Job Description

Governance, Risk & Compliance Analyst - 50,000 - 60,000 - Permanent

Join us and be part of a mission-driven, independent publisher. You'll work with a diverse group of people who share a passion for empowering researchers, educators, and institutions to shape the future.

About Sage:

Sage is a global academic publisher of books, journals, and library resources with a growing range of technologies to enable discovery, access, and engagement. Believing that research and education are critical in shaping society, Sara Miller McCune founded Sage in 1965. Today, we are controlled by a group of trustees charged with maintaining our independence and mission indefinitely.


Our guaranteed independence means we're free to:

Do more

- supporting an equitable academic future, furthering disciplines that drive social change, and helping social and behavioural science make an impact

Work together

- building lasting relationships, championing diverse perspectives, and co-creating resources to transform teaching and learning

Think long-term

- experimenting, taking risks, and investing in new ideas

About our Team

Our team is committed to improving our security posture and ensuring strict adherence to regulatory standards. We play a key role in maintaining compliance, reducing risk, and improving control maturity across the enterprise. By working closely with the security, technology, and business teams, we successfully implement world-class governance frameworks.

Could you be our Governance, Risk & Compliance (GRC) Analyst? Are you?

Experienced in GRC, IT audit, or risk management roles. Familiar with NIST CSF, 800-53 and ITGC principles. Certified in CISA, CRISC, CISM, CISSP or do you possess equivalent experience. Skilled in risk assessments, security audits, and vendor reviews? Knowledgeable about Microsoft/Azure cloud security and enterprise IT? Using GenAI and Agentic AI to automate and enhance GRC practices A skilled communicator with the ability to express ideas and messages and excellent documentation and reporting skills? Able to build strategic relationships across teams and locations?

Your new role:

You'll elevate our security measures and drive continuous improvement by conducting detailed risk evaluations and developing strong control structures.

+ Conduct technology and security risk assessments to identify and mitigate threats. + Maintain information security aligned with NIST 800-53 and other relevant frameworks.
+ Support policy and standard development to ensure regulatory alignment.
+ Complete technical control audits and validating their efficiency.
+ Prepare actionable audit reports for leadership and risk committees.
+ Partner with departments to implement risk treatment plans successfully.

Overview of benefits:

25 days annual leave (plus bank holidays) with 2 additional floating personal days. Hybrid working up to 2 days per week in office and a home working allowance. Life assurance, income protection, and travel insurance. Private medical cover and access to the company doctor. Tuition scheme and support for pursuing professional qualifications, including access to Sage books and journals. Variety of snacks and beverages available in the office. Healthy lifestyle reimbursement and anniversary trips. Access to Company loans (season ticket loan, rental deposit loan, cycle loan).

We're a Disability Confident Employer (Level 1).

If you'd like to apply under this scheme, please let us know in your application.


We're committed to making our recruitment process accessible and inclusive. If you'd like to request reasonable adjustments, please email humanresources@sagepub.co.uk. Please note we only accept applications via email if an adjustment has been agreed.

Closing date for applications: Tuesday 5th November 2025

To ensure we can give each application the attention it deserves, we may consider bringing the closing date forward. Therefore, we encourage you to submit your application as soon as possible to ensure it is considered.

Diversity, Equity, and Inclusion

At Sage, we are committed to building a diverse and inclusive team and to sustaining a culture that celebrates diversity, encourages authenticity, and builds a deep sense of belonging. We encourage applications from all members of society irrespective of age, disability, sex or gender identity, sexual orientation, colour, race, nationality, ethnic or national origin, religion, or belief as crafting value through diversity is what makes us strong.