Save time and effort sourcing top tech talent
hackajob is partnering with Dominos Pizza UK & Ireland to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.
|
Job Title |
GRC Security Analyst |
|
Function / Department |
InfoSec |
|
Location |
Milton Keynes |
|
Reporting To |
Stephen Marsden |
|
Date |
April 2026 |
|
Job Purpose: To primarily support Governance, Risk and Compliance with Supplier Assurance, as well as occasionally the Security Operations team. The role supports the management of information security risk by assessing control effectiveness, validating evidence, and clearly articulating risk in a business‑focused manner.
|
|
Key Responsibilities/Job Tasks: · Assist with daily checks of monitoring systems to ensure they remain healthy. · Provide support to maintain metrics and reporting to ensure the security threats and trends impacting our business are understood and are raised to the Governance, Risk and Compliance team. · Liaising with 3rd party companies to support various day to day aspects of our security systems. · Involvement in third party Supplier Assurance and Security Impact Assessments. · Aid with the development of processes, maintenance, and improvement of runbooks. · Undertake basic risk assessments with supervision and direction. Supports some complex risk analysis as part of a team. · Assist with security education and awareness. · Assist in preparing for and conducting compliance audits. · Take part and assist in running Tabletop Exercises. · Support the delivery of broader security initiatives and projects. · Continual improvement of internal reporting. · Input into policies and standards.
|
|
Financial Scope/Operating Budget/Revenue (P&L) (If Applicable) n/a Please complete if this job has financial responsibility? N/A |
The following sections consist mainly of a series of questions related to specific skills/job requirements. You should focus on the role rather than the individual when considering the most appropriate answer and should base the response on what you consider to be the normal features of the job which are typical of the job and its usual working conditions over the year.
|
SKILLS & JOB REQUIREMENTS |
|
Strategic Responsibility This role has no accountability for setting or inputting into a specific strategy.
|
|
Business Knowledge Working very closely with the Assurance team on third party /supplier assurance and interacting with the wider InfoSec team on various other projects from time to time. To be familiar with third‑party / supplier assurance processes. Required knowledge of penetration test assurance or vulnerability reporting and be able to understand the high-level implications of the results. The role holder will not be required to be hands‑on in operational security tooling but will have to be able to engage effectively with technical teams such as SecOps. |
|
Problem solving The role holder will demonstrate a strong risk‑based assurance mindset, combining technical security knowledge with the ability to assess control effectiveness, challenge evidence, and clearly articulate information security risk in a business context. The role requires straight forward common sense and initiative, combined with clear judgement and is guided mostly by precedents. The ability to work independently is key. |
|
Decision making Make decisions within defined procedures and occasionally outside of established procedures but within a policy framework. |
|
Communication Able to communicate across various levels with the regular exchange of factual information, with influencing skills as an essential requirement of the role. Excellent written communication skills, with experience producing clear, concise, evidence‑based assurance reports, risk statements, and recommendations. Ability to communicate technical or security concepts in plain language to non‑technical stakeholders and confidence presenting findings to colleagues and senior management and providing constructive challenge while maintaining credibility and professional objectivity.
|
|
Innovation Suggest improvements on existing procedures within their areas of operation, including developing and adapting new or existing processes for increased quality/efficiency, continuously searching for improvements in techniques which add value to the business and increases security. |
Please summarise the levels of minimum education, knowledge, skills and experience this position requires (e.g., if you would be recruiting to fill this position, what aspects of background or knowledge would you expect a successful job applicant to have?)
Note: This may differ from the current job holder’s own skills and experience
|
JOB SPECIFICATIONS |
|
|
Degree/Professional Qualification |
· Recognised security qualification (Security +, CySA+ etc) ideal but not essential. |
|
Knowledge |
· Understanding of using Third-Party Risk Management (TPRM) Platforms. · Familiarity working with Identity Governance platforms and processes. · Ideally 3+ years of proven Information Technology experience with a good understanding of infrastructure and experience of Microsoft Azure and O365. · A good awareness of information security best practices |
|
Skills/Ability |
· A team player who is hard working and has self-organisation and time management skills. · Excellent attention to detail. · Strong Analytical and Troubleshooting Skills. · Ability to remain calm under pressure and clearly communicate to all levels of management. · Experience preferred with NIST CSF or similar framework. · The ability to generate reports, from interrogating system data, using Microsoft CoPilot and or PowerShell, not essential but valuable to have. |
|
Job Title |
GRC Security Analyst |
|
Function / Department |
InfoSec |
|
Location |
Milton Keynes |
|
Reporting To |
Stephen Marsden |
|
Date |
April 2026 |
hackajob is partnering with Dominos Pizza UK & Ireland to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.