career growth β Accredited learning, leadership development, and global career mobility.
- Community & impact β DE&I initiatives, volunteering opportunities, donation matching, and payroll giving.
Put all that together and GWI is the friendliest, most fulfilling place any of us has ever worked.
Diversity, Equity & Inclusion π«Ά
Diversity is fundamental to who we areβboth as a data company and as a workplace. Our data reflects global realities, and so must our teams. We strive to ensure our workforce is as diverse and inclusive as the insights we provide to our clients.
As a Disability Confident employer, we welcome applications from disabled candidates and are committed to providing all necessary adjustments during the hiring process. We also actively encourage applications from underrepresented and marginalized communities.
At GWI, you will find a place where you can contribute meaningfully, grow professionally, and belong fully.
#li-hybrid
#LI-NIKOSSS1
