1 to 25 of 179 GRC Jobs in the UK

Birmingham- Hybrid - 2/3 days a week onsite £550 - £650 Inside IR35 We are seeking an experienced GRC professional to lead governance, risk management, and compliance initiatives within a highly complex, international organisation. This role requires strong leadership to drive adoption of security policies and motivate teams to align … organisation's mission, vision, and values while achieving local business goals. The Global GRC Manager oversees the development and maintenance of security governance, risk management, and compliance frameworks across all regions. This role ensures alignment with cyber security strategy and regulatory standards, working closely with leadership, technology teams, and compliance ...

Title: GRC Consultant (Governance, Risk, and Compliance) Location: Farnborough (Hybrid, minimum 3 days in the office) About Us: We are a growing Cyber Consultancy located in Farnborough, offering Managed Services and Consultancy engagements. Our team blends experienced cybersecurity experts with motivated new consultants to offer a fun and rewarding atmosphere. … market-leading software vendors to provide a robust and secure IT landscape for our clients. The Opportunity: We are seeking an experienced, highly analytical Governance, Risk, and Compliance (GRC) Consultant to own and drive our security and compliance posture across all global operations. This role is central to maintaining ...

Excellent communication skills with the ability to simplify complex findings for senior management. Strong attention to detail and a proactive, positive, innovative mindset. Desirable GRC or security certifications (e.g., CISSP, CISM, CRISC, CISA, GCFE, GSEC, CCSP). Experience with cyber risk modelling (e.g., CyberCube, RMS, Cyence). Hands-on experience ...

and sensitive data.* Lead incident response, threat intelligence, and vulnerability management programs.* Maintain compliance with global standards (e.g., ISO 27001, NIST, GDPR, HIPAA).**Governance, Risk & Compliance*** Develop and enforce enterprise-wide security policies and procedures.* In alignment with the business ethics team, ensure compliance with pharmaceutical regulations (e.g. ...

Opportunity National enterprise scale business is seeking a highly capable Governance, Risk & Compliance (GRC) Lead to drive the evolution of their security and risk landscape during a period of significant transformation and investment. This is a rare chance to step into a senior, influential position—shaping the GRC strategy, building … and high-profile environment. The Role Working as the Right-hand to the Head of Information Security, you will: Leadership & Ownership Lead the entire GRC portfolio and shape a function that is still maturing. Manage a small but growing team, across multiple sites Governance & ISMS Own the ISMS and drive ...

established UK business during a key phase of growth and investment, to recruit a GRC Analyst. This is a role centred around governance, risk management, and compliance, working closely with stakeholders across the business to strengthen frameworks, ensure controls are effective, and support ongoing audit and regulatory requirements. … looking to build a career in GRC, gaining exposure to risk, audit, and compliance within a growing organisation that is investing in its security and governance capability. Apply today with your most up-to-date CV! BH35513 ...

Advert: Technology Governance Manager - £60,000 + Benefits Location: Warwick/Hybrid 2days p/w We are looking for an experienced Technology Governance Manager to lead and mature the governance, risk, and compliance framework across our Technology function. This role plays a critical part in ensuring that technology change … cybersecurity, and risk management are delivered effectively, enabling robust service delivery and supporting business performance. You will be responsible for defining and operating governance processes that are practical, value adding, and aligned with key regulatory and accreditation standards including ISO 27001 and Cyber Essentials Plus. This role requires a proactive ...

Broad knowledge of secure system design, cloud and hybrid architectures, threat modelling, identity and access management, networking and cryptography. Risk and compliance: Experience applying governance, risk and compliance frameworks (ISO27001, NIST, NCSC) and translating the CIA triad into practical controls. Communication and leadership: Able to articulate complex security concepts ...

take the next step in responsibility and exposure. You'll be working on projects across secure government environments, supporting areas such as security assurance, governance, risk, and compliance , with exposure to frameworks including ISO27001, NIST and JSP standards . Requirements SC Clearance (required to start) Experience working within Defence ...

Operational Technology (OT) who is keen to build a long-term career in cybersecurity for critical infrastructure. Reporting into the Head of Information Security GRC and Group CISO this role sits within the Group Information Security team and offers a unique opportunity to work at the intersection of engineering systems ...

and risk principles (e.g., CompTIA Security+, Certified Ethical Hacker (CEH), or GIAC/GSEC) would be a plus. Certifications specifically in risk management or governance (such as CRISC, Certified Information Systems Auditor (CISA), or ISO 27001 Lead Auditor/Implementer) are also advantageous for this role, as they indicate … cybersecurity or IT risk roles. This could include experience as a Cyber Risk Analyst, IT Risk Analyst, Security Analyst, Vulnerability Management Specialist, or GRC (Governance, Risk & Compliance) Analyst. Candidates with slightly more or less experience will be considered based on skill fit, but a baseline understanding from a few years ...

network security, DevOps and security monitoring Understanding of secure software development lifecycle (SSDLC) practices Strong knowledge of information security risk management techniques Experience of governance, risk and compliance, ideally in financial services Knowledge of frameworks such as ISO27001, NIST, PCI DSS Awareness of the threat landscape and modern security controls ...

Head of Cyber Governance, Risk and Compliance London | Hybrid | Full-time | Personal Contract Competitive pension scheme – Enhanced maternity/paternity pay – Life assurance – HolidayPlus – Cycle2work Scheme & more REQ5121 As a strategic leader in Governance, Risk and Compliance, you will guide SGN’s cyber security and regulatory approach, ensuring our operations … Every role, whether in the office or on the front line, plays a key part in this mission. Here’s how you will contribute... Governance, Risk & Compliance (GRC) Leadership Lead and manage the GRC team, aligning cyber and business goals while ensuring compliance with NIS-R, ISO27001/2, and ...

experience across areas such as: Conducting cyber gap analyses and maturity assessments Supporting Cyber Essentials readiness and assessments Developing policies, risk registers, and governance documentation Assisting with ISO 27001 and data-protection compliance activities Helping shape security roadmaps and practical improvement plans What You'll Bring 1-3 years' experience … hybrid, or home-based working A people-first culture that values kindness, curiosity, and growth Exposure to a wide range of projects across IR, GRC, and technical security Opportunities to see the long-term impact of your work through ongoing client relationships If you're ready to grow your career ...

complex, meaningful projects that contribute to national resilience and public service delivery, offering consultants the opportunity to apply their skills in environments where governance, risk management and regulatory compliance are critical to success. The Role You’ll work closely with both internal technical teams and external stakeholders to assess, design … and implement effective information security controls and governance frameworks across a variety of programmes. This is a client-facing role that combines security best practice, risk management and technical awareness, making it well suited to someone who enjoys advising organisations on how to embed security in a practical and proportionate ...

CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status ...

CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status ...

client is seeking a highly technical application security consultant. This is a hands-on technical role, not a GRC, policy, or compliance position. We are looking for a practitioner with a deep background in Application Security, Secure Coding, or Penetration Testing. You must be able to do more than just ...

regulated sectors (financial services, healthcare, government, critical infrastructure). * Prior participation in or leadership of real-world cyber incident response activities. * Familiarity with identity governance, EDR platforms, SIEM tooling, and cloud security architecture. Why This Engagement Matters The Cyber Incident Response Preparation Consultant plays a crucial role in elevating ...

SaaS products from concept to successful market adoption across multiple releases. Experience working with global banks, broker‐dealers, insurers, or large fintechs, understanding their governance, risk, compliance, and technology landscapes. Skills & Competencies AI‐First Product Mindset: Ability to think from first principles about how AI and Agentic AI can reshape ...

resolution. Monitor system performance and coordinate upgrades, patches, and enhancements. Maintain relationships with vendors and third-party providers. Own documentation, configurations, and support procedures. Governance, Risk & Compliance Implement best practices across development, testing, and deployment. Ensure compliance with regulatory, security, and audit requirements. Support business continuity and disaster recovery planning. ...

continuity planning. Excellent interpersonal and communication skills across all levels. Demonstrated success in managing third-party vendors and complex IT projects. Experience with IT governance, risk management, and regulatory compliance. Passion for user experience and colleague enablement through technology. Ability to lead and inspire teams in a fast-paced, multi ...

Title: Cyber Governance & Risk Enablement Lead About the Organisation Financial Services Experience Key. The organisation operates across multiple regions and delivers technology-enabled services to customers in both regulated and non-regulated markets. It prioritises secure operations, responsible technology adoption, and a forward-looking approach to risk management that supports … growth and digital transformation. Role Purpose This role is responsible for building and maintaining the organisation's cybersecurity governance model, ensuring that security expectations are clearly defined, easily understood, and consistently applied across all teams. You will oversee the development of security policies and control frameworks, coordinate risk and compliance ...

reports that provide senior stakeholders with meaningful insight into the organisation's third-party cyber risk posture. Embed third-party security controls into vendor governance processes, working closely with Procurement, Legal, Technology, and Risk. Monitor compliance with industry frameworks such as CIS Controls, NIST, GDPR, and sector-specific guidance. Support … best practice. Provide data, commentary, and risk metrics for divisional or organisational IT risk reporting. Escalate material risks or emerging issues to the Cyber Governance Manager and BISO leadership when required. Performance Objectives Build a comprehensive understanding of the organisation's supplier landscape and existing vendor governance controls, taking full ...

reports that provide senior stakeholders with meaningful insight into the organisation's third-party cyber risk posture. Embed third-party security controls into vendor governance processes, working closely with Procurement, Legal, Technology, and Risk. Monitor compliance with industry frameworks such as CIS Controls, NIST, GDPR, and sector-specific guidance. Support … best practice. Provide data, commentary, and risk metrics for divisional or organisational IT risk reporting. Escalate material risks or emerging issues to the Cyber Governance Manager and BISO leadership when required. Performance Objectives Build a comprehensive understanding of the organisation's supplier landscape and existing vendor governance controls, taking full ...