1 to 25 of 106 GRC Jobs in the UK

Are you a governance leader who thrives at the intersection of information security, compliance, and organisational resilience? We're looking for an experienced Senior Security Governance Manager to drive our Information Governance, Cyber Security, and Quality frameworks to new heights. This is a high-impact role where you'll shape the strategic direction of security governance across the business, ensuring … compliance with UK, NHS, and international regulations - while empowering teams to work securely and confidently in a complex digital environment. What You'll Be Responsible For Information Governance Develop and execute the organisation's Information Governance (IG) strategy in line with UK, NHS, and international data protection frameworks. Maintain governance policies and key artefacts such as DPIAs, Data Processing Agreements … and support independent audit processes. Monitor compliance across business units and lead corrective actions where required. Cyber Security Lead the implementation and maintenance of Cyber Security policies, ensuring robust governance across all business areas. Manage the ISO 27001 certification lifecycle - including audits, remediation, and recertification. Collaborate with technical and product teams to embed security standards and oversee incident response procedures. More ❯

packaging solutions, paper products and recycling services in more than 30 different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and … risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T GRC scope, delegated and assigned by the Head of I&T GRC. Key Accountabilities Engage with More ❯

risk management, and vulnerability identification. Certifications: ISO 27001 Lead Implementer/Auditor, CISSP, CISM (highly desirable). Skills: Excellent communication, documentation, and project management abilities. Preferred Extras Familiarity with GRC tools and ISMS platforms. Ability to work independently and manage multiple priorities. Strong problem-solving skills in a fast-paced environment. Your expertise will keep us secure, compliant, and ahead More ❯

risk management, and vulnerability identification. Certifications: ISO 27001 Lead Implementer/Auditor, CISSP, CISM (highly desirable). Skills: Excellent communication, documentation, and project management abilities. Preferred Extras Familiarity with GRC tools and ISMS platforms. Ability to work independently and manage multiple priorities. Strong problem-solving skills in a fast-paced environment. Your expertise will keep us secure, compliant, and ahead More ❯

such as CISSP, CISM or CISA Knowledge of security standards and good practice Understanding of cloud, access control and networking Strong communication and customer facing skills Good knowledge of governance, risk and compliance Ability to manage workload and meet deadlines Desirable Skills UK Cyber Security Council registration Knowledge of HMG or MoD security policy Secure by Design experience Experience with More ❯

Clearance (e.g., lived in the UK for the past 5 years with no significant travel or criminal record). Bonus Skills Identity and access management (IAM) experience Exposure to governance, risk, compliance, and operational security Penetration testing certifications (e.g., OSCP, CREST, TIGER) Active contributor to knowledge-sharing communities Get in Touch If this sounds like the right next step for More ❯

Clearance (e.g., lived in the UK for the past 5 years with no significant travel or criminal record). Bonus Skills Identity and access management (IAM) experience Exposure to governance, risk, compliance, and operational security Penetration testing certifications (e.g., OSCP, CREST, TIGER) Active contributor to knowledge-sharing communities Get in Touch If this sounds like the right next step for More ❯

Clearance (e.g., lived in the UK for the past 5 years with no significant travel or criminal record). Bonus Skills Identity and access management (IAM) experience Exposure to governance, risk, compliance, and operational security Penetration testing certifications (e.g., OSCP, CREST, TIGER) Active contributor to knowledge-sharing communities Get in Touch If this sounds like the right next step for More ❯

Clearance (e.g., lived in the UK for the past 5 years with no significant travel or criminal record). Bonus Skills Identity and access management (IAM) experience Exposure to governance, risk, compliance, and operational security Penetration testing certifications (e.g., OSCP, CREST, TIGER) Active contributor to knowledge-sharing communities Get in Touch If this sounds like the right next step for More ❯

Clearance (e.g., lived in the UK for the past 5 years with no significant travel or criminal record). Bonus Skills Identity and access management (IAM) experience Exposure to governance, risk, compliance, and operational security Penetration testing certifications (e.g., OSCP, CREST, TIGER) Active contributor to knowledge-sharing communities Get in Touch If this sounds like the right next step for More ❯

Clearance (e.g., lived in the UK for the past 5 years with no significant travel or criminal record). Bonus Skills Identity and access management (IAM) experience Exposure to governance, risk, compliance, and operational security Penetration testing certifications (e.g., OSCP, CREST, TIGER) Active contributor to knowledge-sharing communities Get in Touch If this sounds like the right next step for More ❯

staff & a focus on technical excellence? If so, we are looking for an experienced IT Security Engineer to join our growing Security Ops team, working closely with the wider GRC & policy team, DevOps teams, Dev’ team & internal IT teams to make sure security is at the heart of all our technical process'. This role will cover a wide array More ❯

staff & a focus on technical excellence? If so, we are looking for an experienced IT Security Engineer to join our growing Security Ops team, working closely with the wider GRC & policy team, DevOps teams, Dev’ team & internal IT teams to make sure security is at the heart of all our technical process'. This role will cover a wide array More ❯

frameworks, policies, and regulatory requirements. Collaborate with IT, Risk, Compliance, and project teams to deliver practical, client-focused security advice. What they're looking for: Strong technical security and GRC experience. Experience in project delivery and stakeholder engagement (not hands-off). Knowledge of ISO 27001, NIST, or similar frameworks. Excellent communication, analytical, and problem-solving skills. Contract Details: Location More ❯

. OSCP/OSWE/OSEP/GPEN/eCPPT/similar. Experience with secure code review, SAST/DAST pipelines, or DevSecOps. Familiarity with ISO 27001 or wider GRC frameworks. What Our Client Offers: Competitive salary and annual performance bonus. Training budget and certification support. Clear progression path into Senior/Lead Consultant roles. Flexible working and wellbeing support. More ❯

Essentials/Essentials Plus. Our clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure. Services include: • Security consulting across the area of security governance, risk, compliance and standards alignment • Penetration testing • Security architecture for cloud and infrastructure • Detection and response • Fractional heads and virtual support • NCSC Assurance service provider for Cyber Essentials and a More ❯

Essentials/Essentials Plus. Our clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure. Services include: • Security consulting across the area of security governance, risk, compliance and standards alignment • Penetration testing • Security architecture for cloud and infrastructure • Detection and response • Fractional heads and virtual support • NCSC Assurance service provider for Cyber Essentials and a More ❯

Essentials/Essentials Plus. Our clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure. Services include: • Security consulting across the area of security governance, risk, compliance and standards alignment • Penetration testing • Security architecture for cloud and infrastructure • Detection and response • Fractional heads and virtual support • NCSC Assurance service provider for Cyber Essentials and a More ❯

Essentials/Essentials Plus. Our clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure. Services include: • Security consulting across the area of security governance, risk, compliance and standards alignment • Penetration testing • Security architecture for cloud and infrastructure • Detection and response • Fractional heads and virtual support • NCSC Assurance service provider for Cyber Essentials and a More ❯

protect the National Lottery and its players from Cyber Threats. The SOC is part of the Cyber and Information Security function alongside with our Cyber Défense team and the GRC team. The purpose of the SOC team to deliver Allwyn UK security monitoring and incident response capability. The SOC is under a 24x7 fully in-house operational model. We strive More ❯

Cyber Security Risk Lead Cyber Security Risk Lead - Cyber Security Risk Assessments, Audits, GRC, Information Security Management, CRISK, CISM, CompTIA Security+, NIS, NIST, ISO 27001 - Hybrid (Manchester) - to £61,500 + excellent bonus + bens This is an outstanding opportunity to become my clients primary Cyber Security Risk Advisor working within a high-profile and growing Cyber Security function click More ❯

be asked to be onsite 2-3 days a week in Wyton. We're looking for candidates with active DV Clearance and MOD experience - ideally within security assurance/GRC , working with MOD policies/standards (JSP's), ISO27001 and NIST . Any CISSP/CISM certifications would be ideal. You'll be working part of a team but this More ❯

days a week in either Bristol or Wyton (your choice). We're looking for candidates with active DV Clearance and MOD experience - ideally within security assurance/GRC , working with MOD policies/standards (JSP's), ISO27001 and NIST . Any CISSP/CISM certifications would be ideal. You'll be working part of a team but this role More ❯

e.g., Gemini, Microsoft Copilot, OpenAI, Anthropic) and their practical constraints. Experience building AI roadmaps that align business functions (Marketing, Sales, Customer Service, Operations, Digital, Risk). Knowledge of AI governance, risk, compliance, and responsible AI frameworks relevant to FS environments. Exposure to AI delivery teams, including MLOps, data engineering, AI consulting, or agent-development teams. Ability to translate complex technical More ❯

e.g., Gemini, Microsoft Copilot, OpenAI, Anthropic) and their practical constraints. Experience building AI roadmaps that align business functions (Marketing, Sales, Customer Service, Operations, Digital, Risk). Knowledge of AI governance, risk, compliance, and responsible AI frameworks relevant to FS environments. Exposure to AI delivery teams, including MLOps, data engineering, AI consulting, or agent-development teams. Ability to translate complex technical More ❯