Senior Analyst - Information & Cyber Security (GRC)

  • Coventry Building Society
  • Hybrid (Coventry, UK)
  • 04/03/2024
Full time Data Engineering Business Intelligence Software Engineering Cybersecurity

Job Description

About the role

Coventry Building Society has a new role for a Senior GRC Analyst, to lead the day-to-day information security risk activities and support the Society’s Security frameworks.

This role will oversee the implementation of information security policy, procedures and standards across the Society and, importantly, its third parties. Engaging within the Society’s business areas to provide support and guidance, whilst undertaking security reviews relating to supplier risk management.

As a senior member of the Information Security Team, you will be empowered to work under your own initiative and make key risk-based security decisions to help deliver proactive, pragmatic and risk-informed security.


Our benefits include:

  • 28 days holiday a year plus bank holidays and a holiday buy/sell scheme
  • Annual discretionary bonus scheme
  • Personal pension with matched contributions Life assurance (6 times annual salary)

Find out more about the fantastic benefits of joining Coventry Building Society here.

Role closure

We do reserve the right to close this advertisement early if we receive a high volume of suitable applications.

About you

We are looking for someone who is passionate about security and wants to be part of an innovative forward-looking team. You’ll have experience in regulated industries and enjoy leading and sharing your knowledge to support business change.

In order to be a success in this role and the team, we require people who are experts in security technologies, governance and assurance; and who also have a drive for change and continuous improvement.

You’ll also have experience and be confident in:

  • You’ll have recognised Information Security risk experience, working in a regulated environment, preferably UK Financial Services.
  • You’ll have experience of delivering risk assessments, assurance reports and reporting risk to Senior Management and Committees. Along with a demonstratable understanding of Information Security control standards and frameworks including ISO27001, NIST, GDPR, Cyber Essentials and PCI-DSS
  • With experience assessing and managing Third Party Risk, implementing security controls in the Cloud and have proven analytical and problem-solving skills.
  • You’ll have the ability to articulate technical risks to non-technical audiences, with excellent communication skills and able to effectively communicate through to Senior Management and the Executive.
  • Desirable certifications; CISM, CISSP, CRISC, ISO 27001 lead implementor/ auditor.
About us

As a mutual, we’ve always worked together to improve the lives of others. As one of the largest building societies in the UK, over 3,000 of us share that goal, in our branches and Head Office. Our benefits go beyond basic pay, with a discretionary bonus scheme, a culture of reward and recognition and total support for our wellbeing.

We’re serious about race, age, faith, disability, sexual orientation, and equity for all. By being yourself, you’ll make us stronger.

You can build so much more than a career. Come and make a difference in our Society, that’s been voted a ‘Great Place to Work’ by our team.

Flexibility and why it matters

We understand the need for flexibility, so wherever possible, we’ll consider alternative working patterns. Have a chat with us before you apply to see what the possibilities are for this role.