3 of 3 GRC Jobs in the East of England

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

digital risk frameworks, methodologies, and compliance requirements. Ability to interpret IT Risk regulatory requirements and translate them into actionable sales opportunities. Proficiency in risk management tools and platforms (e.g. GRC platforms), ideally with experience in implementing and/or optimizing these solutions. Proven strategic experience in leading risk assessments and developing and implementing risk mitigation strategies. Strong analytical and problem … Exceptional communication and presentation skills for executive reporting, stakeholder engagement, and internal team leadership. To qualify for the role you should have Extensive experience in digital risk management, IT governance, cybersecurity, or related fields; experience with AI would be an additional advantage. Professional certifications such as CISA, CISSP, or equivalent (preferred but not mandatory). Significant expertise in risk management More ❯

This includes ensuring necessary evidence is available and that audit findings or improvement areas are integrated into business-as-usual processes to mitigate associated risks. Acting as secretariat for Governance Committees, compiling relevant information and metrics, and contributing to the preparation of governance reports and documentation. Promoting a strong security culture by delivering ongoing training and awareness programs focused on … current and emerging threats. Core Experience, Qualifications, and Skills This role is ideal for an individual with a strong background particularly experienced in leading all facets of Governance, Risk, and Compliance (GRC). The ideal candidate will have: A solid understanding of Information Security principles, including relevant concepts, standards, frameworks, and technologies Good knowledge of UK Data Protection legislation and … its underlying principles Experience in managing security governance and compliance obligations (e.g., DPA, PCI-DSS, ISO 27001) The ability to work independently with minimal supervision, as well as effectively contribute to larger, more complex project teams Strong communication skills, with the ability to explain technical, complex, or sensitive issues and risks to a diverse audience and align them with broader More ❯