technical background, including deep application security knowledge, and the ability to effectively communicate security risks and requirements across all levels of the business. Key Responsibilities Information Security Strategy andGovernance: Develop, implement, and maintain a comprehensive information security strategy aligned with business objectives andrisk tolerance. Establish and enforce information security policies, procedures, and standards in accordance with ISO27001, customer … United Kingdom 1 week ago London, England, United Kingdom 1 week ago London, England, United Kingdom 3 weeks ago London, England, United Kingdom 3 days ago Head of Information Governanceand Deputy DPO London, England, United Kingdom 6 days ago Chelmsford, England, United Kingdom 3 weeks ago London, England, United Kingdom 1 month ago Greater London, England, United Kingdom … week ago Head of Governance, RiskandCompliance - Info Sec - 12 Month FTC Business Development Executive - R10191330-2 London, England, United Kingdom 1 month ago London, England, United Kingdom 1 week ago London, England, United Kingdom 5 days ago London, England, United Kingdom 4 weeks ago London, England, United Kingdom 2 months ago Head of Security Architecture & Consultancy London, England More ❯
Reading, Berkshire, United Kingdom Hybrid / WFH Options
Deloitte LLP
you possess the following?: Proven related experience in cybersecurity riskmanagement in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards andrisk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯
Guildford, Surrey, United Kingdom Hybrid / WFH Options
Deloitte LLP
you possess the following?: Proven related experience in cybersecurity riskmanagement in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards andrisk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯
Reading, Berkshire, United Kingdom Hybrid / WFH Options
Thames Water Utilities Limited
implementation of data classification methodologies to ensure appropriate protection based on sensitivity and importance. The role will be based in Reading and will report directly to the Head of Governance, RiskandCompliance, working to deliver the company's goals for a fit-for-purpose critical asset and classification framework. This is a role that requires independence, a proactive approach … riskmanagement practices. Desirable Technical Skills & Qualifications: Industry Certifications: Certifications such as CISSP, CISM, or CISA. Key Relationships & Interactions: CISO direct reports: Security Operations Manager, Security Architecture Manager, Security Governance Manager, Cyber Security Programme Manager, Cyber Resilience Manager CIO and CIO Direct Reports: Operational Technology, Enterprise Architects, PMO and Programme Delivery, Business Change and Engagement Key Business Stakeholders Service Owners More ❯
Staines-upon-Thames, Middlesex, England, United Kingdom
Bupa UK
drive discussions with key stakeholders and suppliers to provide insights. Experience of third party assurance activities, either for supplier or customer assurance. Extensive knowledge of IT riskmanagement within GRC function, preferably processes, concepts, terminology and control frameworks e.g. ISACA, COBIT, ITIL. Certified in CISA or relevant certifications with one of the following: CISM, CISSP, equivalent experience. Strong knowledge of More ❯
such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports andMore ❯
Snelshall West, Milton Keynes, Buckinghamshire, England, United Kingdom
DS Smith
packaging solutions, paper products and recycling services in more than 30 different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, GovernanceandRisk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and … risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T GovernanceandRisk Lead you will have the responsibility of aspects of the I&T GRC scope, delegated and assigned by the Head of I&T GRC. Key Accountabilities Engage with More ❯
Winchester, Hampshire, United Kingdom Hybrid / WFH Options
Arqiva
Join our Cyber Security Team as a Governance, RiskandCompliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment with … wellness and employee assistance programmes, gymflex, buy and sell annual leave, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our Information Security Management System (ISMS) including policies, objectives, andrisk assessments Assist with internal audits and help prepare for external More ❯
of our Insurance clients on a 12-month contract. Inside IR35 Hybrid Responsibilities: Analyze large datasets to identify trends, anomalies, and emerging risks across technology and cyber domains. Support governanceandrisk forums with timely and accurate reporting on key risk indicators (KRIs), control effectiveness, and remediation progress. Develop and maintain dashboards and reports to visualize technology and cyber risk … general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using Power BI, Tableau, or similar tools). Familiarity with GRC platforms andrisk data management practices. Experience in a riskmanagement, IT audit, or cyber security role within a financial services or regulated environment. Qualifications: Educated to degree level or More ❯
knack for stakeholder engagement with 5-15 years' experience We're looking for multiple Cybersecurity Consultants, mid to manager level, with expertise in Identity and Access Management (IAM) andGovernance, Risk, andCompliance (GRC).SPONSORSHIP IS UNAVAILABLE - UK ONLY FOR 5 YEARS MINIMUM DUE TO CLEARANCEWhat You'll Do Advise enterprise clients on IAM andGRC strategies, frameworks, and implementations. … to both technical and non-technical stakeholders. Act as a trusted advisor in customer-facing engagements. What You Bring Proven experience with multiple cyber domains including IAM technologies andGRC frameworks (ISO 27001, NIST, GDPR). Strong stakeholder managementand interpersonal skills. Excellent communication skills - both written and verbal. Experience in customer-facing roles with technical and business advisory responsibilities. More ❯
broader enterprise technology goals. Cyber Security and IdAM Partner with Cyber Security stakeholders to design and implement secure authentication mechanisms (e.g., MFA, SSO). Drive the rollout of identity governance solutions and ensure integration with enterprise-wide access management systems. Ensure all programs comply with security best practices, regulatory requirements (e.g., GDPR), and internal security policies. Oversee change managementand … CISM, AWS Security Specialty, or Certified Identity and Access Manager (CIAM). Agile (Scrum Master, SAFe) and cloud (AWS Cloud Practitioner) certifications. Experience in security assessments, threat modeling, or governance/risk/compliance (GRC) tooling. Benefits Pension company contribution = 3% Incentive scheme up to 10% of annual salary , based on company performance. Your wellbeing is paramount so you can More ❯
such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports andMore ❯
london, south east england, united kingdom Hybrid / WFH Options
TALENT LEADERS LTD
Head of Cyber Governance, RiskandCompliance – (GRC) Media Leading exciting International Media Giant, with a reputation for innovation and excellence They urgently require a talented, dynamic, relationship building Head of Cyber Governance, RiskandCompliance (GRC) to play a pivotal role help them shape and move to the next stage of their evolution To be considered you will have … demonstrable experience in:: Developing, implementing, and maintaining the organisation's cyber governance, riskmanagement, andcompliance strategies (GRC) and frameworks across enterprise scale organisations Ensure compliance with all relevant laws, regulations, and standards related to information and cyber security. Lead regular risk assessments and audits to identify potential security threats and vulnerabilities. Running and maintaining the IT RiskManagement Framework. More ❯
large organisations on the latest cyber security challenges. Relevant certifications like M.Inst.ISP, CISSP, CISM, CISA, or an MSc in cyber security or related fields. Practical experience in cyber architecture, GRC, threat management, vulnerability management, and security reviews. Attention to detail and strong problem-solving skills. Excellent communication skills, including concise reporting and presentation creation. #J-18808-Ljbffr More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Precise Placements
Information Security Analyst - 6-Month FTC Governance, RiskandCompliance Location: London/Hybrid Contract Type: Fixed Term (6 months) Salary: Competitive A global professional services firm is seeking a proactive Information Security Analyst to support the delivery of robust security and privacy policies across its global operation. This role is ideal for someone with hands-on experience in information More ❯
various tools and activities. Manage and improve Three's Security Exception process. Work effectively with Enterprise riskandcompliance functions to escalate enterprise-level Technology and Security risks. Operate GRC tools for RiskManagement to record, track, and monitor risks and controls. Support ongoing education and awareness activities related to Security policies, Riskmanagement frameworks, andgovernance across the company. More ❯
such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports andMore ❯
United Kingdom 4 days ago London, England, United Kingdom 1 month ago London, England, United Kingdom 1 month ago London, England, United Kingdom 1 day ago Senior Director of Governance, Risk, Compliance & Privacy London, England, United Kingdom 2 weeks ago Assistant Director-Finance and Business Services Harlow, England, United Kingdom 6 months ago London, England, United Kingdom 1 day ago More ❯
Head of Technology Governance, Risk, andCompliance (GRC) Because your new ideas are our way new ways of working. Evolve, your way. The Head of Technology Governance, Risk, andCompliance (GRC) is a key leadership role within the Primark Tech, reporting to the Chief Technology Security & Risk Officer (CTSRO). The role is responsible for ensuring effective governance, compliance, managing … Primark is all about tailoring to you, we offer Tax Saver Tickets, fitness centre, and a subsidised cafeteria. What You'll Do as a Head of Technology Governance, Risk, andCompliance (GRC) We want you to feel challenged and inspired. Here, you'll develop your skills across a range of responsibilities: Provide general leadership, oversight, and development of technology governance … levels of the organization and influence decision making process. Proven record of accomplishment in driving change using positive influencing skills to modify opinions, plans and behaviours to adopt riskmanagementandcompliance practices. Strong project management skills to oversee the implementation of riskmanagement initiatives andcompliance programs. Ability to provide guidance and training to employees on technology riskandMore ❯
london (city of london), south east england, united kingdom
LSEG (London Stock Exchange Group)
Senior Analyst, Technology and Cyber Security GRC LSEG City Of London, England, United Kingdom Support the first line Technology & Cyber Issue, Audit and Regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with standard methodology. Support the governance of technology & cyber related Self-Identified Issues as well as Internal Audit and External audit actions undertaken … regulatory evidence and responses for re-use and with reporting. Maintain a centralised repository of Customer RFI responses for re-use and with reporting. Support the work of wider GRC teams where required and in areas of interest and expertise. Work with partners to ensure conformance with Regulatory, Company and Industry standards. Supporting the production of required Metrics at committees … Responsibilities Support the first line Technology & Cyber Issue, Audit and Regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with standard methodology. Support the governance of technology & cyber related Self-Identified Issues as well as Internal Audit and External audit actions undertaken Perform quality reviews of all Technology and Cyber Security related Audit Observations andMore ❯
london, south east england, united kingdom Hybrid / WFH Options
Tata Consultancy Services
PoV leveraging ServiceNow platform, GenAI capabilities and integration with third-party technologies & monitoring tools. Advise and ensure customers use leading ServiceNow practices & capabilities related to instance strategy, architecture, technical governance, data and integrations. Work with diverse teams and customers to improve product adoption, increase footprint & provide guidance to project teams at onsite/offshore on solution implementation. Develop strategies and … services in ServiceNow, Java, and CMDB or asset integrations in ServiceNow. Knowledge of SAML, Active Directory, or LDAP. ServiceNow developer Certification, including ITSM, ITOM, Asset Mgt, ITBM, CSM, SecOps, GRC, or HR. Exposure to HRSD, IRM, CSM, FSM, GRC, mobile solutions, Reporting & Analytics & other industry specific solutions. Well-versed in modern web technologies and cloud computing architectural principles for cloud More ❯
Security GRC Consultant - Contract Location: Remote, UK based - occasional trips to London office needed About the Role We’re partnering with a leading cyber security consultancy to find a Security GRC Consultant who can play a pivotal role in strengthening their clients’ security posture. This is an exceptional opportunity for a GRC professional who thrives on shaping policy, embedding governance … alignment between security and business objectives. As a Security GRC Consultant, you’ll act as the crucial link between central security teams and business units, ensuring robust governance, riskmanagement, andcompliance practices are not only adopted but embedded across complex environments. What You’ll Do - Act as the primary liaison between security functions and key business stakeholders, ensuring security … requirements are aligned to business priorities.- - Champion the integration of governance, risk, andcompliance controls across projects, processes, and systems. - Assess and remediate gaps in security practices and influence operational teams to adopt security-first approaches. - Drive adherence to industry standards and frameworks such as ISO 27001, NIST, or similar. - Provide expert input to enhance security frameworks, policies, and procedures. More ❯
london (croydon), south east england, united kingdom
UK Home Office
organisation and make recommendations for continuous improvement. As a Senior Cyber Security Risk Manager, your main day-to-day responsibilities will be: Working within established security andriskmanagementgovernance structures, usually under supervision to support, review and undertake straightforward riskmanagement activities such as: undertaking cyber security related risk assessments; basic threat assessments and other riskmanagement activities. Communicating … chances of interviewing at UK Home Office by 2x Get notified about new Risk Manager jobs in Croydon, England, United Kingdom . London, England, United Kingdom 4 days ago Governance, RiskandCompliance (GRC) Manager London, England, United Kingdom 2 weeks ago London, England, United Kingdom 1 month ago London, England, United Kingdom 2 weeks ago City Of London, England More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Sanderson
third-party vendors and internal stakeholders to ensure smooth project execution Develop and maintain project documentation, risk logs, and reports for senior stakeholders Ensure projects adhere to regulatory andgovernance frameworks Skills and Experience Proven track record delivering cyber security or information security projects in large, complex organisations Strong understanding of cyber risk, threat management, and technical security controls Excellent … stakeholder managementand communication skills Experience with governance, risk, andcompliance frameworks (e.g., ISO 27001, NIST, GDPR) PRINCE2, PMP, or similar project management certification desirable Knowledge of cloud security (Azure/AWS) a plus Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications More ❯
with senior leadership and DTS teams to identify and address emerging threats. Represent the organisation in external networks and vendor relationships to share best practices and influence product development. Governance, Risk & Compliance Ensure technical security risks are documented and managed within the risk register. Own and manage services/processes in line with ITSM best practices. Maintain and review operational More ❯