Risk Manager - GRC / Cyber / Third-Party

Risk Manager - GRC / Cyber / Third-Party

We are partnered with a world leading semiconductor company in the UK looking to bring on a GRC Risk Manager for their Enterprise Security team.

This is a contract engagement, inside IR35, based out of their Cambridge offices (hybrid working).

Key Responsibilities:

Enhance the Information Security Risk Management Framework within ServiceNow IRM, applying both qualitative and quantitative principles.
Lead structured supplier assessments, review complex contracts, and oversee ongoing monitoring for a global vendor ecosystem.
Conduct deep-dive reviews to identify root causes and ensure systemic lessons are integrated into the control environment.
Develop KRIs (Key Risk Indicators) and KCIs (Key Control Indicators) to measure security control effectiveness across critical assets.
Partner with engineering and business leads to ensure accountability for remediation and increase risk visibility at speed.

Key Requirements:

Hands-on experience with risk quantification (FAIR) and ServiceNow IRM is essential.
Deep familiarity with NIST CSF, NIST SP800-53, and ISO 27001.
Comfortable leading high-stakes vendor assessments and challenging technical stakeholders skillfully.
Confident utilizing metrics and dashboards to translate technical risks into actionable business insights for senior leadership.
A champion of AI and Automation to streamline GRC processes.
Ideally already certified in CRISC, CISM, CISSP, or FAIR

Keywords: GRC / Cyber Risk / Third-Party Risk / TPRM / ServiceNow IRM / FAIR / NIST CSF / ISO 27001 / Risk Quantification / Cambridge / Inside IR35 / Information Security

If you are interested in this GRC Risk Manager position, please send a copy of your CV to ts@eu-recruit.com

By applying to this role you understand that we may collect your personal data and store and process it on our systems. For more information please see our Privacy Notice https://eu-recruit.com/wp-content/uploads/2024/07/European-Tech-Recruit-Privacy-Notice-2024.pdf

Apply Now

Similar Jobs

Risk Manager

Hiring Organisation: European Tech Recruit
Location: Cambridge, England, United Kingdom

Senior Cybersecurity Risk & Governance Lead | GRC Are you a Risk Expert who thrives on complexity? I’m recruiting for a Senior Technical Risk & Governance Lead for one of the world’s most influential technology firms. They don't just build ...

Compliance Analyst

Hiring Organisation: Reed Technology
Location: Norwich, Norfolk, East Anglia, United Kingdom
Employment Type: Permanent
Salary: £45,000

IT Governance, Risk & Compliance (GRC) Analyst Location: Norwich (Hybrid - 60% on-site) Salary: £38,784 - £46,049 + Excellent Benefits Contract: Permanent About the Role REED Technology are supporting a leading organisation in recruiting an experienced Governance, Risk & Compliance Analyst . This ...

Senior Security Risk Specialist - Inside IR35 - Hybrid

Hiring Organisation: Tenth Revolution Group
Location: London, South East, England, United Kingdom
Employment Type: Contractor
Salary: £649 - £650 per day

Senior Security Risk Specialist - Inside IR35 - Hybrid Senior Security Risk Specialist We are looking for a pragmatic and motivated Senior Security Risk Specialist with a strong understanding of security risk and information security control concepts to support our Security Risk ...

Dedicated Cyber Security Assurance Lead

Hiring Organisation: Logiq
Location: Greater Bristol Area, United Kingdom

Location: Hybrid; with occasional travel expected to client site or Logiq’s offices in Bristol or Chippenham. Salary: Negotiable Dependent on Experience , plus car allowance, plus up to 10% performance bonus*, plus excellent benefits package. Logiq is a fast-growing ...

Head of Cyber Security Remote or Hybrid

Hiring Organisation: Michael Page Technology
Location: London, South East, England, United Kingdom
Employment Type: Full-Time
Salary: £75,000 per annum

This role leads the organisation's cyber security strategy, ensuring strong resilience, compliance, and protection of information assets. You will oversee operations, governance, risk management, and incident response while guiding a high-performing security & infrastructure team. Client Details Our client ...

Penetration Tester

Hiring Organisation: Marshall Wolfe
Location: Ipswich, Suffolk, England, United Kingdom
Employment Type: Contractor
Salary: Competitive salary

Penetration Tester We are looking to recruit the services of an experienced Penetration Tester to join our client’s Information Security team on a contract basis (initially 6 months, inside IR35). The role is based in Ipswich, so candidates MUST ...

Security Risk Specialist

Hiring Organisation: Tenth Revolution Group
Location: London, South East, England, United Kingdom
Employment Type: Contractor
Salary: £650 per day

Security Risk Specialist - 6-Month Contract - Inside IR35 - Hybrid London (2-3 Days Onsite) A leading technology-driven organisation is seeking an experienced Security Risk Specialist to support the ongoing development and operation of its security risk function. This role ...

Cyber Risk Analyst - OT - ISO27005 - Risk Assessements

Hiring Organisation: Tria
Location: London, United Kingdom
Employment Type: Contract
Salary: £500 - £600/day

Cyber Risk Analyst (Contract) Location: London/Southeast - Hybrid / Remote working Duration: 6+ months (12+ months programme of work) Day Rate: Up to £600 a day DOE (Inside IR35) Start date: ASAP. Overview We are seeking a skilled, proactive, and analytical Cyber ...

Information Security Manager

Hiring Organisation: Ashdown Group
Location: Crawley, West Sussex, South East, United Kingdom
Employment Type: Permanent, Work From Home
Salary: £90,000

An impressive multinational business is looking for an accomplished Information Security Manager to join its team. Please note the firm embraces flexibility so you will be able to work from home 3 days per week. In order to be suitable ...

Information Security Manager

Hiring Organisation: Ashdown Group
Location: Birmingham, West Midlands, United Kingdom
Employment Type: Permanent, Work From Home
Salary: £90,000

An impressive multinational business is looking for an accomplished Information Security Manager to join its team. Please note the firm embraces flexibility so you will be able to work from home 3 days per week. In order to be suitable ...

Senior Cyber Assurance consultant

Hiring Organisation: Stellar Omada
Location: Glasgow, Scotland, United Kingdom

Senior Cyber Assurance Officer Location: Glasgow / Hybrid Employment Type: Contract About the Role We’re looking for a Senior Cyber Assurance Officer to play a key role in strengthening cyber resilience across complex environments. You’ll provide assurance that security ...

Third Party Security Assurance Analyst

Hiring Organisation: Affinity Water Limited
Location: Hatfield, Hertfordshire, South East, United Kingdom
Employment Type: Permanent
Salary: £65,000

Affinity Water has a exciting opportunity available to work in our Cyber Security Team as a Third Party Security Assurance Analyst. The Role: As aThird Party Security Assurance Analyst will be responsible for conducting third-party security risk assessments across ...

Senior Security Risk Specialist

Hiring Organisation: Tenth Revolution Group
Location: London, South East, England, United Kingdom
Employment Type: Contractor
Salary: £600 - £650 per day

Security Risk Specialist -LLM's Location: London Department: Security Risk Management Reports to: Head of Security Risk Management & Assurance Inside IR35Two Days in London Must have LLM's Overview A leading technology-driven organisation is seeking a Security Risk Specialist ...

Senior Cybersecurity Consultant

Hiring Organisation: Hamilton Barnes 🌳
Location: England, UK

Senior/Principal GRC Cybersecurity Consultant - Permanent - Hybrid (UK) We're looking for a Senior/Principal GRC Cybersecurity Consultant to support organisations with their most complex cyber, information security, and operational resilience challenges. You'll work closely with boards, CISOs, and senior leadership ...

GRC Analyst

Hiring Organisation: InfinityQuest Ltd,
Location: London, United Kingdom
Employment Type: Contract
Salary: £300 per day

Required Qualifications Experience in a GRC, information security, risk management, or compliance-related role Strong understanding of security controls, technical safeguards, and audit methodologies Ability to review technical evidence and collaborate effectively with engineering and IT teams Strong organizational, documentation ...

Head of Cyber Security

Hiring Organisation: Keystream Group Limited
Location: London, United Kingdom
Employment Type: Permanent
Salary: £80,000

Experienced Head of Cyber Security Required for a Local Authority Client. Type : Permanent Salary : £60,000- £80,000 Location : London Purpose of the role: To provide leadership across and beyond the Council to support, guide and direct the implementation of ...

GRC Analyst

Hiring Organisation: InfinityQuest Ltd,
Location: London, United Kingdom
Employment Type: Contract
Salary: GBP 300 Daily

Required Qualifications Experience in a GRC, information security, risk management, or compliance-related role Strong understanding of security controls, technical safeguards, and audit methodologies Ability to review technical evidence and collaborate effectively with engineering and IT teams Strong organizational, documentation ...

Senior Security Risk Specialist

Hiring Organisation: DigiTech Resourcing
Location: City of London, Greater London, UK

Senior Security Risk Specialist – Contract Location - London (Hybrid – 2 days onsite in Bank) Term: 6 months Rate: £650 per day (Inside iR35) We’re looking for a Senior Security Risk Specialist to support a technology company’s Security Risk Management ...

Information Security Officer (Physical Security)

Hiring Organisation: Rullion Ltd
Location: Preston, Lancashire, United Kingdom
Employment Type: Permanent
Salary: £56500 - £61500/annum

Information Security Officer - Physical Security Focus Permanent Location: Preston - Hybrid (3 days per week in the office, with occasional site visits across the North West within those days) Salary: Up to £61,500 Purpose of the Role To ensure physical ...

Third Party Risk Lead Cyber

Hiring Organisation: Hays Specialist Recruitment Limited
Location: London, South East, England, United Kingdom
Employment Type: Full-Time
Salary: £80,000 - £90,000 per annum

UK ONLYKey Responsibilities Lead and continuously improve The organisation's third-party cyber risk assurance process, covering onboarding, risk assessment, due diligence, and ongoing monitoring. Develop and maintain a robust vendor criticality assessment model, ensuring assurance activities are aligned to ...