1 to 25 of 248 GRC Jobs in the UK

Head of Technology Governance, Risk, and Compliance (GRC) Because your new ideas are our way new ways of working. Evolve, your way. The Head of Technology Governance, Risk, and Compliance (GRC) is a key leadership role within the Primark Tech, reporting to the Chief Technology Security & Risk Officer (CTSRO). The role is responsible for ensuring effective governance, compliance, managing … Primark is all about tailoring to you, we offer Tax Saver Tickets, fitness centre, and a subsidised cafeteria. What You'll Do as a Head of Technology Governance, Risk, and Compliance (GRC) We want you to feel challenged and inspired. Here, you'll develop your skills across a range of responsibilities: Provide general leadership, oversight, and development of technology governance … levels of the organization and influence decision making process. Proven record of accomplishment in driving change using positive influencing skills to modify opinions, plans and behaviours to adopt risk management and compliance practices. Strong project management skills to oversee the implementation of risk management initiatives and compliance programs. Ability to provide guidance and training to employees on technology risk and More ❯

Business Analyst Lead -GRC Location: Manchester, Birmingham and London Job Type: Contract Job Summary: The GRC Lead & Business Analyst is responsible for managing the organization's Governance, Risk, and Compliance (GRC) framework while also performing business analysis to enhance risk management, regulatory compliance, and operational efficiency. This role involves assessing risks, ensuring compliance, conducting audits, analyzing business processes, and driving … GRC-related projects. The GRC Lead Cum BA will work closely with IT, legal, finance, and business units to enforce policies, ensure compliance, and implement best practices for governance, risk, and assurance. Key Responsibilities: 1. Governance, Risk & Compliance (GRC) Management Develop, implement, and maintain GRC policies, frameworks, and procedures aligned with industry standards and regulatory requirements (ISO 27001, NIST, SOC … place. Maintain a risk register and track risk management initiatives. Lead third-party/vendor risk assessments requirement gathering, ensuring supplier security and compliance. Collaborate with leadership to align GRC practices with business objectives. 2. Compliance & Assurance Ensure the organization meets regulatory requirements and industry best practices. Manage compliance audits (ISO 27001, SOC 2, PCI DSS, GDPR, HIPAA) and coordinate More ❯

GRC Analyst Title: Governance, Risk & Compliance (GRC) Analyst Department: Procode IT Location: Chandlers Ford Salary: Circa £ 41,504 + Discretionary bonus scheme. Do you have commercial experience as a Governance, Risk & Compliance Analyst ? Do you have hands-on experience with ISO 27001 and being involved with audits? If so, this could be the role for you! About us We are … curious about what the future in tech holds? Do you have the drive to want to deliver great solutions for customers? Then we have an exciting opportunity as a GRC Analyst , where w e aim to provide you with a uniquely inclusive and diverse workplace, which showcases the extraordinary in all of us, by enabling you to be the best More ❯

Governance, Risk & Compliance (GRC) Lead Location: Fully Remote - UK Wide Department: Technology - IT Security and Service Management Contract Type: Permanent Salary: £55,000 - £65,000 About the Role We are seeking a highly experienced and motivated GRC Lead to join our Cyber Security team. This role is critical in shaping and delivering our information assurance strategy, ensuring that cyber security … such as DSPT , CAF , and DORA . You will also play a key role in stakeholder engagement, presenting confidently to senior leadership and translating complex technical requirements into actionable governance strategies. With a significant project pipeline launching in 2026, this is a unique opportunity to influence the future of cyber security governance in a regulated environment. Key Responsibilities Own and … leadership teams. Ensure timely and accurate submission of compliance documentation, including NHS audits and DSPT submissions. Skills & Experience Minimum 5 years' experience in information security , with a focus on governance, risk, and compliance. Proven ability to lead teams and manage complex programmes in regulated environments. Strong understanding of cyber security frameworks and regulations (DSPT, ISO 27001, CAF, GDPR, DORA). More ❯

will be influenced by your own breadth of experience and can encompass a wide spectrum of tasks, from crafting robust security architectures to offering guidance on GRC (governance, risk management, and compliance) activities. Your responsibilities may also involve: Offering your security expertise in support of significant system procurements and Agile programs, ensuring the secure delivery of solutions. Identifying, analysing, and More ❯

Governance, Risk and Compliance (GRC) Officer The Opportunity: Are you a specialist in corporate governance, risk and compliance? Are you a GRC Officer or Manager looking for an interesting role with huge future potential within the beautiful county of Somerset? If so, then please do read on, please do send us an enquiry so that we can talk to you … sense of responsibility and a desire to drive efficiency and compliance. Job Responsibilities: The primary function of this role is to support the Managing Director in all administrative and governance-related matters, ensuring smooth operations across various corporate functions. This role is responsible for a broad range of administrative, legal, and governance tasks, as well as contributing to strategic projects … years all within a busy engineering environment. Assist in the preparation and submission of confirmation statements and other statutory filings, including those to Companies House. Ensure compliance with corporate governance requirements and best practices. Assist with legal documentation, including reviewing and maintaining contracts and corporate policies. Project-Based Responsibilities may include: GDPR Implementation, Business Continuity Planning, IT Policy Development, Corporate More ❯

following fields of expertise: 7+ years' varied experience in information security, data protection, and security architecture roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, UK CNI/OT/IIOT compliance. Hands-on experience building credibility with More ❯

Strength in Trust OneTrust's mission is to enable organizations to use data and AI responsibly. Our platform simplifies the collection of data with consent and preferences, automates the governance of data with integrated risk management across privacy, security, IT/tech, third-party, and AI risk, and activates the responsible use of data by applying and enforcing data policies … to thrive while championing what's good for both people and the planet. At OneTrust, we leverage cutting-edge technology and a pragmatic approach to privacy, GRC (governance, risk management, and compliance), ethics, and ESG (environmental, social, and governance) to create a straightforward platform that amplifies the global push for Trust Intelligence. OneTrust is a fast-growing SaaS enterprise platform More ❯

NIST, ISO 27001, CIS20) and regulatory requirements relevant to the financial sector Broad technical knowledge spanning desktops, mobile devices, networking, operating systems, and cloud services. Proficiency with risk analytics, GRC tools, and security assessment methodologies. Exceptional analytical, communication, and report-writing skills, with the ability to translate complex technical issues into clear, actionable recommendations for both technical and non-technical More ❯

the annual Inc. 5000 list of fastest-growing American companies since 2008. Summary Smarsh is committed to embedding security as a business enabler. As a senior member of the GRC team, you will be instrumental in ensuring that our security governance, risk, and compliance efforts are integrated, scalable, and proactive. The GRC Lead plays a cross-functional leadership role, supporting … the Senior Manager, GRC, and taking ownership of key programmes that span our ISMS, controls assurance, risk management, third-party oversight, and regulatory compliance. Youll engage with stakeholders across InfoSec, Legal, Product, Engineering, and Customer teams to operationalise governance and build trust. This is a strategic yet hands-on role, ideal for someone who thrives in driving governance initiatives, facilitating … a global team in a dynamic, fast-paced environment. Collaboration across time zones and geographies is a key part of our culture and success. How will you contribute? ISMS Governance & Controls Assurance Lead the maintenance and continuous improvement of Smarshs ISO 27001-aligned ISMS. Oversee the control assurance programme, ensuring robust evidence collection, control testing, and continuous monitoring. Own key More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

Job title: Information Security Manager: Governance, Risk and Compliance (GRC) Location: London or Newcastle Salary: London: Up to £80,000 per annum, Newcastle: Up to £70,000 per annum Type of contract: Full Time, permanent Working arrangement: Hybrid, on-site at London or Newcastle office 2 days per week minimum About the role We are seeking an experienced Information Security … Manager: GRC to lead our Governance, Risk, and Compliance functions. This role involves managing the NAO's certified ISMS, developing security policies, and transforming our security posture to support our strategic objectives. Key Responsibilities Leadership: Manage and develop the GRC team, build stakeholder relationships, and promote a positive security culture. GRC Management: Oversee security controls, ensure compliance, and manage third … security policies. Risk Management: Identify, assess, and treat information security risks, maintaining the risk register and ensuring risk-aware decision-making. Skills and Qualifications Proven experience in information security, governance, risk, or compliance roles. Working towards or certified in CISSP, CISM, CISA, or CRISC within six months. Understanding of ISO 27001, risk management, and current IT security issues relevant to More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

NIST, ISO 27001, COBIT). Deep understanding of IT general controls, cyber security principles, and technology risk domains. Experience in control ownership, control testing, and remediation planning. Familiarity with GRC platforms and control lifecycle management. Experience in a risk management, IT audit, or cyber security role within a financial services or regulated environment. Excellent communication and stakeholder engagement skills. Ability More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

of the Information Security Graduate: Assist with incidents and requests that are assigned to Information Security within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO/IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally More ❯

of the Information Security Graduate: Assist with incidents and requests that are assigned to Information Security within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO/IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally More ❯

lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity As S/4 HANA Roles & GRC Access Manager, you will lead and support our SAP Security and Governance, Risk, and Compliance (GRC) initiatives. The ideal candidate will have extensive experience with SAP Security architecture and implementation … SAP GRC solutions (Access Control, Identity Access Governance), and proven experience managing teams through complex SAP implementations and security risk assessments. This role will play a crucial part in designing, implementing, and re-design of security roles, Identity and Access Governance for cross-platform ecosystems while maintaining secure and compliant SAP environments across the organisation. You will demonstrate and develop … your capabilities in the following areas: Develop and implement S/4 HANA security and GRC strategy, design to protect the integrity and confidentiality of our clients' enterprise systems. Oversee S/4 HANA Security during implementation ensuring compliance embedding audit and regulatory requirements. Lead the design, configuration, implementation and testing of SAP GRC modules such as Access Control (AC More ❯

lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity As S/4 HANA Roles & GRC Access Manager, you will lead and support our SAP Security and Governance, Risk, and Compliance (GRC) initiatives. The ideal candidate will have extensive experience with SAP Security architecture and implementation … SAP GRC solutions (Access Control, Identity Access Governance), and proven experience managing teams through complex SAP implementations and security risk assessments. This role will play a crucial part in designing, implementing, and re-design of security roles, Identity and Access Governance for cross-platform ecosystems while maintaining secure and compliant SAP environments across the organisation. You will demonstrate and develop … your capabilities in the following areas: Develop and implement S/4 HANA security and GRC strategy, design to protect the integrity and confidentiality of our clients' enterprise systems. Oversee S/4 HANA Security during implementation ensuring compliance embedding audit and regulatory requirements. Lead the design, configuration, implementation and testing of SAP GRC modules such as Access Control (AC More ❯

lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity As S/4 HANA Roles & GRC Access Manager, you will lead and support our SAP Security and Governance, Risk, and Compliance (GRC) initiatives. The ideal candidate will have extensive experience with SAP Security architecture and implementation … SAP GRC solutions (Access Control, Identity Access Governance), and proven experience managing teams through complex SAP implementations and security risk assessments. This role will play a crucial part in designing, implementing, and re-design of security roles, Identity and Access Governance for cross-platform ecosystems while maintaining secure and compliant SAP environments across the organisation. You will demonstrate and develop … your capabilities in the following areas: Develop and implement S/4 HANA security and GRC strategy, design to protect the integrity and confidentiality of our clients' enterprise systems. Oversee S/4 HANA Security during implementation ensuring compliance embedding audit and regulatory requirements. Lead the design, configuration, implementation and testing of SAP GRC modules such as Access Control (AC More ❯

lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity As S/4 HANA Roles & GRC Access Manager, you will lead and support our SAP Security and Governance, Risk, and Compliance (GRC) initiatives. The ideal candidate will have extensive experience with SAP Security architecture and implementation … SAP GRC solutions (Access Control, Identity Access Governance), and proven experience managing teams through complex SAP implementations and security risk assessments. This role will play a crucial part in designing, implementing, and re-design of security roles, Identity and Access Governance for cross-platform ecosystems while maintaining secure and compliant SAP environments across the organisation. You will demonstrate and develop … your capabilities in the following areas: Develop and implement S/4 HANA security and GRC strategy, design to protect the integrity and confidentiality of our clients' enterprise systems. Oversee S/4 HANA Security during implementation ensuring compliance embedding audit and regulatory requirements. Lead the design, configuration, implementation and testing of SAP GRC modules such as Access Control (AC More ❯