14 of 14 Permanent GRC Jobs in Central London

purpose Implementing Information and Cybersecurity outcomes across a diverse portfolio of S&R project offerings Advising clients across cyber transformation, security strategy, governance, operating model, risk & compliance, maturity assessments, resilience and architecture Conducting threat modelling, impact analysis, architecture and assurance reviews, defining appropriate remediation actions Supporting implementation of cybersecurity controls ...

languages, Terraform/IaC, CDK, or React. Familiarity with GDPR, ISO 27001, SOC 2, EU AI Act/LLMs. Experience delivering audits or using GRC tools (e.g. Drata, Vanta) Interest in AI and/or knowledge of AI security risks and frameworks (e.g. ISO 42001). Security qualifications or certifications ...

About the Company Headquartered in Denmark and backed by a leading European private equity investor, our partner is a fast-growing European GRC (Governance, Risk & Compliance) SaaS company. Trusted by Tier 1 clients across highly regulated industries, they are experiencing a phase of significant and exciting growth. With strong recurring … revenues and rapidly increasing enterprise contract values, governance, information security, and commercial discipline are central to long-term value creation. The Role Reporting directly to the Head of Operations, the Contracts & Compliance Manager will take ownership of the contracts and compliance function within a growing, regulated environment. This ...

observable and enterprise-ready by: Implementing evaluation frameworks and safety checks across models and agents Designing monitoring, logging, tracing and incident-response patterns Applying governance, risk and compliance principles within client environments Supporting releases, environments and handover into client operations Ensuring reliability, reproducibility, performance and cost controls Experience & Skills This ...

safe by: Implementing evaluation frameworks for accuracy, coverage interpretation, decision consistency and bias Designing monitoring, logging and tracing suitable for regulated insurance environments Applying governance, risk and compliance principles (eg audit trails, explainability, access controls) Supporting controlled releases and operational handover into insurer IT and operations teams Ensuring reliability, reproducibility ...

information and cyber security across the organisation Manage and optimise third-party security relationships , including suppliers, MSPs, and assurance partners Oversee security governance, risk management, and compliance activities Provide leadership and direction to a small internal team , supported by external vendors Engage with senior stakeholders to translate security risk into ...

Title: Cyber Governance Consultant – Permanent Location: Hybrid (Client sites, Company offices, and Home – note: cannot be fully remote) About the Role: We are looking for a Cyber Governance Consultant ( 2 - 4 years experience) to help clients design and implement cyber guidelines and governance frameworks tailored to their specific needs. … Experience: Experience designing or implementing secure solutions based on regulatory frameworks such as ISO, NIS, NIST, TISAX, DORA, NCSC CAF, or IEC62443. Background in GRC consulting or cybersecurity governance. Ability to balance security, compliance, usability, agility, and cost considerations. Experience creating business cases, roadmaps, or strategic recommendations for regulatory compliance. ...

organisation places strong emphasis on cyber resilience, regulatory compliance, and effective OT risk management. They are seeking an OT Risk Analyst to support their Governance, Risk & Compliance (GRC) function. This is a hands-on delivery role focused on identifying, assessing, and managing OT cyber risks across operational environments, ensuring risks … control profiles, and supporting evidence Work with OT stakeholders (engineering, operations, maintenance) to understand asset criticality, safety impacts, and operational constraints Support the wider GRC function by gathering OT risk-related data and contributing to mitigation planning, reporting, and governance forums Support supply chain and third-party OT cyber risk ...

impressive multinational Telecoms business is looking for an accomplished Senior GRC Manager to join its team based in London. Please note, this role is hybrid so you will be required to work in the office 3 days per week. The Senior Governance, Risk & Compliance (GRC) Manager will be responsible … establishing, operating, and continuously improving the organisations enterprise-wide compliance, risk, and security governance frameworks. This senior leadership role requires deep expertise across regulatory, industry, and cybersecurity standards specifically the UK Telecom Security Act, PCI DSS, ISO 27001, and NIS2. You will act as the organisations authoritative subject-matter expert ...

suitable for this role you must be an accomplished Information Security Manager with an expert understanding of ISO 27001 standards. You will oversee the Governance, Risk and Compliance (GRC) framework, ensuring robust standards are met across information security, physical security, crisis management, privacy and regulatory compliance.You will enhance business resilience … policies, procedures, and controls are in place. You will act as the guardian of the firms regulatory and ethical obligations, ensuring that all data governance and InfoSec laws and regulations are adhered to. In order to be suitable for this role of significant responsibility you must be an accomplished Information ...

organisations across the UK prioritise and focus on technology efforts. Key Responsibilities Support the delivery of the Information Security Management System (ISMS), including the governance, risks & issues and compliance returns for National Policing. Maintain Security Policy framework, working with stakeholders to ensure that Information Security related Policies, Procedures and Standards … architecture stack Developing strong working relationships with a number of stakeholders Implementing/running security processes aligned to information and cyber security governance frameworks Non-police personnel vetting and Security Check will be required and must be maintained during tenure. Will be required to sign Official Secrets ...

leading professional services organisation is looking for an Information Security Officer with strong governance, risk, and compliance experience. This is a standalone role with real ownership — ideal for someone ready to step up and shape a growing security function. The Role Build and mature security frameworks (ISO 27001, CE+, NIST … Support ISO 22301/business continuity Coordinate internal/external audits and evidence gathering Manage vendor risk and customer due-diligence requests Provide independent governance oversight (separate from IT Ops) About You Strong experience with ISO 27001 (Annex 8), CE+, and risk management Background in audits, incident response, and governance ...

KPMG offices. Our services are of both an assurance and transformation in nature and include: General IT and ERP controls, design and implementation of GRC operating models and solutions, IT Security and Risk Management, control automation, design and implementation of SOX 404 control framework, design and implementation of controls … wider strategic plan to grow our ERP & Business Systems team. The services we provide include External and Internal Assurance, Controls Transformation, Process Optimisation and GRC implementations. This work is delivered through stand-alone assignments, or as part of internal audit engagements. Typical activities include: Responsibility for quality, value add and ...

payments data use cases across clearing, settlement, liquidity and regulatory reporting. The position focuses on cloud-native data platforms, AI/ML enablement and governance-aligned delivery in a highly regulated, large-scale banking environment. Key responsibilities: 1) Data Platform Strategy & Architecture Define and own a multi-year data platform … with enterprise standards. Industrialize validated solutions into reusable accelerators, templates and patterns. Quantify business impact and ROI to support prioritization and scaling decisions. 5) Governance, Risk & Compliance Alignment Ensure alignment with enterprise data governance, metadata, lineage and data quality standards. Embed regulatory and conduct-risk considerations (e.g., data privacy, auditability ...