About the Role
We are looking for a hands-on
GRC Officer
to support and mature our Information Security Management System (ISMS) in line with
ISO27001:2022
. You will work closely with the Information Risk & Governance Lead to ensure our governance, risk, and compliance processes operate effectively across the full PDCA cycle.
This is a great opportunity for someone who enjoys structured governance work, documentation quality, compliance follow-up, and collaborating with stakeholders across a complex technology environment.
What You Will Do
* Create, maintain, and update ISMS documentation
aligned with
ISO27001:2022
.
* Execute and follow up on ISMS activities
across the full PDCA lifecycle.
* Support compliance processes
, including exceptions management and control activity follow-up.
* Assist with our GRC tool
, focusing on configuration, monitoring, and maintaining compliance modules.
* Collaborate with internal stakeholders to gather inputs, clarify requirements, and ensure alignment with security governance standards.
* Provide clear updates, track actions, and support audit readiness.
What You Bring
* 3+ years' experience
with ISO27001 implementation, maintenance, or audit.
* Strong understanding of
ISMS governance
, compliance processes, risk management basics, and control frameworks.
* Ability to work
independently
, communicate effectively, and facilitate discussions with both technical and non-technical stakeholders.
* Strong
documentation, organization, and follow-up skills
.
* Tech-savvy and comfortable using tools such as Excel, GRC platforms, or workflow systems.
Nice to Have
* ISO27001:2022 Lead Implementer certification.
* Familiarity with UCB's digital technology operating model, stakeholders, or ways of working.