22 of 22 GRC Jobs in the City of London

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements … activities with the Group Information Security Framework, Cyber Essentials, and PCI DSS attestation. Collaborating with the wider organization to integrate control testing and risk management activities into the existing governance framework. Assisting cross-functional teams and business units in integrating security measures into business operations. Facilitating regular reviews and updates of control and risk management processes to remain effective and … responsive to emerging threats and changes in the organizational landscape. Documenting and visualizing reports for governance forums, providing insights and recommendations to inform decision-making and risk management strategy across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks. Practical experience of implementing NIST CSF More ❯

site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements … activities with the Group Information Security Framework, Cyber Essentials, and PCI DSS attestation. Collaborating with the wider organization to integrate control testing and risk management activities into the existing governance framework. Assisting cross-functional teams and business units in integrating security measures into business operations. Facilitating regular reviews and updates of control and risk management processes to remain effective and … responsive to emerging threats and changes in the organizational landscape. Documenting and visualizing reports for governance forums, providing insights and recommendations to inform decision-making and risk management strategy across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks. Practical experience of implementing NIST CSF More ❯

Information Security Risk and Governance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days/week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity’s most devastating … world-class team at the intersection of biology, AI, and engineering. Role Overview This role offers a unique opportunity to architect and operationalise a best-in-class information security governance framework. Reporting directly to the Chief Information Security Officer (CISO), you will lead strategic efforts to embed security, trust, and regulatory readiness into a platform that supports world-leading biomedical … research and drug design. You will play a pivotal role in aligning data governance, security operations, and compliance within an environment that spans regulated biopharma workflows, cloud-native infrastructure, and AI/ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for More ❯

Information Security Risk and Governance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days/week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity’s most devastating … world-class team at the intersection of biology, AI, and engineering. Role Overview This role offers a unique opportunity to architect and operationalise a best-in-class information security governance framework. Reporting directly to the Chief Information Security Officer (CISO), you will lead strategic efforts to embed security, trust, and regulatory readiness into a platform that supports world-leading biomedical … research and drug design. You will play a pivotal role in aligning data governance, security operations, and compliance within an environment that spans regulated biopharma workflows, cloud-native infrastructure, and AI/ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for More ❯

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform £70–80k base + 10% bonus Hybrid in London Training budget for certifications + conference attendance Strong emphasis on professional autonomy and ethical leadership A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of … required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans Mentorship ability … ready to step up, guide analysts, and model high-integrity InfoSec practice What you’ll be doing: GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays Security awareness & training: manage phishing simulations and content using Proofpoint Security architecture reviews: support More ❯

I’m currently working with a business that is looking to hire a Group Cyber GRC Manager. This is a fantastic opportunity to take ownership of a global cyber GRC function, shaping strategy and driving maturity across a complex, multinational environment. The Role Define and deliver the strategic roadmap for global Cyber GRC. Lead and develop a high-performing team … data-driven insights and dashboards for senior stakeholders. Champion a strong security culture and continuous improvement mindset. What they are looking for: Proven success leading high-performing security or GRC teams. Expertise in cyber risk management, frameworks, and assurance. Strong stakeholder engagement and communication skills. Experience in large, federated, and complex global organisations would be particularly valuable. Certifications such as More ❯

I’m currently working with a business that is looking to hire a Group Cyber GRC Manager. This is a fantastic opportunity to take ownership of a global cyber GRC function, shaping strategy and driving maturity across a complex, multinational environment. The Role Define and deliver the strategic roadmap for global Cyber GRC. Lead and develop a high-performing team … data-driven insights and dashboards for senior stakeholders. Champion a strong security culture and continuous improvement mindset. What they are looking for: Proven success leading high-performing security or GRC teams. Expertise in cyber risk management, frameworks, and assurance. Strong stakeholder engagement and communication skills. Experience in large, federated, and complex global organisations would be particularly valuable. Certifications such as More ❯

level technical design. Platform Strategy & Roadmapping: Develop and articulate ServiceNow platform strategies and roadmaps, identifying opportunities for leveraging out-of-the-box capabilities, integrations, and strategic customizations. Technical Advisory & Governance: Act as a subject matter expert and technical advisor to clients and internal teams, providing guidance on platform capabilities, performance optimization, security, and scalability. Establish technical governance to ensure solution … and implement end-to-end ServiceNow solutions across multiple modules. Deep understanding of the ServiceNow platform architecture, data model, and security framework. Expertise in ServiceNow best practices, including platform governance, performance optimization, and security hardening. Proven experience with large-scale ServiceNow implementations and complex integrations. Strong analytical and problem-solving skills with the ability to articulate complex technical concepts to … both technical and non-technical audiences. Experience with Agile development methodologies. Relevant ServiceNow certifications (e.g., Certified Master Architect, Certified Technical Architect, Certified Application Developer, Certified System Administrator). ServiceNow GRC & SecOps More ❯

level technical design. Platform Strategy & Roadmapping: Develop and articulate ServiceNow platform strategies and roadmaps, identifying opportunities for leveraging out-of-the-box capabilities, integrations, and strategic customizations. Technical Advisory & Governance: Act as a subject matter expert and technical advisor to clients and internal teams, providing guidance on platform capabilities, performance optimization, security, and scalability. Establish technical governance to ensure solution … and implement end-to-end ServiceNow solutions across multiple modules. Deep understanding of the ServiceNow platform architecture, data model, and security framework. Expertise in ServiceNow best practices, including platform governance, performance optimization, and security hardening. Proven experience with large-scale ServiceNow implementations and complex integrations. Strong analytical and problem-solving skills with the ability to articulate complex technical concepts to … both technical and non-technical audiences. Experience with Agile development methodologies. Relevant ServiceNow certifications (e.g., Certified Master Architect, Certified Technical Architect, Certified Application Developer, Certified System Administrator). ServiceNow GRC & SecOps More ❯

processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous control monitoring. Create & execute test plans and participate in client UAT & production migration Manage GRC Use-stories in agile team and lead the iterations from delivery perspective Understand Observables, Indicators of Compromise (IOC) and IoC Look Ups Good to have experience with configuring and implementing … Service-Now GRC Applications/Modules with working knowledge of its built-in capabilities including Plug-ins, Workflows, UI elements, tables, dictionaries, integrations and dependencies. Experience of working on Scripting in ServiceNow. Skills Certified ServiceNow IRM/SecOps administrator/consultant (this is mandatory) Must have concluded at least 1 lifecycle of ServiceNow IRM/SecOps implementation. Experience in JavaScript … API, Web Services Working knowledge of Vulnerability Mgmt. process & tools ISO/CISA/CISM/CISSP/CRICS (preferred) PLATFORM/TOOL EXPERTISE ServiceNow GRC & SecOps More ❯

processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous control monitoring. Create & execute test plans and participate in client UAT & production migration Manage GRC Use-stories in agile team and lead the iterations from delivery perspective Understand Observables, Indicators of Compromise (IOC) and IoC Look Ups Good to have experience with configuring and implementing … Service-Now GRC Applications/Modules with working knowledge of its built-in capabilities including Plug-ins, Workflows, UI elements, tables, dictionaries, integrations and dependencies. Experience of working on Scripting in ServiceNow. Skills Certified ServiceNow IRM/SecOps administrator/consultant (this is mandatory) Must have concluded at least 1 lifecycle of ServiceNow IRM/SecOps implementation. Experience in JavaScript … API, Web Services Working knowledge of Vulnerability Mgmt. process & tools ISO/CISA/CISM/CISSP/CRICS (preferred) PLATFORM/TOOL EXPERTISE ServiceNow GRC & SecOps More ❯

and internal policies across multiple jurisdictions. You will implement compliance programs, monitor adherence, provide risk-based legal advice, and help shape a compliance-focused culture. Key Accountabilities: Compliance and Governance Ensure the organisation adheres to corporate governance standards, codes of conduct and relevant laws across all jurisdictions. Monitor regulatory developments and interpret their relevance and impact on the business, providing … not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and manage internal reporting mechanisms by liaising with internal Global Risk and Compliance (GRC) function. Global Regulatory Compliance Ensure compliance with international legal and regulatory frameworks (e.g. GDPR, FCPA, local employment laws). Liaise with external counsel where jurisdiction-specific advice is needed with More ❯

and internal policies across multiple jurisdictions. You will implement compliance programs, monitor adherence, provide risk-based legal advice, and help shape a compliance-focused culture. Key Accountabilities: Compliance and Governance Ensure the organisation adheres to corporate governance standards, codes of conduct and relevant laws across all jurisdictions. Monitor regulatory developments and interpret their relevance and impact on the business, providing … not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and manage internal reporting mechanisms by liaising with internal Global Risk and Compliance (GRC) function. Global Regulatory Compliance Ensure compliance with international legal and regulatory frameworks (e.g. GDPR, FCPA, local employment laws). Liaise with external counsel where jurisdiction-specific advice is needed with More ❯

Are you a seasoned SAP Security and GRC expert ready to lead transformative ERP engagements across diverse industries? We're partnering with a leading consultancy to find a Senior Manager who will spearhead SAP S/4 HANA security and access management initiatives, driving innovation and compliance in financial transformation programmes. About the Role As a Senior Manager, you'll … ownership of SAP Security architecture and implementation, leading teams through complex ERP transformations. You'll work closely with senior stakeholders to assess risks, define strategy, and deliver robust access governance solutions across SAP and non-SAP platforms. Key Responsibilities Lead SAP Security and GRC strategy development and implementation. Oversee access management policies, user provisioning, and SoD controls. Manage greenfield SAP … Deep knowledge of S/4 HANA, BW/4 HANA, SAP Analytics Cloud, SAP Access Controls, IAG, BTP, and cloud apps like SuccessFactors, Ariba, and Concur. Expertise in GRC tools such as Saviynt, SailPoint, Pathlock. Strong understanding of SOX, GDPR, and other regulatory frameworks. Excellent project management and communication skills. Professional certifications (e.g., SAP Access Control 12.0, CISSP, CISM More ❯

ServiceNow Technical Consultant - IRM/GRC - Boutique Consultancy - Remote, UK. Up to £85,000. I am currently working with a ServiceNow partner in the UK, a boutique consultancy known for delivering exceptional client experiences and driving transformative success through the ServiceNow platform, enhanced by cutting-edge AI technologies. As an IRM/GRC Technical Consultant, you’ll work closely with … clients to design, implement, and optimise risk and compliance frameworks using leading technologies. Your role will include: Leading technical implementations of GRC platforms (e.g., ServiceNow IRM, RSA Archer, MetricStream, etc.) Translating business requirements into technical solutions Advising clients on best practices in risk management, controls, and compliance Supporting pre-sales activities and contributing to solution design Supporting customer workshops and … running project demonstrations, using the ServiceNow platform. What They're Looking For: Proven experience in IRM or GRC platform implementation and configuration. Technical proficiency in scripting, integrations, and data modelling Excellent communication and stakeholder management skills A proactive, client-focused mindset with a passion for problem-solving They offer a dynamic, supportive team culture with opportunities for rapid career progression. More ❯

research reports. Understanding of priorities of the chief risk officer including enterprise risk management, integrated risk management, third-party risk management, ESG risk and reputational risk. Deep understanding of Governance, Risk, and Compliance (GRC) software and other risk focused technologies. Additional benefits we offer... Competitive salary (with annual review) Performance-driven quarterly bonus scheme Pension with enhanced employer contribution Generous More ❯

on retail and dining, to health and wellbeing, travel, and technology...and plenty more The Role We are currently recruiting for a Manager to join our existing Data and Information Governance Team. Reporting into the Senior Manager, Information Governance and Deputy Data Protection Officer supporting the further developing of the, dedicated first line capability for information risk, control frameworks and testing … a control framework across a complex infrastructure of product lines, control functions and subsidiaries, enabling effective oversight of information risk. You will develop elements of and implement an Information Governance Framework whilst developing and monitoring various risk controls within the RCSA framework in both Operations and as SME across the business. You will work directly with local 1LoD defence risk … in-depth knowledge and practical experience in the following: - Data Protection - Information Rights - Records Management - Information Risk You will be able to demonstrate evidence of delivering change in Information Governance to create a transparent, but 'privacy aware' compliance culture with proven experience in an operational risk management role in the public or private sector, preferably in financial services. You will More ❯

and serving as a key member of the Senior Leadership Team , the COO will play a pivotal role in driving operational excellence, delivering outstanding client service, and ensuring robust governance and compliance across domestic and international operations. This is a rare opportunity to define the future of a fast-evolving, growth-focused financial institution— delivering scalable, resilient, and client-centric … critical third-party and outsourced service providers, ensuring seamless service delivery and adherence to SLAs. Design and optimise processes for operational efficiency, quality, control, and regulatory compliance. Ensure rigorous governance of all outsourcing arrangements, including performance monitoring, contract compliance, and regulatory obligations. Financial Crime Risk Management As first-line owner of financial crime risk management and controls, the COO will … vendors. Anti-Fraud Controls: Implement and oversee fraud detection and prevention frameworks across all customer channels. Surveillance: Monitor for market abuse and misconduct through robust communications and trade surveillance. Governance & MI: Deliver actionable financial crime metrics, ensure first-line ownership of controls, and provide insight into emerging risks. Policy Implementation & Training: Ensure operational teams are trained and aligned with current More ❯

and serving as a key member of the Senior Leadership Team , the COO will play a pivotal role in driving operational excellence, delivering outstanding client service, and ensuring robust governance and compliance across domestic and international operations. This is a rare opportunity to define the future of a fast-evolving, growth-focused financial institution— delivering scalable, resilient, and client-centric … critical third-party and outsourced service providers, ensuring seamless service delivery and adherence to SLAs. Design and optimise processes for operational efficiency, quality, control, and regulatory compliance. Ensure rigorous governance of all outsourcing arrangements, including performance monitoring, contract compliance, and regulatory obligations. Financial Crime Risk Management As first-line owner of financial crime risk management and controls, the COO will … vendors. Anti-Fraud Controls: Implement and oversee fraud detection and prevention frameworks across all customer channels. Surveillance: Monitor for market abuse and misconduct through robust communications and trade surveillance. Governance & MI: Deliver actionable financial crime metrics, ensure first-line ownership of controls, and provide insight into emerging risks. Policy Implementation & Training: Ensure operational teams are trained and aligned with current More ❯

with support and guidance to enable successful delivery. You will work with colleagues in Home Office Commercial when contracts need organising and negotiating. You may be required to facilitate governance meetings and mechanisms and/or select the right people to join these discussions. In addition to this, you will be expected to mentor, coach or line manage less senior … and improve team delivery performance Applying appropriate techniques taken from different methodologies to effectively deliver successfully within a given context Managing budgets and commercial supplier relationships Understanding what good governance looks like and how to implement improvements Acting as the Delivery Manager for one or more delivery teams through a complete delivery lifecycle (prepare, deliver, improve) Governance, risk and compliance More ❯