1 to 25 of 30 GRC Jobs in the South East

Are you a governance leader who thrives at the intersection of information security, compliance, and organisational resilience? We're looking for an experienced Senior Security Governance Manager to drive our Information Governance, Cyber Security, and Quality frameworks to new heights. This is a high-impact role where you'll shape the strategic direction of security governance across the business, ensuring … compliance with UK, NHS, and international regulations - while empowering teams to work securely and confidently in a complex digital environment. What You'll Be Responsible For Information Governance Develop and execute the organisation's Information Governance (IG) strategy in line with UK, NHS, and international data protection frameworks. Maintain governance policies and key artefacts such as DPIAs, Data Processing Agreements … and support independent audit processes. Monitor compliance across business units and lead corrective actions where required. Cyber Security Lead the implementation and maintenance of Cyber Security policies, ensuring robust governance across all business areas. Manage the ISO 27001 certification lifecycle - including audits, remediation, and recertification. Collaborate with technical and product teams to embed security standards and oversee incident response procedures. More ❯

packaging solutions, paper products and recycling services in more than 30 different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and … risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T GRC scope, delegated and assigned by the Head of I&T GRC. Key Accountabilities Engage with More ❯

risk management, and vulnerability identification. Certifications: ISO 27001 Lead Implementer/Auditor, CISSP, CISM (highly desirable). Skills: Excellent communication, documentation, and project management abilities. Preferred Extras Familiarity with GRC tools and ISMS platforms. Ability to work independently and manage multiple priorities. Strong problem-solving skills in a fast-paced environment. Your expertise will keep us secure, compliant, and ahead More ❯

such as CISSP, CISM or CISA Knowledge of security standards and good practice Understanding of cloud, access control and networking Strong communication and customer facing skills Good knowledge of governance, risk and compliance Ability to manage workload and meet deadlines Desirable Skills UK Cyber Security Council registration Knowledge of HMG or MoD security policy Secure by Design experience Experience with More ❯

frameworks, policies, and regulatory requirements. Collaborate with IT, Risk, Compliance, and project teams to deliver practical, client-focused security advice. What they're looking for: Strong technical security and GRC experience. Experience in project delivery and stakeholder engagement (not hands-off). Knowledge of ISO 27001, NIST, or similar frameworks. Excellent communication, analytical, and problem-solving skills. Contract Details: Location More ❯

e.g., Gemini, Microsoft Copilot, OpenAI, Anthropic) and their practical constraints. Experience building AI roadmaps that align business functions (Marketing, Sales, Customer Service, Operations, Digital, Risk). Knowledge of AI governance, risk, compliance, and responsible AI frameworks relevant to FS environments. Exposure to AI delivery teams, including MLOps, data engineering, AI consulting, or agent-development teams. Ability to translate complex technical More ❯

and implementing secure cloud solutions. Strong understanding of application and infrastructure architecture. Background in network and web application security (OSI, TCP/IP, OWASP, PKI, TLS). Knowledge of governance, risk, and compliance practices. Relevant certifications (OSCP, CREST, TIGER, etc.) are beneficial. Benefits Include: Up to £120,000 base salary + performance bonus Healthcare and dental insurance Pension scheme Minimum More ❯

and implementing secure cloud solutions. Strong understanding of application and infrastructure architecture. Background in network and web application security (OSI, TCP/IP, OWASP, PKI, TLS). Knowledge of governance, risk, and compliance practices. Relevant certifications (OSCP, CREST, TIGER, etc.) are beneficial. Benefits Include: Up to £120,000 base salary + performance bonus Healthcare and dental insurance Pension scheme Minimum More ❯

of regulatory frameworks, compliance, and technology standards. Proven ability to influence stakeholders and manage risk appetite decisions. Experience managing audits and large-scale risk assessments. Desirable Qualifications: Familiarity with GRC tools and data analytics. Professional certifications (e.g., CRMP, CIA). Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy. More ❯

and flexibility to support the demands of a FTSE 100 business.Supporting Head of Information Security Architecture and Assurance as well as working closely with key stakeholders including Head of Governance, Risk and Compliance, Digital Security, IT and business teams you will focus on core areas such as risk management and security due-diligence reviews ensuring compliance with legal, regulatory and More ❯

driving the implementation of controls, monitoring, and documentation for compliance readiness. Key Requirements Proven experience in s ecurity engineering and compliance delivery Deep understanding of SOC 2, ISO 27001, GRC frameworks and audit processes Hands-on experience integrating cybersecurity tools and platforms such as Crowdstrike, Vanta, Rapid7 Strong adherence to Azure security best practices Knowledge of TX-RAMP and FedRAMP More ❯

Cyber Security GRC Consultant (DV Cleared) Location: Hybrid/Southeast Region - on-site presence required Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate with multi-disciplinary More ❯

strategic senior leader to oversee our Cyber Engineering, Identity & Access Management (IAM), and Data Loss Prevention (DLP) functions. This role will be responsible for driving the design, delivery, and governance of enterprise-wide security engineering solutions, while ensuring secure, scalable, and resilient identity and data protection services. The ideal candidate will combine deep technical expertise with strong leadership skills to … automation, orchestration, and advanced analytics to improve detection, response, and resiliency. Identity & Access Management Own enterprise-wide IAM strategy, including workforce and customer identity, privileged access management (PAM), identity governance and administration (IGA), and multi-factor authentication (MFA). Lead initiatives to modernize and integrate IAM platforms to support cloud adoption, Zero Trust, and frictionless user experiences. Partner with business … to prevent unauthorized data exfiltration, insider threats, and regulatory breaches. Implement monitoring, classification, and enforcement mechanisms that balance data protection with business enablement. Partner with business, compliance, and data governance teams to align DLP strategy with General Data Protection Regulation, Financial Conduct Authority, Prudential Regulation Authority, Sarbanes-Oxley, and other global data protection requirements. Provide executive and Board-level reporting More ❯

Step into a pivotal role at the forefront of cyber security, driving impact for our client base! Were looking for an experienced Governance, Risk & Compliance Manager to join our dynamic team. This is your opportunity to take a leading role in shaping and delivering robust security strategies that protect our clients and strengthen their resilience against evolving cyber threats. As … our new GRC Manager, you will be the driving force behind the implementation of our Information Security Management System (ISMS) for assigned clients. Your expertise will help organisations understand their security challenges and enable them to enhance their security posture. Youll lead from the front, fostering a culture of compliance and risk awareness across Sopra Steria, while delivering tangible value … client Security Working Group meetings and stakeholder sessions. Ensure audit readiness and support internal/external audits. Drive continuous improvement initiatives within Sopra Sterias security function. What youll bring: GRC/Operational Security Manager experience with solid understanding and experience with security policies and standards Technical proficiency and knowledge across the spectrum of information security solutions and operations Knowledge of More ❯

GRC Consultant - MOD DV Location: Farnborough or Cambridgeshire Type: Hybrid (3 days on-site) IR Status: Inside Rate: £500 - £600 Lenghth: Initial 6 months, scope for extension Must have Active MOD DV Clearance In this role, you'll be: Providing the Secure by Design risk and security assurance function within MOD as part of a managed service. Have an excellent More ❯

skills, experience + tasks will include: ServiceNow Architect with TSOM (Telecoms Service Operations Management) implementation projects. Design + implementation of ServiceNow modules including: TSOM, ITSM, ITOM, ITAM, HRSD, CSM, GRC, SecOps + custom applications. Designing + implementing CMDB and Discovery. Proven expertise in ServiceNow integrations involving: REST, SOAP, APIs, and MID Servers. ServiceNow scripting (JavaScript, Glide, Flow Designer) and ServiceNow More ❯

good understanding of security frameworks and regulatory requirements. In addition, this role requires you to have experience of Information Security. The role will report directly to the Head of Governance, Risk and Compliance, with whom you will work to deliver the goals of the company to have a fit-for-purpose security standards framework. This is a role that requires … Align all standards with applicable regulatory requirements and frameworks (e.g., ISO 27001, GDPR, NIS-R). Review and update standards regularly in response to emerging threats and regulatory changes. Governance & Compliance: Oversee the exception management framework, including reporting, approvals and reviews prior to expiry. Monitor compliance with security policies and standards across digital and business teams. Act as the primary … regulations, technologies and industry best practices to ensure standards remain current and effective. What you should bring to the role: Essential Experience: Experience in information security or a related governance role. Experience applying security frameworks and regulatory requirements (CIS, GDPR, NIS-R). Experience collaborating across multiple business areas and functional teams. Proven ability to work independently, with strong stakeholder More ❯

Working Our client are seeking an experienced Information Security Analyst to provide immediate support to the Information Security team. This role is a hybrid of technical security analysis and governance, risk, and compliance (GRC)activities. The successful candidate will play a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident … This is a hands-on delivery role for someone who can work independently, make sound judgements, and communicate clearly with both technical and non-technical stakeholders. Key Responsibilities Security Governance & Risk Technical Security Oversight Supplier and Third-Party Security Assurance Advisory and Awareness Desirable Relevant certifications such as CISSP, CISM, CRISC, CEH, CompTIA Security+, or equivalent experience. Experience working in More ❯

and applications attestation. This is a hands-on role with a strong emphasis on stakeholder engagement. Your New Role: Support the Global ICA Manager and vendor in shaping the governance and managing the attestation process within ServiceNow IRM, ensuring critical applications meet compliance requirements. Review and validate system outputs, challenging discrepancies between expected and actual results, and escalating for further … support where appropriate. Create and maintain risks and issue trackers, extract/upload data to GRC tools, produce divisional IT risk dashboards, and prepare reporting packs for senior stakeholders. Deliver actionable insights through Power BI and advanced Excel reporting for ICA and Application Attestation activities. Act as a subject matter expert, collaborating with third-party vendors on solution design and … federated structures like QBE’s operating model. Working knowledge of NIST, ISO, COBIT and other risk management frameworks Advanced Excel (including VBA), Power BI, and SharePoint proficiency; experience with GRC tools such as Archer for data extraction and reporting. Skilled in presenting to senior leadership and translating insights into clear, meaningful narratives. Comfortable working in ambiguity, managing multiple priorities, and More ❯

purpose We are seeking an experienced Senior Information Security Analyst to provide immediate support to the Information Security team. This role is a hybrid of technical security analysis and governance, risk, and compliance (GRC)activities. The successful candidate will play a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident More ❯

month contract – London/Remote My Customer is seeking an experienced Senior Security Consultant to take a leading role in the end-to-end (Design, implementation) delivery of Governance, Risk & Compliance (GRC) and IT simplification initiatives. The Senior Security Consultant would be working at the heart of major programmes – including designing and implementing Security frameworks around cloud (Azure) migrations, AI … to delivery. Strong background designing and creating security audit preparation and coordination. Proven ability influencing and communicating with stakeholders at all levels. Hands-on experience designing and supporting ISMS governance and security implementation across large programmes of work. Practical experience creating and conducting risk assessments, including project risk and third-party/vendor risk. Solid understanding of security frameworks and More ❯

governance. Required Skills: Proven experience in business/systems analysis, especially in banking, procurement, or third-party risk management. Strong background in implementing SaaS platforms, ideally ProcessUnity or similar GRC/TPRM tools. Familiarity with SaaS and cloud-based applications (Azure/AWS). Excellent understanding of technical and non-functional requirements like performance, security, and scalability. Experience in interface … specification and integration design, including APIs and data mapping. Outstanding stakeholder management and communication skills. Preferred Skills: Knowledge of GRC platforms and third-party risk workflows. Experience with procurement systems (e.g., Coupa, Ariba, SAP). Proficiency in JIRA, Confluence, Visio, and SQL. Exposure to Agile and Waterfall methodologies. Education: Bachelor's degree in Information Systems, Business Administration, Supply Chain Management More ❯

investigations Maximise the effectiveness of Microsoft Defender, Intune, and Purview Promote cyber awareness and best practice across the organisation Collaborate with the Information Security Manager and Compliance Team on GRC activity Stay ahead of emerging threats, vulnerabilities, and industry trends Identify opportunities to improve security tooling, processes, and controls Skills & Experience Needed Microsoft 365 Defender/Security Portal (endpoint and … identity protection) Microsoft Purview (data governance and compliance, including Compliance Portal) Proven hands-on experience remediating vulnerabilities and applying patches in a live environment A strong understanding of cybersecurity principles and threat landscapes Experience with endpoint, network, and identity security within Microsoft ecosystems. Strong troubleshooting and analytical skills Effective communication and collaboration across technical and non-technical teams Relevant certifications More ❯

independent managed services provider. Your day-to-day responsibilities will centre around coordinating diverse teams of technical experts, managing budgets with precision, facilitating transparent stakeholder communications, and upholding rigorous governance standards. You will play an integral role in identifying risks early on and ensuring robust documentation is maintained throughout each project phase. By fostering an environment built on inclusive collaboration … throughout the project lifecycle. Facilitate stakeholder engagement by organising meetings, preparing presentations, and communicating progress updates in a clear and considerate manner. Maintain comprehensive project documentation including risk registers, governance reports, technical handover materials, and lessons learned logs for future reference. Identify potential risks early in the project lifecycle by conducting thorough assessments and implementing mitigation strategies collaboratively with relevant … at all levels. You will possess deep technical knowledge of MSP product offerings combined with strong organisational capabilities that allow you to juggle competing priorities efficiently. Your familiarity with governance frameworks ensures that all aspects of risk management and documentation are handled responsibly. By demonstrating empathy in your interactions-whether mentoring junior staff or collaborating on problem-solving-you will More ❯

leading IT Services and Consulting firm as a Cyber Security Assurance Manager to ensure their SOC meets and maintains top security certifications and assurance standards. As part of the GRC function, you’ll lead customer assurance activities, manage external audits, and oversee key certifications such as ISO 27001, SOC2 Type II, Cyber Essentials Plus, and CREST SOC accreditation. Key Responsibilities … maintenance of key SOC-related certifications including SOC 2 Type II, SOC 3, ISO/IEC 27001, Cyber Essentials Plus, and CREST. Embed certification requirements into the SOC’s governance, processes, and operational practices. Act as primary contact for customer assurance activities relating to SOC services. Support client RFIs, RFPs, and audit requests with accurate certification evidence and security documentation. More ❯