GRC Specialist

Shape the Future of Modern Cyber Governance

This is an exciting opportunity for a GRC Specialist to be at the forefront of the business with the view to lead the practice and take full ownership moving forwards.

This role sits at the heart of advisory-led cyber security. With a varied mix of Consultancy, delivery and programme lead work... Working directly with key customers in strengthening their security posture.

If your passion is for tuning complex security requirements into practical business-aligned outcomes, this is the role for you.

What you’ll be doing:

• Designing, implementing and maturing Information Security Management Systems (ISMS)
• Leading risk assessments, maintaining risk registers and supporting threat modelling
• Delivering security and compliance programmes for a diverse customer base
• Supporting customers through ISO 27001, Cyber Essentials and other certifications
• Conducting cyber maturity, gap and audit-readiness assessments
• Translating technical security controls into clear business and risk language
• Working closely with SOC, engineering and offensive security teams to deliver integrated security outcomes
• Supporting pre-sales discussions, workshops and advisory engagements

Frameworks & Standards You’ll Work With:

• ISO 27001
• NIST Cyber Security Framework (CSF)
• NCSC Cyber Assessment Framework (CAF)
• Cyber Essentials / IASME
• Defence-aligned cyber standards (desirable)

What We’re Looking For:

• 2–4 years’ experience in information security, GRC or risk-based roles.
• Hands-on experience implementing or supporting security frameworks.
• Strong stakeholder communication skills.
• Confidence working in a customer-facing, consultancy-style role.
• A structured, detail-oriented approach with excellent documentation skills.
• Curiosity, initiative and a desire to grow into a senior GRC or advisory position.