24 of 24 GRC Jobs in the City of London

Security Risk Analyst 6-month contract London/Remote Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you … risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO (phone number removed , and compliance More ❯

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform £70–80k base + 10% bonus Hybrid in London Training budget for certifications + conference attendance Strong emphasis on professional autonomy and ethical leadership A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of … required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans Mentorship ability … ready to step up, guide analysts, and model high-integrity InfoSec practice What you’ll be doing: GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays Security awareness & training: manage phishing simulations and content using Proofpoint Security architecture reviews: support More ❯

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform £70–80k base + 10% bonus Hybrid in London Training budget for certifications + conference attendance Strong emphasis on professional autonomy and ethical leadership A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of … required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans Mentorship ability … ready to step up, guide analysts, and model high-integrity InfoSec practice What you’ll be doing: GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays Security awareness & training: manage phishing simulations and content using Proofpoint Security architecture reviews: support More ❯

We are seeking a detail-oriented and proactive SaaS GRC Specialist to strengthen our Governance, Risk, and Compliance framework as we scale our SaaS operations. In this role, you will ensure that our business processes, security controls, and regulatory obligations are consistently met. You will work across multiple teams—security, legal, product, and operations—helping us maintain trust with customers … and regulators while supporting business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … IT teams to embed compliance into day-to-day operations. Prepare and support external audits, certifications, and customer due diligence requests. Deliver GRC training and awareness sessions to employees across the business. Track regulatory changes and advise leadership on potential business impacts. Requirements Bachelor’s degree in Information Security, Business, Compliance, or related field. 2+ years of experience in GRC More ❯

We are seeking a detail-oriented and proactive SaaS GRC Specialist to strengthen our Governance, Risk, and Compliance framework as we scale our SaaS operations. In this role, you will ensure that our business processes, security controls, and regulatory obligations are consistently met. You will work across multiple teams—security, legal, product, and operations—helping us maintain trust with customers … and regulators while supporting business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … IT teams to embed compliance into day-to-day operations. Prepare and support external audits, certifications, and customer due diligence requests. Deliver GRC training and awareness sessions to employees across the business. Track regulatory changes and advise leadership on potential business impacts. Requirements Bachelor’s degree in Information Security, Business, Compliance, or related field. 2+ years of experience in GRC More ❯

I’m currently working with a business that is looking to hire a Group Cyber GRC Manager. This is a fantastic opportunity to take ownership of a global cyber GRC function, shaping strategy and driving maturity across a complex, multinational environment. The Role Define and deliver the strategic roadmap for global Cyber GRC. Lead and develop a high-performing team … data-driven insights and dashboards for senior stakeholders. Champion a strong security culture and continuous improvement mindset. What they are looking for: Proven success leading high-performing security or GRC teams. Expertise in cyber risk management, frameworks, and assurance. Strong stakeholder engagement and communication skills. Experience in large, federated, and complex global organisations would be particularly valuable. Certifications such as More ❯

I’m currently working with a business that is looking to hire a Group Cyber GRC Manager. This is a fantastic opportunity to take ownership of a global cyber GRC function, shaping strategy and driving maturity across a complex, multinational environment. The Role Define and deliver the strategic roadmap for global Cyber GRC. Lead and develop a high-performing team … data-driven insights and dashboards for senior stakeholders. Champion a strong security culture and continuous improvement mindset. What they are looking for: Proven success leading high-performing security or GRC teams. Expertise in cyber risk management, frameworks, and assurance. Strong stakeholder engagement and communication skills. Experience in large, federated, and complex global organisations would be particularly valuable. Certifications such as More ❯

Main Purpose: To act as a Subject Matter Expert (SME) in AI and Digital Resilience within Financial Services, delivering advisory and managed services across risk modelling, fraud detection, AI governance, compliance, and operational resilience. Key Responsibilities: AI in Financial Services Design and implement AI-driven solutions for risk modelling, financial fraud detection, AI governance, and regulatory compliance. Advise clients on … responsible AI adoption, model validation, and regulatory obligations. Support AI governance frameworks ensuring ethical, explainable, and compliant use of AI across financial services. Digital Operational Resilience (DORA) Deliver gap assessments, compliance roadmaps, and incident response readiness programmes aligned to the EU Digital Operational Resilience Act (DORA). Advise financial institutions on resilience testing, regulatory reporting, and ICT risk management. Support … Financial Services consulting or advisory roles. Strong understanding of AI applications in finance, particularly in fraud detection, credit risk, and regulatory compliance. Experience with AI governance frameworks, model risk management, and compliance standards. Knowledge of operational resilience frameworks, including DORA, PRA/FCA resilience requirements, or similar regulations. Track record of delivering gap assessments, resilience testing, and regulatory readiness programmes. More ❯

Main Purpose: To act as a Subject Matter Expert (SME) in AI and Digital Resilience within Financial Services, delivering advisory and managed services across risk modelling, fraud detection, AI governance, compliance, and operational resilience. Key Responsibilities: AI in Financial Services Design and implement AI-driven solutions for risk modelling, financial fraud detection, AI governance, and regulatory compliance. Advise clients on … responsible AI adoption, model validation, and regulatory obligations. Support AI governance frameworks ensuring ethical, explainable, and compliant use of AI across financial services. Digital Operational Resilience (DORA) Deliver gap assessments, compliance roadmaps, and incident response readiness programmes aligned to the EU Digital Operational Resilience Act (DORA). Advise financial institutions on resilience testing, regulatory reporting, and ICT risk management. Support … Financial Services consulting or advisory roles. Strong understanding of AI applications in finance, particularly in fraud detection, credit risk, and regulatory compliance. Experience with AI governance frameworks, model risk management, and compliance standards. Knowledge of operational resilience frameworks, including DORA, PRA/FCA resilience requirements, or similar regulations. Track record of delivering gap assessments, resilience testing, and regulatory readiness programmes. More ❯

Main Purpose: To act as a Subject Matter Expert (SME) in AI and Digital Resilience within Financial Services, delivering advisory and managed services across risk modelling, fraud detection, AI governance, compliance, and operational resilience. Key Responsibilities: AI in Financial Services Design and implement AI-driven solutions for risk modelling, financial fraud detection, AI governance, and regulatory compliance. Advise clients on … responsible AI adoption, model validation, and regulatory obligations. Support AI governance frameworks ensuring ethical, explainable, and compliant use of AI across financial services. Digital Operational Resilience (DORA) Deliver gap assessments, compliance roadmaps, and incident response readiness programmes aligned to the EU Digital Operational Resilience Act (DORA). Advise financial institutions on resilience testing, regulatory reporting, and ICT risk management. Support … Financial Services consulting or advisory roles. Strong understanding of AI applications in finance, particularly in fraud detection, credit risk, and regulatory compliance. Experience with AI governance frameworks, model risk management, and compliance standards. Knowledge of operational resilience frameworks, including DORA, PRA/FCA resilience requirements, or similar regulations. Track record of delivering gap assessments, resilience testing, and regulatory readiness programmes. More ❯

Are you a seasoned SAP Security and GRC expert ready to lead transformative ERP engagements across diverse industries? We're partnering with a leading consultancy to find a Senior Manager who will spearhead SAP S/4 HANA security and access management initiatives, driving innovation and compliance in financial transformation programmes. About the Role As a Senior Manager, you'll … ownership of SAP Security architecture and implementation, leading teams through complex ERP transformations. You'll work closely with senior stakeholders to assess risks, define strategy, and deliver robust access governance solutions across SAP and non-SAP platforms. Key Responsibilities Lead SAP Security and GRC strategy development and implementation. Oversee access management policies, user provisioning, and SoD controls. Manage greenfield SAP … Deep knowledge of S/4 HANA, BW/4 HANA, SAP Analytics Cloud, SAP Access Controls, IAG, BTP, and cloud apps like SuccessFactors, Ariba, and Concur. Expertise in GRC tools such as Saviynt, SailPoint, Pathlock. Strong understanding of SOX, GDPR, and other regulatory frameworks. Excellent project management and communication skills. Professional certifications (e.g., SAP Access Control 12.0, CISSP, CISM More ❯

level technical design. Platform Strategy & Roadmapping: Develop and articulate ServiceNow platform strategies and roadmaps, identifying opportunities for leveraging out-of-the-box capabilities, integrations, and strategic customizations. Technical Advisory & Governance: Act as a subject matter expert and technical advisor to clients and internal teams, providing guidance on platform capabilities, performance optimization, security, and scalability. Establish technical governance to ensure solution … and implement end-to-end ServiceNow solutions across multiple modules. Deep understanding of the ServiceNow platform architecture, data model, and security framework. Expertise in ServiceNow best practices, including platform governance, performance optimization, and security hardening. Proven experience with large-scale ServiceNow implementations and complex integrations. Strong analytical and problem-solving skills with the ability to articulate complex technical concepts to … both technical and non-technical audiences. Experience with Agile development methodologies. Relevant ServiceNow certifications (e.g., Certified Master Architect, Certified Technical Architect, Certified Application Developer, Certified System Administrator). ServiceNow GRC & SecOps More ❯

level technical design. Platform Strategy & Roadmapping: Develop and articulate ServiceNow platform strategies and roadmaps, identifying opportunities for leveraging out-of-the-box capabilities, integrations, and strategic customizations. Technical Advisory & Governance: Act as a subject matter expert and technical advisor to clients and internal teams, providing guidance on platform capabilities, performance optimization, security, and scalability. Establish technical governance to ensure solution … and implement end-to-end ServiceNow solutions across multiple modules. Deep understanding of the ServiceNow platform architecture, data model, and security framework. Expertise in ServiceNow best practices, including platform governance, performance optimization, and security hardening. Proven experience with large-scale ServiceNow implementations and complex integrations. Strong analytical and problem-solving skills with the ability to articulate complex technical concepts to … both technical and non-technical audiences. Experience with Agile development methodologies. Relevant ServiceNow certifications (e.g., Certified Master Architect, Certified Technical Architect, Certified Application Developer, Certified System Administrator). ServiceNow GRC & SecOps More ❯

processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous control monitoring. Create & execute test plans and participate in client UAT & production migration Manage GRC Use-stories in agile team and lead the iterations from delivery perspective Understand Observables, Indicators of Compromise (IOC) and IoC Look Ups Good to have experience with configuring and implementing … Service-Now GRC Applications/Modules with working knowledge of its built-in capabilities including Plug-ins, Workflows, UI elements, tables, dictionaries, integrations and dependencies. Experience of working on Scripting in ServiceNow. Skills Certified ServiceNow IRM/SecOps administrator/consultant (this is mandatory) Must have concluded at least 1 lifecycle of ServiceNow IRM/SecOps implementation. Experience in JavaScript … API, Web Services Working knowledge of Vulnerability Mgmt. process & tools ISO/CISA/CISM/CISSP/CRICS (preferred) PLATFORM/TOOL EXPERTISE ServiceNow GRC & SecOps More ❯

processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous control monitoring. Create & execute test plans and participate in client UAT & production migration Manage GRC Use-stories in agile team and lead the iterations from delivery perspective Understand Observables, Indicators of Compromise (IOC) and IoC Look Ups Good to have experience with configuring and implementing … Service-Now GRC Applications/Modules with working knowledge of its built-in capabilities including Plug-ins, Workflows, UI elements, tables, dictionaries, integrations and dependencies. Experience of working on Scripting in ServiceNow. Skills Certified ServiceNow IRM/SecOps administrator/consultant (this is mandatory) Must have concluded at least 1 lifecycle of ServiceNow IRM/SecOps implementation. Experience in JavaScript … API, Web Services Working knowledge of Vulnerability Mgmt. process & tools ISO/CISA/CISM/CISSP/CRICS (preferred) PLATFORM/TOOL EXPERTISE ServiceNow GRC & SecOps More ❯

and internal policies across multiple jurisdictions. You will implement compliance programs, monitor adherence, provide risk-based legal advice, and help shape a compliance-focused culture. Key Accountabilities: Compliance and Governance Ensure the organisation adheres to corporate governance standards, codes of conduct and relevant laws across all jurisdictions. Monitor regulatory developments and interpret their relevance and impact on the business, providing … not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and manage internal reporting mechanisms by liaising with internal Global Risk and Compliance (GRC) function. Global Regulatory Compliance Ensure compliance with international legal and regulatory frameworks (e.g. GDPR, FCPA, local employment laws). Liaise with external counsel where jurisdiction-specific advice is needed with More ❯

and internal policies across multiple jurisdictions. You will implement compliance programs, monitor adherence, provide risk-based legal advice, and help shape a compliance-focused culture. Key Accountabilities: Compliance and Governance Ensure the organisation adheres to corporate governance standards, codes of conduct and relevant laws across all jurisdictions. Monitor regulatory developments and interpret their relevance and impact on the business, providing … not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and manage internal reporting mechanisms by liaising with internal Global Risk and Compliance (GRC) function. Global Regulatory Compliance Ensure compliance with international legal and regulatory frameworks (e.g. GDPR, FCPA, local employment laws). Liaise with external counsel where jurisdiction-specific advice is needed with More ❯

ServiceNow Technical Consultant - IRM/GRC - Boutique Consultancy - Remote, UK. Up to £85,000. I am currently working with a ServiceNow partner in the UK, a boutique consultancy known for delivering exceptional client experiences and driving transformative success through the ServiceNow platform, enhanced by cutting-edge AI technologies. As an IRM/GRC Technical Consultant, you’ll work closely with … clients to design, implement, and optimise risk and compliance frameworks using leading technologies. Your role will include: Leading technical implementations of GRC platforms (e.g., ServiceNow IRM, RSA Archer, MetricStream, etc.) Translating business requirements into technical solutions Advising clients on best practices in risk management, controls, and compliance Supporting pre-sales activities and contributing to solution design Supporting customer workshops and … running project demonstrations, using the ServiceNow platform. What They're Looking For: Proven experience in IRM or GRC platform implementation and configuration. Technical proficiency in scripting, integrations, and data modelling Excellent communication and stakeholder management skills A proactive, client-focused mindset with a passion for problem-solving They offer a dynamic, supportive team culture with opportunities for rapid career progression. More ❯

from security gap assessments to crisis simulations, risk frameworks, and technical reviews. Support the development and delivery of both technical (e.g. M365/cloud config reviews, vulnerability assessments) and GRC engagements. Help shape and evolve our cyber propositions , working closely with delivery leads across managed services, threat intel, and MDR. Scope and define client engagements with a clear focus on … deep domain knowledge, consulting experience, and the leadership skills to inspire others. You should have: A track record of consulting and delivering a wide range of cyber engagements — both GRC and technical. Strong understanding of frameworks like NIST, ISO 27001, CIS, and a pragmatic view on applying them. Familiarity with technical tooling for assessments, vulnerability analysis, and cloud reviews (you More ❯

from security gap assessments to crisis simulations, risk frameworks, and technical reviews. Support the development and delivery of both technical (e.g. M365/cloud config reviews, vulnerability assessments) and GRC engagements. Help shape and evolve our cyber propositions , working closely with delivery leads across managed services, threat intel, and MDR. Scope and define client engagements with a clear focus on … deep domain knowledge, consulting experience, and the leadership skills to inspire others. You should have: A track record of consulting and delivering a wide range of cyber engagements — both GRC and technical. Strong understanding of frameworks like NIST, ISO 27001, CIS, and a pragmatic view on applying them. Familiarity with technical tooling for assessments, vulnerability analysis, and cloud reviews (you More ❯

research reports. Understanding of priorities of the chief risk officer including enterprise risk management, integrated risk management, third-party risk management, ESG risk and reputational risk. Deep understanding of Governance, Risk, and Compliance (GRC) software and other risk focused technologies. Additional benefits we offer... Competitive salary (with annual review) Performance-driven quarterly bonus scheme Pension with enhanced employer contribution Generous More ❯

and serving as a key member of the Senior Leadership Team , the COO will play a pivotal role in driving operational excellence, delivering outstanding client service, and ensuring robust governance and compliance across domestic and international operations. This is a rare opportunity to define the future of a fast-evolving, growth-focused financial institution— delivering scalable, resilient, and client-centric … critical third-party and outsourced service providers, ensuring seamless service delivery and adherence to SLAs. Design and optimise processes for operational efficiency, quality, control, and regulatory compliance. Ensure rigorous governance of all outsourcing arrangements, including performance monitoring, contract compliance, and regulatory obligations. Financial Crime Risk Management As first-line owner of financial crime risk management and controls, the COO will … vendors. Anti-Fraud Controls: Implement and oversee fraud detection and prevention frameworks across all customer channels. Surveillance: Monitor for market abuse and misconduct through robust communications and trade surveillance. Governance & MI: Deliver actionable financial crime metrics, ensure first-line ownership of controls, and provide insight into emerging risks. Policy Implementation & Training: Ensure operational teams are trained and aligned with current More ❯

and serving as a key member of the Senior Leadership Team , the COO will play a pivotal role in driving operational excellence, delivering outstanding client service, and ensuring robust governance and compliance across domestic and international operations. This is a rare opportunity to define the future of a fast-evolving, growth-focused financial institution— delivering scalable, resilient, and client-centric … critical third-party and outsourced service providers, ensuring seamless service delivery and adherence to SLAs. Design and optimise processes for operational efficiency, quality, control, and regulatory compliance. Ensure rigorous governance of all outsourcing arrangements, including performance monitoring, contract compliance, and regulatory obligations. Financial Crime Risk Management As first-line owner of financial crime risk management and controls, the COO will … vendors. Anti-Fraud Controls: Implement and oversee fraud detection and prevention frameworks across all customer channels. Surveillance: Monitor for market abuse and misconduct through robust communications and trade surveillance. Governance & MI: Deliver actionable financial crime metrics, ensure first-line ownership of controls, and provide insight into emerging risks. Policy Implementation & Training: Ensure operational teams are trained and aligned with current More ❯

leading global commodity trading firm, is seeking a Senior Project Manager to drive business integration. This role sits at the heart of change and transformation, with a focus on governance, risk, finance, compliance, and cost control, rather than trading systems. What You’ll Do: Lead end-to-end integration projects across middle and back office functions. Establish PMO-driven governance More ❯