9 of 9 Permanent GRC Jobs in Bristol

critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport, or smart cities is highly More ❯

critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport, or smart cities is highly More ❯

critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport, or smart cities is highly More ❯

in this role. ISO/IEC 27001 Lead Auditor or Lead Implementer certification. Familiarity with GDPR, NIS2, ISO/IEC 42001or other data protection and security regulations. Experience with GRC platforms or compliance automation tools. Cyber Essentials PLUS hands-on assessment or audit experience. Certifications such as CISSP, CISM, or CISA would be advantageous. The Location: Bristol (hybrid working) The More ❯

in this role. ISO/IEC 27001 Lead Auditor or Lead Implementer certification. Familiarity with GDPR, NIS2, ISO/IEC 42001or other data protection and security regulations. Experience with GRC platforms or compliance automation tools. Cyber Essentials PLUS hands-on assessment or audit experience. Certifications such as CISSP, CISM, or CISA would be advantageous. The Location: Bristol (hybrid working) The More ❯

solutions align with organisational policies, risk appetite, and regulatory obligations, helping to reduce exposure and build long-term security maturity. Playing a key role in shaping information security architecture, governance, supporting secure design patterns, and guiding the organisation towards consistent, risk-informed decision-making. The Essential Criteria for this role is listed below. Proven experience in providing independent security or … security risks, including data protection, cloud security, and control assurance in complex environments. Excellent stakeholder management and communication skills, with confidence to engage and influence architects, IT leadership, and governance forums. Relevant professional certification (e.g. TOGAF, SABSA, CISSP, CISM) or equivalent experience in enterprise or security architecture within a risk or GRC function. More about you You're a strategic … security, and you know that secure design is fundamental to building trust, resilience, and business value. You're comfortable operating in the second line of defence, or a similar GRC function, and bring the confidence to challenge constructively, guide decision-making, and influence architectural outcomes. You thrive on translating complex security risks into practical design principles and are comfortable navigating More ❯

solutions align with organisational policies, risk appetite, and regulatory obligations, helping to reduce exposure and build long-term security maturity. Playing a key role in shaping information security architecture, governance, supporting secure design patterns, and guiding the organisation towards consistent, risk-informed decision-making. The Essential Criteria for this role is listed below. Proven experience in providing independent security or … security risks, including data protection, cloud security, and control assurance in complex environments. Excellent stakeholder management and communication skills, with confidence to engage and influence architects, IT leadership, and governance forums. Relevant professional certification (e.g. TOGAF, SABSA, CISSP, CISM) or equivalent experience in enterprise or security architecture within a risk or GRC function. More about you You're a strategic … security, and you know that secure design is fundamental to building trust, resilience, and business value. You're comfortable operating in the second line of defence, or a similar GRC function, and bring the confidence to challenge constructively, guide decision-making, and influence architectural outcomes. You thrive on translating complex security risks into practical design principles and are comfortable navigating More ❯

advisory program, employee referral scheme, lunch allowance, company events, etc. As ourDirector Resilience (m/f/d), you will be the leader of the Resilience Team of our Governance, Risk & Compliance (GRC) department in Global Data Centers (GDC) to contribute to the overall GRC mission. You'll be ensuring the resilience of the company to protect it from risks … Management System to protect employees on business travel and drive a risk-based Insurance Management. What you will do Disciplinary and professional leadership of the Resilience Team of the GRC department including the responsibility in Global Data Centers incl. all Region GDC is operating in for our Management Systems Budget responsibility for the Resilience budget Main objectives of the Mgt. More ❯

at KPMG; a diverse business requires diverse personalities, characters, and perspectives. There really is a place for you here. Why Join KPMG as a Manager - IGH GRCS? KPMG's Governance, Risk and Compliance Services (GRCS) practice within IGH is an area of the firm with tremendous growth potential. GRCS is an integral part of our Enterprise Risk advisory practice. We … provide services relating to internal audit, internal control, corporate governance, risk management and related assurance projects. Clients are based in the public sector and our services deliver added value to clients using modern control assessment, risk management and audit techniques focusing on strategic, management and operational issues as well as financial management and reporting controls. We also work closely with … and co-sourced contractual basis • Managing and directly delivering individual and/or a programme of internal audit projects which includes planning, review, quality assurance and reporting • Risk management, governance and internal audit advisory services • Risk identification workshops and control reviews • Delivering control and risk training • Managing and reviewing internal control questionnaires • Compliance internal audits • Working with members of other More ❯