5 of 5 GRC Jobs in the East Midlands

to Incident Response where needed. There will also be opportunities to define and lead other areas of cyber security. What youll be doing Lead and deliver client engagements across governance, risk and compliance (GRC), including audits, assessments and improvement plans aligned to frameworks such as ISO/IEC 27001, NCSC CAF, and PCI DSS. Lead independent assurance, review and test … Chartered status (or demonstrable readiness to achieve this in the near term). Significant experience in cyber security consulting or assurance, ideally within the public sector. Deep knowledge of GRC frameworks and standards (e.g. CAF, ISO/IEC 27001, PCI DSS).Strong client-facing skills, able to communicate complex issues clearly to technical and non-technical audiences. Proven track record … and influencing decision-making. Excellent written and verbal communication, including the ability to produce polished consultancy reports. Desirable certifications: ISO 27001 Lead Auditor/Implementer, CISSP, CISM, CRISC, CCP (GRC), or equivalent. Driving license and willingness to travel to client sites across the UK as required. Why join 4C Strategies? Work with a growing cyber team in a respected consultancy More ❯

provide regular updates to senior partners. You will manage responsibilities (including implementation) related to ISO27001, Cyber Essentials/Plus, SOC2 accreditations. You will also support audit readiness, collaborate with governance and risk teams, and integrate compliance findings into policy documentation. This is a hybrid, Nottingham-based role reporting to the Regional Head of Client Security Assurance Summary of Primary Responsibilities … and redlining, with a preference for UK&I and EU regulatory experience Provide regular accreditation status updates to senior partners Participate in SOC 2-related discussions with teams Oversee governance-related trackers and calls, including risk and issue reviews Support audit readiness and post-audit remediation activities Collaborate with governance, compliance, and risk management teams Partner with policy and standards More ❯

Games Workshop has an exciting new opportunity for an Information Security Analyst focusing on Governance, Risk and Compliance to work in our high performing IT team. We are looking for someone enthusiastic about delivering an efficient and effective IT Solution, using their skills day in and day out to make Games Workshop even better Working collaboratively with the Head of … information. The ideal candidate will use data and logical reasoning to evaluate risks to develop recommendations and drive improvements independently and understand ISO 27001:2022, NIST CSF2.0 or similar governance frameworks. If you are an individual with an understanding of information security and risk management principles and keen to champion a culture of embedding security principles across Games Workshop, apply More ❯

Information Security Analyst Contract Northampton Hybrid My client is looking for an Information Security Analyst/GRC Analyst to be a part of their growing security team. Policy and process is already in place, so you ll play a key role in managing Subject Access Requests (SARs), Right to Be Forgotten (RTBF) requests, and ensuring the organisation maintains the highest … to Subject Access Requests (SARs) in accordance with GDPR timelines and procedures. Oversee Right to Be Forgotten and data deletion requests, ensuring complete and compliant execution. Support the wider GRC and Information Security team in data protection and risk management activities. Help maintain the Information Security Management System (ISMS). Maintain accurate records of all data protection requests and actions … GDPR compliance and data subject rights. Liaise with internal teams and stakeholders to ensure consistent adherence to data protection principles. Information Security Analyst Experience/Technology: Proven experience in GRC and Information security. Extensive expertise of GDPR, SAR, and Right to Be Forgotten requirements. Experience running user awareness campaigns. Hands-on experience with Microsoft Purview or other data discovery and More ❯

Information Security Analyst | Contract | Northampton | Hybrid My client is looking for an Information Security Analyst/GRC Analyst to be a part of their growing security team. Policy and process is already in place, so you'll play a key role in managing Subject Access Requests (SARs), Right to Be Forgotten (RTBF) requests, and ensuring the organisation maintains the highest … to Subject Access Requests (SARs) in accordance with GDPR timelines and procedures. Oversee Right to Be Forgotten and data deletion requests, ensuring complete and compliant execution. Support the wider GRC and Information Security team in data protection and risk management activities. Help maintain the Information Security Management System (ISMS). Maintain accurate records of all data protection requests and actions … GDPR compliance and data subject rights. Liaise with internal teams and stakeholders to ensure consistent adherence to data protection principles. Information Security Analyst Experience/Technology: Proven experience in GRC and Information security. Extensive expertise of GDPR, SAR, and Right to Be Forgotten requirements. Experience running user awareness campaigns. Hands-on experience with Microsoft Purview or other data discovery and More ❯