Cyber GRC/IT Advisory Director

GRC Advisory Director

Audit & Risk Recruitment are delighted to be working as the exclusive recruitment partner on behalf of a rapidly expanding professional services and technology advisory business seeking to appoint a GRC Advisory Director! This is an opportunity to help build and shape a fast-growing GRC advisory practice at an early stage, with the backing of both a leading accountancy and advisory firm and a leading IT and cybersecurity business. You will have the scope to influence the service, build the team and develop client relationships, while being supported by the wider infrastructure, brand and client base.

  • £75,000-£105,000 plus bonus and benefits
  • 3 days per week in their Derby, Nottingham or Birmingham offices
  • Unfortunately this role cannot provide visa sponsorship

Responsibilities

  • Lead complex project engagements including DPIA reviews, AI Ethics and Governance Audits, Operational Resilience assessments, Tabletop Exercises and PE/M&A cyber due diligence and later when more established - ISO 27001 implementations
  • Own GRC Advisory Premium and vCDO retainer accounts, including scope, deliverables, client satisfaction and commercial renewal
  • Review all consultant outputs and maintain quality standards across the team
  • Keep current with relevant regulatory developments and translate changes into updated advice for clients
  • Manage internal platforms on behalf of clients, ensuring compliance programmes are properly tracked and evidenced

Team

  • Manage a team of GRC Consultants and Senior Consultants, growing from three to around seven people over the first three years
  • Provide hands-on coaching during engagements and peer review of deliverables
  • Support team members through professional certifications including ISO 27001 Lead Auditor, CIPP/E and BCS Data Protection Practitioner
  • Contribute to recruitment including interview involvement and onboarding of new hires

Clients and Business Development

  • Act as senior point of contact for retainer clients at MD, Finance Director and board level
  • Identify opportunities to extend the scope of existing client relationships, whether that is moving from a one-off project to a retainer or broadening the range of frameworks covered
  • Support the BD Manager in qualifying opportunities and providing technical input during proposals
  • Work with partners across the wider firm to develop referral opportunities from their existing client base
  • Represent the practice at relevant sector events and industry forums

Requirements

  • A solid track record of delivering GRC services implementations from scoping through to certification
  • Hands-on experience with DPIAs, data protection health checks and policy development under UK GDPR
  • Direct client contact at board or senior leadership level, with the ability to present clearly and handle difficult questions
  • Experience managing or mentoring a small team of compliance or information security professionals
  • Working knowledge of at least one of: NIS2, DORA, FCA PS21/3 operational resilience, the EU AI Act, or ISO 22301 business continuity
  • A background in professional services or consultancy, with an understanding of how to run engagements commercially

Qualifications (preferable)

  • ISO 27001 Lead Auditor or Lead Implementer from an accredited body such as BSI, LRQA or CQI
  • BCS Certificate in Data Protection, CIPP/E or an equivalent data protection qualification
  • ISO 22301 Lead Implementer or a recognised business continuity qualification
  • Cyber Essentials Assessor certified by an IASME or NCSC approved body
  • ISO 42001 AI Management Systems, which is increasingly relevant given the EU AI Act timeline
  • A degree in law, computer science, business, information security or a related field

Audit & Risk Recruitment

Apply Now
Apply Now

Job Details

Company
Audit & Risk Recruitment
Location
England, United Kingdom
Posted