new business expansion, and offers superb opportunities to join a small, specialist team, and the successful candidate will focus on security risk, policy andgovernance (GRC) Key accountabilities in the role will include: · Maintenance and development of the ISMS · Ensuring adherence to NIST, ISO27001 and SOC2 · Managing internal and external … reviewing and updating polices · Third party supplier management Key skills needed are: · Experience in a security role with the emphasis on risk, policy andgovernance ideally within a regulated financial services environment · Knowledge of SOC2, ISO2701 and NIST frameworks · Extensive experience of managing audits · Experience of information security management security more »
benefits and opportunities for professional development. We get passionate people and you get vibrant and rewarding careers. About the Role The Group Cyber Security Governance, RiskandCompliance (GRC) Manager is responsible for the GRC team within Group Cyber Security. Reporting into the Group Head of Cyber Security, this role … will involve the day-to-day running of the GRC team responsible for delivering and operating an information and cyber security riskmanagementandgovernance framework across the Group. This role will ensure that there is a robust information and cyber security controls framework in place, a process to test … to apply by submitting a CV into: recruitment@cognita.com For further information please visit: https://www.cognita.com/career/group-cyber-security-grc-manager/Closing Date for Applications is: Sunday 24th March Cognita Schools are committed to safeguarding and promoting the welfare of children and young people more »
requirements. RiskManagement: Identify and assess potential security risks, conduct regular risk assessments, and develop mitigation strategies to protect the organisation's assets. Security Governance: Establish and maintain a robust security governance framework, ensuring compliance with relevant laws, regulations, and internal policies. Security Awareness and Training: Develop and deliver security … as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003. Keywords: Information Security Manager, Information security Analyst, Information Security, Information security Consultant, GRC, banking, IT more »
Greater London, England, United Kingdom Hybrid / WFH Options
IGS | Information Governance Services
conduct data protection and information security training; If required, assist in reviewing and negotiating contracts with data controllers and data processors; Monitor third party governanceriskand compliance. Some of the things on offer: For the right person, the opportunity to enter into a structured 2-year training programme paid more »
Greater London, England, United Kingdom Hybrid / WFH Options
McGregor Boyall
equivalent Expertise with SaaS systems, on-prem and cloud integrations Some Azure knowledge Ability to articulate risk across systems Project lifecycle experience - risk assessments, GRC, pen testing, vulnerability scans Financial services experience ideal Strong communication skills more »
Leading global multinational end user organization requires a Global Head of Information Security RiskandCompliance (GRC). The role will involve taking responsibility of taking overall responsibility for managing all riskandcompliance for the information security, technology and client audits. You will report directly to the global CISO more »
Manchester Working Practice: Hybrid Key Skills: M365 Security Expertise Azure Cloud Security knowledge Identity, security andcompliance Azure DevOps/Azure IaaS/Cloud GRC Associated MS products such as Defender/Sentinel Comfortable working in an SME capacity, sitting between Architects, Engineers and Stakeholders Knowledge of frameworks such as more »
mitigation steps for resilience. Working closely with key stakeholders to ensure compliance with security policies, and promotion of strong information security culture. Provide weekly governance, riskandcompliance reports utilising key riskand key performance indicators and metrics. Skills/Competencies Required: Experience developing information security policy, process and procedure more »
knowledge of Sanctions and AML related regulations. Skills and Experience Proven experience in due diligence/KYC role. Experience of working with industry standard GRC software (such as Lexis Nexis, Refinitiv, Thomson Reuters) and screening tools (Dow Jones, Dun & Bradstreet, BvD) Experience in a commodities or physical trading environment would more »
assessment to test report writing skills. Key Responsibilities · Draft work programs designed to evaluate the adequacy, comprehensiveness and effectiveness of client’s governance, riskmanagementandcompliance arrangements, systems and controls. · Execute work programs through interviews, review of available documentation and sample-based testing. · Performs financial crime related end-to … end assessment activities for financial institutions with accuracy and in a timely manner. · Evaluate adherence to applicable internal policy requirements andgovernance structures as well as relevant laws and regulations. · Perform critical impact analysis on client programs, assist in making strategic recommendations and through a written report. · Assist in investigating … a timely fashion. Knowledge & Skills · Ability to quickly understand complex processes to identify and evaluate the design and operating effectiveness of key governance, riskmanagementandcompliance controls in financial services, large corporates and the public sector. · Excellent analytical skills with a good attention to detail and accuracy. · Strong written more »
adaptable to change Positive attitude, uses diplomacy and tact to build relationships of trust Takes ownership and responsibility for own deliverables. Knowledge of corporate governance principles and structures A desire to start new projects, significantly contribute to on-going projects and deliver all projects to closure Travel (national and international … of technology components e.g. UNIX, Windows, Network Architectures, Network Security, BC/DR Solutions, CSIRT Educated to Degree Level desirable Proven Experience in a GRC Department/Role Formal Management Certification desirable (IMI more »
of business systems Identify and define system security requirements Research and analyse potential and emerging vulnerabilities Work with broader security team including AppSec, SOC & GRC to ensure continuous improvement and achievement of security objectives Communicate security risks simply across the business Desirable experience for the Cyber Security Specialist Experience working more »
City of London, London, United Kingdom Hybrid / WFH Options
360 Resourcing
on an initial 12 month Fixed Term Contract. As the new Cyber Security Technical Writer (ISO27001) you will report to the Head of IT Governance, Riskandcomplianceand will be responsible for developing and maintaining policies, standards and guilds and other documentation in support of the Information Security programme. more »
Security on behalf of a large financial services company. You will be joining an extremely competent and established team, contributing to a number of GRC projects. This will give the successful individual the opportunity to work closely with the CISO to manage Information Security across the group (globally). Key … external stakeholders to perform assessments and identify risk, whilst maintaining monitoring activities of existing vendors. Support the design and execution of the Information Security Governance, RiskandCompliance roadmap. Participate and execute governance activities including metrics gathering and reporting, and the performance of recurring internal assessment activities. Support activities pertaining more »
line into the parent companies' CISO. This role requires a great technical understanding of Information security policies and risks, with a high focus on GRC activities. Moreover, you must have experience with project managementand implementation on an Information Security level within a large multinational organisation. On a day-to … day basis, you will be responsible for implementing Policies andGRC Security Projects within the business. One of the key elements of this position is bridging the gap between security and business interests, so the roleholder will need to be highly experienced in stakeholder management, with the ability to effectively more »
Job Role The role of the Security Analyst (GRC) will implement information security related tasks and focused on support and delivery, as advised and requested by the Head of Information Security (CISO). There are two streams of the organisational structure, Policy & Complianceand Operations. The skill set required for … them Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact A background in working in GRC within technology, preferably within an Infrastructure or Application support/Audit role. Demonstrable experience facilitating IT Control audit activities. With Relevant IT Security or Information more »
Are you a GRC Specialist looking for a new opportunity? If so we are looking for a Senior Consultant to lead and drive a variety of cyber security engagements for our Clients. This is an opportunity to work at the front line of cyber security delivering value to our client more »
Greater London, England, United Kingdom Hybrid / WFH Options
Auricoe
across the Group. Skills & Experience - Information Security Risk Analyst 3-5 years of experience in Information Security (InfoSec) Risk fundamentals. Experience in working with GovernanceRiskCompliance (GRC) tools. Good stakeholder managementand engagement skills. Good InfoSec and IT knowledge. Experience in performing impact, likelihood andrisk analyses/assessments. more »
Hot UK- Key Account Manager role SaaS GRC/RiskManagement vendor Up to £85K base - 85K OTE + Bens (no car allowance) Hybrid based role - but commutable to London or Reading office 3 days a week, greater flex once up and running. Are you a successful software salesperson ? Have more »
Role: Global Information Security Manager (GRC) Location: London Salary: £100,000+ Our client, a leading Global Law Firm, are looking to hire an experienced Global Information Security Manager who will lead on all Information Security, riskand assurance domains globally. You will spearhead the GRC roadmap, maintain a group riskmore »
one or two days per month. SKILLS REQUIRED: You must be degree educated, or equivalent, with a previous background working within information compliance/governance or data protection. You must have a passion for data and keeping data safe. You will have exceptional organisational skills and a can-do, proactive … with the evidence keeping, monitoring, and auditing required to maintain this. Experience of working with an ISMS (Information Security Management System) Experience using a GRC platform or other information compliance-specific governance tools A background working with vulnerable data subjects. RESPONSIBILITIES: Managing record of Processing Activities (ROPA) and working with more »
with a leading legal firm in London. We are looking for an experienced Information Security Analyst to support the company's ISMS, focused on governance, risk, andcompliance initiatives. Tasks: Assist in a range of ISO27001 projects, including internal and external audits, risk assessment, and improvement plans. Contribute to IS … timely responses and repository upkeep. Track and manage agreed remediation plans for supplier risk management. Requirements: Over 6 years of Information Security experience, within governance, risk, and compliance. Proficient in conducting audits like ISO27001 and NIST. Skilled in implementing ISO-related controls, both technical and operational. Strong understanding of general more »
Role: Senior GRC Analyst Location: London Salary: £80,000+ My client are looking for a Senior Information Security professional with at least 4 years of GRC experience to join an established Security team. The successful individual will lead and implement an enhanced InfoSec RiskManagement framework. This is an excellent more »
Group Cyber GRC Manager Circa £95,000 London - Hybrid - 2 days onsite per week We are representing a global market leading organisation who are looking for an experienced Group Cyber GRC Manager to build, shape and drive a Group Cyber GRC strategy, in a decentralised organisation. This organisation are on … rapidly growing organisation who are going through a global transformation programme, with significant investment behind them! You will take the lead on their Cyber GRC strategy and roadmap, incl. M&A initiatives, developing, and maintaining a group risk register, and ensuring there is ongoing change and improvements of business risk. … of supporting audits and negotiating control improvements. This is a great opportunity to join a company at the early stages of their Cyber Security GRC journey where you will have a significant influence on their development. The process is able to move very quickly so if this sounds of interest more »