3 of 3 GRC Jobs in Somerset

Main Purpose: To act as a Subject Matter Expert (SME) in AI and Digital Resilience within Financial Services, delivering advisory and managed services across risk modelling, fraud detection, AI governance, compliance, and operational resilience. Key Responsibilities: AI in Financial Services Design and implement AI-driven solutions for risk modelling, financial fraud detection, AI governance, and regulatory compliance. Advise clients on … responsible AI adoption, model validation, and regulatory obligations. Support AI governance frameworks ensuring ethical, explainable, and compliant use of AI across financial services. Digital Operational Resilience (DORA) Deliver gap assessments, compliance roadmaps, and incident response readiness programmes aligned to the EU Digital Operational Resilience Act (DORA). Advise financial institutions on resilience testing, regulatory reporting, and ICT risk management. Support … Financial Services consulting or advisory roles. Strong understanding of AI applications in finance, particularly in fraud detection, credit risk, and regulatory compliance. Experience with AI governance frameworks, model risk management, and compliance standards. Knowledge of operational resilience frameworks, including DORA, PRA/FCA resilience requirements, or similar regulations. Track record of delivering gap assessments, resilience testing, and regulatory readiness programmes. More ❯

and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems and operations. Policy and Governance: Support and oversee the creation and enforcement of security policies, standards, and procedures. Incident Response: Develop, implement, and manage the security incident response plan. Leadership: Provide strong leadership and mentorship … to the governance, risk, and compliance team. Essential Requirements: Extensive security leadership: Proven experience (10+ years) in a senior information security role, with significant experience in a CISO or equivalent position within a software development or health technology environment UK health sector experience: In-depth knowledge and practical experience with UK healthcare security standards and regulations, including demonstrable expertise with … track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg NCSC, ICO, NHS England). Policy & governance: Extensive experience in developing, implementing, and enforcing comprehensive information security policies, standards, and procedures. Regulatory compliance: Solid understanding of UK and EU data protection laws (eg GDPR, Data Protection Act More ❯

and other relevant frameworks. Risk Management: Lead the information security risk management program, including the identification, assessment, mitigation, and monitoring of risks across all systems and operations. Policy and Governance: Support and oversee the creation and enforcement of security policies, standards, and procedures. Incident Response: Develop, implement, and manage the security incident response plan. Leadership: Provide strong leadership and mentorship … to the governance, risk, and compliance team. Essential Requirements: Extensive security leadership: Proven experience (10+ years) in a senior information security role, with significant experience in a CISO or equivalent position within a software development or health technology environment UK health sector experience: In-depth knowledge and practical experience with UK healthcare security standards and regulations, including demonstrable expertise with … track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg NCSC, ICO, NHS England). Policy & governance: Extensive experience in developing, implementing, and enforcing comprehensive information security policies, standards, and procedures. Regulatory compliance: Solid understanding of UK and EU data protection laws (eg GDPR, Data Protection Act More ❯