Governance, Risk and Compliance (GRC) is critical to the ongoing success and reputation of the SCC group. The role of GRC Business Analyst will offer the successful candidate an exciting opportunity to work closely with the business across a broad range of activities (projects, business processes, stakeholder advice and strategy) to ensure that key initiatives are designed and implemented effectively.
We are looking for an experienced Business Analyst, ideally with some compliance or governance experience, who is able to manage multiple initiatives at once and is able to both gather and convey requirements and findings to different stakeholders clearly and accurately.
We offer the opportunity to work in a challenging and fast paced environment, working on a subject matter that is key to the ongoing success of the SCC Group of companies.
You will be a key member of the Governance, Risk and Compliance (GRC) function and will be expected to work closely with Data Protection, Business Continuity, Business Improvement, Cyber Assurance and Internal Audit disciplines, who are also part of the GRC function.
The GRC team are responsible for developing and implementing procedures and policies to ensure compliance with legal, regulatory and contractual obligations.
Main Duties of the Job:
The GRC Business Analyst will report directly to the Data Protection Manager but will also have a close working relationship with the Head of Business Improvement. They will work with them to define, coordinate and support certain key initiatives within their remits. These initiatives will initially be focussed on compliance with data protection regulation, business continuity and risk management which will involve interaction with stakeholders across the entire business to support key initiatives through their whole lifecycle.
• Support the key GRC initiatives through their entire lifecycle. In particular:
o Compile GRC requirements and articulate these to both technical and business stakeholders, whilst reacting appropriately to their responses and challenges.
o Assist in incorporating these requirements to project and solution designs.
o Support in the implementation of the initiatives.
o Report on progress of the initiatives, highlighting key risks
o Prepare and maintain appropriate documentation
• Liaise between multiple GRC disciplines as well as business stakeholders to ensure all in-flight initiatives are coordinated and all perspectives are incorporated.
• Review and analyse existing processes and practices and help to identify risks and solutions.
• Track and manage progress of all in-flight GRC initiatives
The role is based at the James House location in Birmingham but may require occasional travel to customer sites and other SCC Group locations, which may include international travel.
Skills, Knowledge and Experience:
• Experienced Business Analyst with at least 5 years relevant work experience (ideally in a governance, risk or compliance related activity)
• A confident communicator, with experience of liaising with multiple, varied stakeholders and fielding their queries
• Excellent communication and presentational skills, both verbal and written
• Excellent analytical and problem solving skills
• Ability to interpret legislative and compliance-driven requirements, assess the impact on the wider business and input to appropriate solution designs
• Considerable experience in a managed project environment, so a familiarity with project structure and project management principles
• Extensive experience in gathering and also interpreting both requirements and data/responses
• Experience of conducting gap analyses
• Experience of communicating and working within multi-disciplined teams
• Work well under pressure, well organised, prioritise tasks to manage deadlines and be a self-motivated team player
• The ability to work independently and take ownership of key tasks
• An interest in business efficiency and best practice
• Proficient in MS Office (including Visio)
• To have SC security clearance or be able to undergo the process of SC clearance.
• Experience working in a governance, risk or compliance related business area
• Knowledge of data protection legislation (ideally GDPR or DPA ’18). Practical business application of this would be a real bonus.
• Knowledge of risk management frameworks and standards and their application
• Knowledge of business continuity and disaster recovery frameworks and standards, including Business Impact Analysis tools and techniques and their application