3 of 3 Contract GRC Jobs in the North of England

and Europe. Based in London, with occasional travel to other operational sites, you will help shape and mature the organisation's security governance, risk management practices, and compliance frameworks. You will work across both IT and OT domains, with specific focus on human risk management, supply chain security, policy development … tools with user-level behaviours (e.g., DLP, social engineering indicators, high-risk activity). Analyse and interpret threat intelligence to support security policies and governance updates. Contribute to the education, awareness, and training programme, including delivering stakeholder briefings. Review metrics to strengthen phishing resilience and behavioural security controls. Provide risk ...

clear prioritisation and delivery outcomes Bring structure and pace to a complex environment, removing blockers and driving accountability across teams Establish and run programme governance, reporting, and RAID management at senior stakeholder level Coordinate delivery across key domains including IAM (SailPoint), PAM, DLP, and technology risk/control functions Ensure … and controls are effectively implemented, optimised, and delivering measurable value Embed NIST-aligned practices across Identify, Protect, Detect, Respond, Recover domains Drive process and governance maturity, ensuring security services are operationalised and sustainable Develop and track KPIs to measure security maturity, adoption, and risk reduction Collaborate across Security Operations, GRC ...

effective triage, coordination, escalation, and decision-making. Align incident response practices with cyber security standards including National Institute of Standards and Technology guidance. Embed governance, risk, and compliance requirements into incident workflows. 3. Runbook Development & Modernisation Design, develop, and maintain cyber incident response runbooks as part of the modernisation programme. … and automation-driven processes. Strong process design and documentation capability (BPMN or equivalent). Experience working within regulated financial services environments. Strong understanding of governance, risk, and compliance in cyber incident management. Desirable Experience supporting incident management transformation or runbook modernisation programmes. Familiarity with service transition, operational readiness, and enablement ...