Governance, Risk, Compliance (GRC) Analyst



IT, Legal
Cambridge, MA, USA
Posted on Tuesday, December 12, 2023

Founded by mathematicians and cyber defense experts in 2013, Darktrace is a global leader in cyber security AI, delivering complete AI-powered solutions in its mission to free the world of cyber disruption. We protect more than 8,400 customers from the world’s most complex threats, including ransomware, cloud, and SaaS attacks.

Our roots lie deep in innovation. The Darktrace AI Research Centre based in Cambridge, UK, has conducted research establishing new thresholds in cyber security, with technology innovations backed by over 130 patents and pending applications. The company’s European R&D center is located in The Hague, Netherlands.

Headquartered in Cambridge, UK, Darktrace has more than 2,400 employees located globally. Customers include public sector agencies, education institutions, media, organizations supplying critical infrastructure, and businesses of all sizes worldwide.

This is an excellent opportunity to join a fast-growing company, named one of TIME magazine’s “Most Influential Companies” for 2021 and one of Fast Company’s “Most Innovative AI Companies” in 2022. For more information on our cutting-edge technology, visit

This is a hybrid role, with a compulsory attendance of 2 days a week in the Cambridge office

In this role you would be one of Darktraces’ resident GRC Analysts, working within the security compliance team. Your responsibilities would include but not limited to:

  • Supporting the day-to-day management of industry recognised information security standards (e.g., ISO 27001, ISO 27018, CE). Supporting of ISMS management within GitLab issues to sustain information security business operations.
  • Supporting the requirement and process for continuous improvement across the business, by leading process for non-conformance capture. To include the identification of information security risks, incidents or regulatory changes.
  • Supporting the management of security-related incidents whereby there is an existential security concern over personnel, assets or infrastructure.
  • Supporting the information security risk management process by identifying, evaluating, treating and monitoring threats to data confidentiality, integrity and availability.
  • Providing a level of security compliance support to the business, engagement with department leads and Darktrace users to ensure security compliance throughout the business.
  • Providing suitable resiliency and redundancy for other Security Compliance team Leads with department workflows (i.e., Certification Management).
  • Evaluating requests for exceptions to policies and security compliance queries, ensuring sufficient mitigating controls are in place.
  • Supporting the management and completion of customer security assessments and queries.

About you:

  • Prior domain-specific knowledge of cyber security and security governance.
  • Awareness of data protection legislation and its application in a practical way.
  • Good communication skills required.
  • Organised and attentive to details.
  • Proactive, self-motivated and team player.
  • Maintain an awareness of the existing and emerging threat landscape.
  • Security or general Technology related certifications would be beneficial.


  • 23 days holiday + a day off for your birthday, rising to 25 (+ birthday) after 2 years
  • All UK public holidays
  • BUPA healthcare with premiums fully paid by Darktrace for employee + eligible family members
  • Salary Sacrifice pension scheme with company contribution of 4% and employee contribution of 5%
  • Life Insurance 4x salary
  • Cycle to work scheme