GRC Coordinator
Hybrid Working – 2–3 days per week onsite £40,000–£55,000 (DOE) + Excellent Benefits We’re pleased to be supporting a growing, international organisation as they introduce a brand new GRC Coordinator role. This is a fantastic opportunity to take ownership of governance, risk, and compliance activity within a modern, people focused business that is scaling its global presence and digital services. If you're someone who enjoys bringing clarity to complexity, keeping compliance frameworks organised, and acting as the central point of coordination, this role offers both challenge and long-term development.The organisation is expanding across new markets and strengthening its data protection, security, and regulatory posture. With multiple frameworks in motion — including ISO 27001, GDPR, HIPAA, and Cyber Essentials Plus — they now require a dedicated internal owner to:
- Maintain structure across all GRC activity
- Coordinate between teams and external advisors
- Keep audits, actions, and documentation progressing
- Support compliance awareness across the business
- Manage day to day administration of security, privacy and compliance frameworks
- Maintain policies, procedures, registers and documentation
- Track actions, evidence, tasks and reviews across multiple frameworks
- Support development and maintenance of the ISMS
- Assist with internal audits and external certification activity
- Gather and organise audit evidence
- Track findings and corrective actions, escalating where required
- Support responses to customer and supplier assurance questionnaires
- Support with maintaining Records of Processing Activities, DPIAs and related documentation
- Route queries to the organisation’s external DPO/privacy partner
- Maintain strong information governance practices
- Act as the internal go to for GRC questions and coordination
- Work with IT, HR, Digital, Operations, Quality and Business Systems teams
- Help gather information, evidence, and inputs required for audits or assessments
- Assist in delivering compliance and security training
- Ensure clear communication to employees at all levels
- Help build a culture of awareness and accountability
- Support incident response by gathering information and maintaining records
- Escalate appropriately to leadership or external advisors
- Experience in governance, compliance, risk, information security or information governance
- Exposure to frameworks such as ISO 27001 and/or GDPR
- Strong organisation and documentation skills
- Excellent written and verbal communication
- Ability to translate technical or regulatory topics into practical, easy to understand language
- Comfortable working with stakeholders across the organisation
- Experience with audits, assurance processes or certifications
- Knowledge of Cyber Essentials, HIPAA or other regulatory frameworks
- Experience in a regulated environment (e.g. healthcare, life sciences, manufacturing, technology)
- Familiarity with GRC or document management tools
- Personable and approachable
- Curious and proactive in learning
- Calm and structured in managing multiple workstreams
- Confident in owning processes and keeping momentum
- Able to balance detail with practicality
- ISO 27001 Lead Implementer / Lead Auditor
- CIPP/E, CIPM, CIPT
- Security+, HCISPP, GDPR practitioner certifications
- Supportive onboarding and long tenured teams
- Access to a salary sacrifice EV scheme after probation
- Free onsite parking and free EV charging
- Modern offices and collaborative working culture
- Strong growth plans with career progression opportunities
- A friendly, down to earth environment where people genuinely enjoy working together