1 to 25 of 77 GRC Jobs in the UK excluding London

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

compliance and assurance programs. * Ensure alignment with ISO 27001, NIST, and other relevant security frameworks. * Collaborate with the Security Operations team to monitor, detect, and respond to threats. * Manage governance, risk, and compliance (GRC) activities, including risk assessments and mitigation strategies. * Train and mentor internal teams on security awareness and best practices. * Engage with stakeholders across the business to communicate … and regulatory inspections as required. Essential Skills & Experience: * Proven experience in incident management and cyber security operations. * Strong knowledge of ISO 27001, NIST, and other security frameworks. * Experience with governance, risk, and compliance (GRC) processes. * Familiarity with Security Operations Centres (SOC) and threat detection tools. * Excellent understanding of the cyber threat landscape and mitigation strategies. * Demonstrated ability to train teams … and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security Manager, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GRC, Security Operations, SOC, Risk Management, Threat Landscape, Defence, Stakeholder Engagement, Security Frameworks, SC Clearance, British National, Cyber Compliance, Security Governance, Security Training, Wiltshire, Cyber Risk, Cyber Strategy, Adecco More ❯

Improvement: Identify opportunities to enhance risk management, compliance, and control processes. Recommend and implement improvements to strengthen the organisation's environment. Project Work: Contribute to project activities to ensure GRC requirements are understood and addressed. Roles and Responsibilities: Support the Global Risk & Compliance Senior Manager in delivering governance, compliance, and risk activities, including: Supporting security, audit, and compliance activities Ensuring … Requirements: Key skills and experience include: Excellent communication skills, capable of conveying compliance and risk concepts to both technical and non-technical audiences Significant experience in control management for governance, compliance, IT audits, IS assurance, and risk management CISA, CISM, or equivalent certification preferred BSc or equivalent in an IT-related field preferred Ability to communicate effectively with technical teams … to gather information and requirements Understanding of regulatory requirements (e.g., GDPR, Data Protection Act) and industry-specific regulations Experience implementing compliance and control frameworks Proficiency in IT governance and quality standards Knowledge of security management frameworks like ISO/IEC 27001, ITIL, COBIT, NIST standards Strong stakeholder management skills High integrity and professionalism in handling confidential matters Familiarity with risk More ❯

implementation of data classification methodologies to ensure appropriate protection based on sensitivity and importance. The role will be based in Reading and will report directly to the Head of Governance, Risk and Compliance, working to deliver the company's goals for a fit-for-purpose critical asset and classification framework. This is a role that requires independence, a proactive approach … risk management practices. Desirable Technical Skills & Qualifications: Industry Certifications: Certifications such as CISSP, CISM, or CISA. Key Relationships & Interactions: CISO direct reports: Security Operations Manager, Security Architecture Manager, Security Governance Manager, Cyber Security Programme Manager, Cyber Resilience Manager CIO and CIO Direct Reports: Operational Technology, Enterprise Architects, PMO and Programme Delivery, Business Change and Engagement Key Business Stakeholders Service Owners More ❯

a SOC environment. - Familiarity with risk management frameworks?(e.g. ISO 27005, NIST RMF). - Excellent communication and reporting skills. - Relevant certifications (e.g. CISSP, CISM, CRISC, CEH). - Experience with GRC tools and risk registers. - Knowledge of regulatory requirements and data protection laws. This is a full time role on a temporary basis. If you are interested in the role please More ❯

drive discussions with key stakeholders and suppliers to provide insights. Experience of third party assurance activities, either for supplier or customer assurance. Extensive knowledge of IT risk management within GRC function, preferably processes, concepts, terminology and control frameworks e.g. ISACA, COBIT, ITIL. Certified in CISA or relevant certifications with one of the following: CISM, CISSP, equivalent experience. Strong knowledge of More ❯

Governance, Risk & Compliance (GRC) Lead Location: Fully Remote - UK Wide Department: Technology – IT Security and Service Management Contract Type: Permanent Salary: £55,000 - £65,000 About the Role We are seeking a highly experienced and motivated GRC Lead to join our Cyber Security team. This role is critical in shaping and delivering our information assurance strategy, ensuring that cyber security … such as DSPT , CAF , and DORA . You will also play a key role in stakeholder engagement, presenting confidently to senior leadership and translating complex technical requirements into actionable governance strategies. With a significant project pipeline launching in 2026, this is a unique opportunity to influence the future of cyber security governance in a regulated environment. Key Responsibilities Own and … leadership teams. Ensure timely and accurate submission of compliance documentation, including NHS audits and DSPT submissions. Skills & Experience Minimum 5 years’ experience in information security , with a focus on governance, risk, and compliance. Proven ability to lead teams and manage complex programmes in regulated environments. Strong understanding of cyber security frameworks and regulations (DSPT, ISO 27001, CAF, GDPR, DORA). More ❯

Governance, Risk & Compliance (GRC) Lead Location: Fully Remote - UK Wide Department: Technology - IT Security and Service Management Contract Type: Permanent Salary: £55,000 - £65,000 About the Role We are seeking a highly experienced and motivated GRC Lead to join our Cyber Security team. This role is critical in shaping and delivering our information assurance strategy, ensuring that cyber security … such as DSPT , CAF , and DORA . You will also play a key role in stakeholder engagement, presenting confidently to senior leadership and translating complex technical requirements into actionable governance strategies. With a significant project pipeline launching in 2026, this is a unique opportunity to influence the future of cyber security governance in a regulated environment. Key Responsibilities Own and … leadership teams. Ensure timely and accurate submission of compliance documentation, including NHS audits and DSPT submissions. Skills & Experience Minimum 5 years' experience in information security , with a focus on governance, risk, and compliance. Proven ability to lead teams and manage complex programmes in regulated environments. Strong understanding of cyber security frameworks and regulations (DSPT, ISO 27001, CAF, GDPR, DORA). More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

impact in Cyber Security, this role is for you! Responsibilities: Ensure protection of information assets and technologies Participate in security audits like ISO27001, ISO27701, ISO20000, NIST-CSF, and IASME Governance Conduct and document internal audits for our clients Deliver security awareness training, including public speaking engagements Manage Third-Party Risk Management (TPRM) including vendor security reviews Assist the Sales Team … with scoping engagements and delivering valuable services to clients Skills/Must have: Extensive experience in Information Security Governance, Risk, and Compliance (GRC) Experience contributing to an Information Security Management System (ISMS) certified to ISO27001 standards Knowledge of the Cyber Essentials Plus Scheme, GDPR, and Data Protection Act (2018) Strong communication skills and the ability to build relationships with internal More ❯

d love to hear from you. About You We'd love to hear from you if you can demonstrate expertise in at least one of the following areas : Security governance, risk and compliance (GRC), aligned with HMG cybersecurity and information assurance policies, standards, and guidance with experience in consultancy or supplier roles. Securing OT (Operational Technologies) with knowledge and understanding More ❯

packaging solutions, paper products and recycling services in more than 30 different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and … risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T GRC scope, delegated and assigned by the Head of I&T GRC. Key Accountabilities Engage with More ❯

Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment with … wellness and employee assistance programmes, gymflex, buy and sell annual leave, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external More ❯

of our Insurance clients on a 12-month contract. Inside IR35 Hybrid Responsibilities: Analyze large datasets to identify trends, anomalies, and emerging risks across technology and cyber domains. Support governance and risk forums with timely and accurate reporting on key risk indicators (KRIs), control effectiveness, and remediation progress. Develop and maintain dashboards and reports to visualize technology and cyber risk … general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using Power BI, Tableau, or similar tools). Familiarity with GRC platforms and risk data management practices. Experience in a risk management, IT audit, or cyber security role within a financial services or regulated environment. Qualifications: Educated to degree level or More ❯

broader enterprise technology goals. Cyber Security and IdAM Partner with Cyber Security stakeholders to design and implement secure authentication mechanisms (e.g., MFA, SSO). Drive the rollout of identity governance solutions and ensure integration with enterprise-wide access management systems. Ensure all programs comply with security best practices, regulatory requirements (e.g., GDPR), and internal security policies. Oversee change management and … CISM, AWS Security Specialty, or Certified Identity and Access Manager (CIAM). Agile (Scrum Master, SAFe) and cloud (AWS Cloud Practitioner) certifications. Experience in security assessments, threat modeling, or governance/risk/compliance (GRC) tooling. Benefits Pension company contribution = 3% Incentive scheme up to 10% of annual salary , based on company performance. Your wellbeing is paramount so you can More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

of the Information Security Graduate: Assist with incidents and requests that are assigned to Information Security within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO/IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally More ❯

of the Information Security Graduate: Assist with incidents and requests that are assigned to Information Security within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO/IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally More ❯

PureCyber combines both defensive & offensive cyber security, with expert governance & compliance consultancy - offering organisations a comprehensive service. Our all-in-one solution simplifies cyber security by providing 24/7 protection, proactive threat intelligence, expert consultancy, and real-world attack simulations - all from a single, trusted source. Our goal is to provide peace of mind to our clients, knowing they … are secured by a partner they can trust. The Governance, Risk and Compliance (GRC) team fulfil a broad role within the delivery of all PureCyber services; focusing on supporting customers to improve their approach to cyber security governance and supporting the organisation on multiple internal projects. Reporting to the Chief Information Risk Officer, this role plays a key part in … maximising the experience of PureCyber clients by guiding them through their cyber security journey and help to improve their assurance levels across multiple service lines. Key Responsibilities Lead on governance and compliance projects such as Cyber Essentials, IASME Cyber Assurance and ISO27001. Schedule and co-ordinate GRC engagements with the wider team and ensure timely and accurate delivery of projects. More ❯

Information Security Analyst - 6-Month FTC Governance, Risk and Compliance Location: London/Hybrid Contract Type: Fixed Term (6 months) Salary: Competitive A global professional services firm is seeking a proactive Information Security Analyst to support the delivery of robust security and privacy policies across its global operation. This role is ideal for someone with hands-on experience in information More ❯

various tools and activities. Manage and improve Three's Security Exception process. Work effectively with Enterprise risk and compliance functions to escalate enterprise-level Technology and Security risks. Operate GRC tools for Risk Management to record, track, and monitor risks and controls. Support ongoing education and awareness activities related to Security policies, Risk management frameworks, and governance across the company. More ❯

critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport, or smart cities is highly More ❯

critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport, or smart cities is highly More ❯