GRC Officer

About the Role

We are looking for a hands-on
GRC Officer
to support and mature our Information Security Management System (ISMS) in line with
ISO27001:2022
. You will work closely with the Information Risk & Governance Lead to ensure our governance, risk, and compliance processes operate effectively across the full PDCA cycle.

This is a great opportunity for someone who enjoys structured governance work, documentation quality, compliance follow-up, and collaborating with stakeholders across a complex technology environment.

What You Will Do

• Create, maintain, and update ISMS documentation
  aligned with
  ISO27001:2022
  .
• Execute and follow up on ISMS activities
  across the full PDCA lifecycle.
• Support compliance processes
  , including exceptions management and control activity follow-up.
• Assist with our GRC tool
  , focusing on configuration, monitoring, and maintaining compliance modules.
• Collaborate with internal stakeholders to gather inputs, clarify requirements, and ensure alignment with security governance standards.
• Provide clear updates, track actions, and support audit readiness.

What You Bring

• 3+ years' experience
  with ISO27001 implementation, maintenance, or audit.
• Strong understanding of
  ISMS governance
  , compliance processes, risk management basics, and control frameworks.
• Ability to work
  independently
  , communicate effectively, and facilitate discussions with both technical and non-technical stakeholders.
• Strong
  documentation, organization, and follow-up skills
  .
• Tech-savvy and comfortable using tools such as Excel, GRC platforms, or workflow systems.

Nice to Have

• ISO27001:2022 Lead Implementer certification.
• Familiarity with UCB's digital technology operating model, stakeholders, or ways of working.