Governance, Risk & Compliance (GRC) Analyst

Sunderland - hybrid - Perm

Some roles sit in tech. Some sit in compliance. This one sits right in the middle.

We’re looking for someone who can confidently bridge both worlds, understanding the technical detail while translating it into clear, practical guidance across the business.

This role has opened up due to an internal promotion, something we love to celebrate at tombola as part of how we grow and develop our people.

We’re on the lookout for a Governance, Risk & Compliance (GRC) Analyst to join our friendly and growing InfoSec team here at tombola.

You’ll be joining a collaborative team of security-minded professionals along side our Operational Security, Offensive Security and IT Support Teams. We take what we do seriously, but we don’t take ourselves too seriously.

What you’ll be doing

This is a key role where you’ll sit right at the heart of how we balance security, compliance and innovation.

You’ll be helping us shape and deliver an effective technical compliance framework, making sure we maintain a strong security posture while still moving at pace as a business.

Working closely with technology teams, compliance, and stakeholders across tombola, you’ll help identify, assess and manage technology and security risks.

A big part of your role will be translating complex technical and regulatory requirements into something meaningful and actionable for different audiences across the business.

You’ll also:

• Support the ongoing development and improvement of our ISMS, policies, standards and processes
• Lead and support audits, working with external partners and Group teams
• Help ensure our platforms and games meet both local and international regulatory requirements
• Act as a key point of contact between InfoSec and the wider business, building strong relationships and driving the right outcomes

What we’re looking for