Head of GRC

Job Title: Head of Governance, Risk & Compliance (GRC) – MSP Practice Lead

Location: London Hybrid (3 Days Onsite, 2 Remote)

Job Type: Full-time, Permanent

The Opportunity

Are you a senior GRC expert ready to step out of a corporate cost-center and run your own practice?

A top-10 European Managed Service Provider (MSP) is hiring an entrepreneurial Head of GRC to take full strategic and commercial ownership of its fast-growing Compliance as a Service (CaaS) business line. This role perfectly balances internal corporate governance with high-level client advisory and Virtual CISO (vCISO) delivery.

Key Responsibilities

Practice Growth: Scale and productize the CaaS roadmap, driving revenue, pricing strategies, and service design.

vCISO Delivery: Act as the trusted boardroom advisor to mid-market clients across cyber security, risk, and resilience.

Core Frameworks: Lead client assessments and certifications across Cyber Essentials/CE+, ISO 27001, and UK GDPR.

Innovation: Build next-generation AI Governance and operational resilience (BC/DR) frameworks.

Internal Audit: Maintain the firm’s elite internal ISO certifications and audit readiness.

What We Need

Senior GRC, InfoSec, or IT Audit experience, ideally within an MSP or tech consultancy.

Strong practical knowledge of Cyber Essentials, UK GDPR, and ISO 27001.

Exceptional executive presence—confident presenting risk and strategies to C-suite/board levels.

Commercial acumen to partner with sales teams and expand client adoption.

Desirable: CISSP, CISM, CRISC, or ISO 27001 Lead Auditor credentials.

Why Join Us?

Autonomy: Run this practice like your own business unit with full SLT backing.

Investment: Heavy funding for your ongoing professional development and elite certifications.

Scale: Join an ambitious firm growing rapidly through organic expansion and acquisitions.

Apply today to lead the future of Compliance as a Service.