Information Security Governance Analyst

Job Purpose

Serve as an Information Security Professional as an Information Security Governance Analyst, protecting TechnipFMC information security throughout the system lifecycle. 

The Information Security Governance Analyst supports the IT compliance program within the Information Security organization. This support includes but is not limited to Sarbanes Oxley (SOX), SOC 2, ISO 27001, ISO 42001, NIST, questionnaires, audits and assessments from 3rd parties, clients and partners assessing the TechnipFMC’s regulatory compliance status.

Job Description

• Audit & Assessment Support
  • Supports internal/external audits and controls testing.
  • Triages, assigns, and tracks requests for information.
  • Gathers, evaluates, and uploads evidence; resolves gaps with SMEs.
  • Perform quality checks on audit evidence before submission.
  • Manages audit schedules and status trackers.
  • Monitors control testing progress and track failed tests.
  • Assists with customer assessments and questionnaires.
  • Maintains Audit Findings List and Corrective Action Log
  • Reports audit findings and evidence status to GRC management.
• Governing Document Management
  • Maintains and updates document status trackers.
  • Monitors and reports document status to stakeholders.
  • Supports document maintenance and updates as needed.
• Program Improvement & Reporting
  • Identifies compliance program gaps and recommends improvements.
  • Maintains GRC metrics, KPIs, and the Risk and Controls Matrix (RCM).
  • Inputs data into the GRC module and publishes GRC-related content
  • Prepares materials for Management Reviews, Compliance Committees and other meetings.
  • Keeps up-to-date compliance dashboards.

You are meant for this job if:

Education Requirements:

• Bachelor’s degree in computer science or related discipline considered as a plus
• Certifications: CISA, Security+, Network+, Azure AZ-900, AZ-500, AWS certification, CEH, etc.

Work Experience:

• Experience in supporting or auditing IT and Information Security compliance programs.
• Strong understanding of compliance regulations (e.g., Sarbanes Oxley 404, PCAOB, PCI, GDPR) and security standards (e.g., ISO 27001, NIST CSF).
• Familiar with IT governance and quality frameworks such as ISO, COBIT, and ITIL.
• Skilled in compliance metrics tracking.
• Proven ability to work effectively in global, matrixed environments.
• Excellent interpersonal, organizational, and communication skills.
• Strong analytical, problem-solving, and critical thinking capabilities.
• Comfortable collaborating across enterprise-scale organizations and building effective working relationships.
• Advanced oral and written communication skills in English.

Skills

What we offer

• My Wealth and Protection: Critical Illness Cover, Income Protection, Life Assurance, Will Writing, Workplace ISA, Group Personal Pension Plan - employer contributions up to 10%. 

• My Health and Wellbeing: Private Medical Insurance, Employee Assistance Programme, Dental Insurance, Health Assessments & Personal Accident Insurance. 

• My Lifestyle: Electric Vehicle Scheme, Cyle2Work, Employee Tech Scheme, Give as You Earn, GymFlex, Holiday Trading, Personal Travel Insurance, Perks at Work. 

• My Workplace: Subsidised Cafe, Branded workwear, Hybrid Working, Flexible Working Arrangements, Enhanced Maternity and Parental leave, Talent/Management and Leadership programmes, Various inhouse training opportunities for your personal development.   

• My Giving: Volunteering opportunities