1 to 25 of 385 GRC Jobs in England

Senior Information Security GRC Analyst Senior Information Security GRC Analyst Locations: London, United Kingdom; Manassas, United States Posted on: 4 Days Ago ABOUT US We're the world's leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value - across borders, through cities and overseas. No other organisation can address the scale … Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions. Are you passionate about security Governance, Risk and Compliance (GRC)? Do you thrive in a dynamic environment where your experience and your security expertise can shape the future of our organization? We are looking for a … GRC Specialist like you to join our growing Information Security Governance team. In this role, you will: Develop and implement robust GRC frameworks to ensure compliance with increasingly stringent industry regulations and standards. Lead the reporting and presentation of our GRC activities to internal and external stakeholders, ensuring transparency and accountability. Collaborate with cross-functional security teams to maintain and More ❯

The team you'll be working with: Security Consultant (GRC) NTT DATA is one of the world's largest global security service providers, partnering with some of the most recognized security technology brands. We're looking for passionate, curious, and motivated individuals to join our team. What you'll be doing: Using your background in Governance, Risk & Compliance, you will … help our clients: Governance: directs, oversees, designs, implements or operates within the set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage cyber and information security at an enterprise level. Supporting an organisation's immediate and future regulatory, legal, risk, environmental and operational requirements and ensuring compliance with those requirements. Policy and Procedure Management: directs, develops or … internal teams, external partners, and regulatory authorities. Providing remediation guidance and prepare management reports to track remediation activities. Continuous Improvement: Identify opportunities for process enhancements, driving initiatives to bolster governance framework and security posture. Assess and test the effectiveness of security controls, and document the compliance levels to identify risks and control gaps. What experience you'll bring: What experience More ❯

activities Remediation workstreams and roadmaps Policy & process implementation Information Security Maturity Audits/CMMI Certification or alignment with recognised industry standards Compliance with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing of security tooling BC/DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management … as Health and Safety procedures as outlined by the Companies Health and Safety Policy. Essential Skills/Attributes: 3+ years in a client-facing information/cyber security/GRC role or 5+ years in a directly related field/role (such as cyber/intelligence/security in UK Armed Forces, Law Enforcement, UK Intelligence Community, UK Government Departments … Degree in Cyber Security, Computer Science, or related subject; or genuine equivalent experience working in cyber-security, GRC, security audit etc Professional certifications (currently held) including but not limited to CISSP, CCSP, CISM, CRISC, CISA Qualifications/experience in auditing against/implementing multiple security standards and frameworks, such as ISO 27001/2, NIST CSF, ISF CMMI, CIS, UK More ❯

NIST, ISO 27001, CIS20) and regulatory requirements relevant to the financial sector Broad technical knowledge spanning desktops, mobile devices, networking, operating systems, and cloud services. Proficiency with risk analytics, GRC tools, and security assessment methodologies. Exceptional analytical, communication, and report-writing skills, with the ability to translate complex technical issues into clear, actionable recommendations for both technical and non-technical More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

The Role We are seeking a motivated and detail-oriented Junior GRC Analyst to join our team. The successful candidate will assist in developing and maintaining our governance, risk, and compliance program. This role offers an excellent opportunity to gain experience in GRC practices and work alongside experienced professionals. The role entails collaboration with various departments such as Operations, Client … strong relationships, their collaborative spirit, and their expertise in fostering growth. This role reports to a Senior Security Engineer. Primary Responsibilities Assist in the development, implementation, and maintenance of GRC policies and procedures aligned with the company's business goals and legal requirements. Support with the implementation of the Risk Management Framework policy and ensure ongoing actions are undertaken as … identification of potential compliance and security risks. Monitor and report on compliance with internal policies and external regulations. Ensure regular reviews are performed to assist with refining company's GRC policies, leveraging technology and industry best practices to drive efficiency. Support the preparation and execution of internal and external audits and DDQs. Collaborate with various departments to ensure compliance requirements More ❯

energy and the security of private equity backing. It's an inspiring time to join the team! Looking for a self-starting highly motivated and detail-orientated Information Security Governance, Risk, and Compliance (GRC) Analyst to support the design, implementation, and ongoing improvement of our information security governance and risk management framework. This role is essential in ensuring the organisation … internal compliance communications Job Requirements Previous progressive experience in information security risk management, risk management, or compliance Strong understanding of information security frameworks (e.g., ISO 27001, NIST) Experience with GRC tools/platforms Excellent organisational, communication, and documentation skills Ability to work independently and cross-functionally in a fast-paced environment Industry certifications such as CISA, CRISC, CISSP, CISMis preferred More ❯

CISM and/or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer/Auditor certification is essential. Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO 27001 compliant management system. Extensive experience of information security management and/or security awareness. In-depth expert More ❯

CISM and/or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer/Auditor certification is essential. Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO 27001 compliant management system. Extensive experience of information security management and/or security awareness. In-depth expert More ❯

compliance and assurance programs. * Ensure alignment with ISO 27001, NIST, and other relevant security frameworks. * Collaborate with the Security Operations team to monitor, detect, and respond to threats. * Manage governance, risk, and compliance (GRC) activities, including risk assessments and mitigation strategies. * Train and mentor internal teams on security awareness and best practices. * Engage with stakeholders across the business to communicate … and regulatory inspections as required. Essential Skills & Experience: * Proven experience in incident management and cyber security operations. * Strong knowledge of ISO 27001, NIST, and other security frameworks. * Experience with governance, risk, and compliance (GRC) processes. * Familiarity with Security Operations Centres (SOC) and threat detection tools. * Excellent understanding of the cyber threat landscape and mitigation strategies. * Demonstrated ability to train teams … and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security Manager, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GRC, Security Operations, SOC, Risk Management, Threat Landscape, Defence, Stakeholder Engagement, Security Frameworks, SC Clearance, British National, Cyber Compliance, Security Governance, Security Training, Wiltshire, Cyber Risk, Cyber Strategy, Adecco More ❯

security compliance and assurance programmes. * Ensure alignment with ISO 27001, NIST, and other relevant security frameworks. * Collaborate with the SOC to monitor, detect, and respond to cyber threats. * Manage governance, risk, and compliance (GRC) activities, including risk assessments and mitigation strategies. * Promote a security-first culture through internal training and mentoring. * Communicate cyber risks, strategies, and progress effectively to stakeholders. … and external audits and regulatory inspections. ________________________________________ Essential Skills & Experience: * Proven experience in cyber security operations and incident management. * Strong knowledge of ISO 27001, NIST, and related frameworks. * Experience with GRC processes and tools. * Familiarity with SOC operations and threat detection technologies. * Excellent understanding of the cyber threat landscape and mitigation strategies. * Demonstrated ability to train teams and promote security awareness. … and we will always consult you before submitting it to any client. ________________________________________ Keywords: Cyber Security Lead, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GSLC, CCP, GIS, GRC, SOC, Risk Management, Threat Intelligence, Defence, Stakeholder Engagement, SC Clearance, Cyber Compliance, Security Governance, Security Awareness, West Midlands, Cyber Risk, Cyber Strategy, Adecco More ❯

following fields of expertise: 7+ years' varied experience in information security, data protection, and security architecture roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, UK CNI/OT/IIOT compliance. Hands-on experience building credibility with More ❯

either our London or Tampa office. Position Summary: The Information Security Risk Manager will play a critical role in, and will be responsible for, driving risk strategy, overseeing risk governance, managing senior-level reporting, and leading key information security risk initiatives across the Alvarez and Marsal. This role will be focused on managing and maintaining the Global Security Office Information … Security Risk Register, its supporting processes, governance and reporting requirements. The successful candidate requires a strong understanding of ISO 27001 security controls, exposure to the OnSpring GRC Tool and can effectively assess and communicate technical security requirements to teams across the firm. Key Responsibilities: Risk Management Leadership and Oversight: Working to A&M Policy and industry standards and lead the … oversight and work closely with risk owners to manage the development and implementation of treatment plans to address identified risks, ensuring alignment with senior leadership expectations and business objectives. GRC Tool (OnSpring) Management: Own, manage and continuously develop A&M GRC platform (OnSpring) to provide a structured, scalable risk register and reporting capabilities to support A&M wide requirements, and More ❯

the data and ensuring the security of thousands of users globally, including the world's largest freight forwarders. We are dedicated to delivering efficiency, transparency, and confidence through our Governance, Risk, and Compliance (GRC) framework. The Opportunity: We are seeking an experienced Senior Governance, Risk, and Compliance (GRC) Analyst with expertise in managing acquisitions, integrating them seamlessly into our company … acquired entities into existing business operations. The role requires a keen understanding of regulatory compliance, risk management, and a strategic mindset to ensure smooth and efficient integration processes. The GRC Analyst will play a critical role in enhancing our overall GRC posture and maintaining regulatory compliance for WiseTech Global. Key Responsibilities: Acquisition Assessment: Collaborate with cross-functional teams to assess … the GRC landscape of newly acquired companies, identifying gaps and alignment opportunities. Integration Planning: Develop comprehensive integration plans tailored to each acquisition, ensuring alignment with the company's overarching GRC strategy. Risk Management: Evaluate and mitigate risks associated with integration processes, working closely with risk management teams. Policy and Procedure Harmonization: Bridge gaps between existing practices and those of acquired More ❯

verbal communication abilities, with a focus on clear reporting and stakeholder engagement. Possession of industry-recognised certifications such as CISSP, CISM, CRISC, or CEH would be preferred. Familiarity with Governance, Risk, and Compliance (GRC) platforms and maintaining structured risk registers. Understanding of applicable regulations and data protection legislation, including GDPR and other industry-specific mandates. What you'll get in More ❯

a SOC environment. - Familiarity with risk management frameworks?(e.g. ISO 27005, NIST RMF). - Excellent communication and reporting skills. - Relevant certifications (e.g. CISSP, CISM, CRISC, CEH). - Experience with GRC tools and risk registers. - Knowledge of regulatory requirements and data protection laws. This is a full time role on a temporary basis. If you are interested in the role please More ❯

Role Description The Information Security Analyst plays a key role in supporting Allianz UK's Information Security initiatives, with a focus on executing the Governance, Risk, and Compliance (GRC) activities and implementing the NIST Cyber Security Framework (CSF) across the organisation. The NIST analyst will involve in day-to-day GRC operations, such as designing and implementing security controls, interpreting … non-compliance issues and information security risks. As an Information Security Analyst at Allianz UK, you will be pivotal in advancing the company's Information Security initiatives by executing Governance, Risk, and Compliance (GRC) activities and implementing the NIST Cyber Security Framework (CSF) organization-wide. Your role will involve daily GRC operations, including designing and implementing security controls, interpreting requirements … catalogue, policies, and procedures aligned with the NIST Cyber Security Framework (CSF). Collaborating with the wider organization to integrate control testing and risk management activities into the existing governance framework. Assisting cross-functional teams and business units in integrating security measures into business operations. Supporting compliance activities with the Group Information Security Framework, Cyber Essentials, and PCI DSS attestation. More ❯

and 3rd lines of defence on all matters relating to cyber security, information assurance, cyber risk, data privacy including regulatory and compliance considerations Lead the development and enhancement of governance, risk and compliance aligned to policy, standards an industry good practice Ensure that continuous assessment, identification, analysis and reporting of useful metrics to enable informed risk based decisions to be … that documentation relating to process and technical security controls are maintained What experience you'll bring: Minimum of 5 years' experience in a multi-tiered IT enterprise environment/Governance, Risk and Compliance role Minimum of 5 years' experience in a Governance, Risk and Compliance role A track record of delivering security solutions for large-scale infrastructure, transformation or integration More ❯

Information Security GRC Manager Contract role (Outside IR35) Location: London (Remote) iO Associates have collaborated with our consultancy division to help in their search for an Information Security GRC Manager. You will work towards refining the entire GRC programme - frameworks, audits, risk assessments, stakeholder communication - across a regulated environment. You'll also work with vendors and internal teams to ensure … compliance and strong governance. Key Responsibilities: Build and refine information security governance and risk frameworks Lead audits (internal/external) and drive compliance (ISO 27001, GDPR, NIST) Own vendor risk, supplier assurance, and contract governance Communicate risks and policies across the business Support KPI development and risk strategy planning Requirements: Degree in Computer Science/IT or relevant industry certifications … Implementer Working knowledge with legal/security needs in housing association sector and its regulatory environment Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS Proven experience in GRC leadership Skilled in risk analysis, audit reporting, and policy writing Excellent stakeholder management and communication skills Understanding of cloud security and Microsoft tools If you are interested, please apply immediately More ❯

technology compliance, and other industry best practices. Own and manage the implementation of risk management tools and automation of processes using industry-leading platforms, including those that support AI governance when relevant. Lead or contribute to digital risk maturity assessments and process improvement initiatives. Develop and maintain documentation, reports, and dashboards for risk tracking and compliance monitoring, emphasizing digital risks. … methodologies, and compliance requirements. Ability to interpret regulatory requirements and translate them into actionable business strategies for IT risks and opportunities. Proficiency in risk management tools and platforms (e.g. GRC platforms), ideally with experience in implementing and/or optimizing these solutions. Experience in leading risk assessments and developing and implementing risk mitigation strategies. Strong analytical and problem-solving skills … and presentation skills for executive reporting, stakeholder engagement, and internal team leadership. To qualify for the role you should have 5+ years of experience in digital risk management, IT governance, cybersecurity, or related fields; experience in AI would be an additional advantage. Professional certifications such as CISA, CISSP, or equivalent (preferred but not mandatory). Expertise in risk management tools More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

impact in Cyber Security, this role is for you! Responsibilities: Ensure protection of information assets and technologies Participate in security audits like ISO27001, ISO27701, ISO20000, NIST-CSF, and IASME Governance Conduct and document internal audits for our clients Deliver security awareness training, including public speaking engagements Manage Third-Party Risk Management (TPRM) including vendor security reviews Assist the Sales Team … with scoping engagements and delivering valuable services to clients Skills/Must have: Extensive experience in Information Security Governance, Risk, and Compliance (GRC) Experience contributing to an Information Security Management System (ISMS) certified to ISO27001 standards Knowledge of the Cyber Essentials Plus Scheme, GDPR, and Data Protection Act (2018) Strong communication skills and the ability to build relationships with internal More ❯