1 to 25 of 35 DemandTrendPermanent GRC Jobs in the City of London

and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯

and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

globally. What You’ll Do Advise executive stakeholders on defining and executing risk-based cyber security strategies. Design and deliver cyber transformation programmes that align with business goals. Define governance frameworks, target operating models, and maturity roadmaps. Support clients in achieving regulatory compliance (e.g., NIS2, GDPR, ISO27001). Lead or support project delivery across multiple sectors and stakeholder levels. What … and team management (Agile or Waterfall). Analytical and lateral problem-solving mindset. Bonus if you have: Security clearance or the ability to obtain it. Hands-on experience across GRC, cyber threat management, or vulnerability management. If you’re ready to work on some of the most pressing and complex cyber challenges facing organisations today and want to do it More ❯

resilience and enable growth. What You’ll Do Advise executives on actionable cyber strategies to support digital transformation Shape and deliver cyber transformation programmes aligned with organisational objectives Design governance and operational models to enhance cyber maturity and regulatory readiness Assess and define risk-based roadmaps that embed cyber security into business operations Work across a range of industries and … of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability management Strong communication skills – written and verbal – with the ability to present to both technical and business stakeholders Consulting: Proven project delivery using Agile and Waterfall More ❯

site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements … activities with the Group Information Security Framework, Cyber Essentials, and PCI DSS attestation. Collaborating with the wider organization to integrate control testing and risk management activities into the existing governance framework. Assisting cross-functional teams and business units in integrating security measures into business operations. Facilitating regular reviews and updates of control and risk management processes to remain effective and … responsive to emerging threats and changes in the organizational landscape. Documenting and visualizing reports for governance forums, providing insights and recommendations to inform decision-making and risk management strategy across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks. Practical experience of implementing NIST CSF More ❯

site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements … activities with the Group Information Security Framework, Cyber Essentials, and PCI DSS attestation. Collaborating with the wider organization to integrate control testing and risk management activities into the existing governance framework. Assisting cross-functional teams and business units in integrating security measures into business operations. Facilitating regular reviews and updates of control and risk management processes to remain effective and … responsive to emerging threats and changes in the organizational landscape. Documenting and visualizing reports for governance forums, providing insights and recommendations to inform decision-making and risk management strategy across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks. Practical experience of implementing NIST CSF More ❯

Information Security Risk and Governance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days/week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity’s most devastating … world-class team at the intersection of biology, AI, and engineering. Role Overview This role offers a unique opportunity to architect and operationalise a best-in-class information security governance framework. Reporting directly to the Chief Information Security Officer (CISO), you will lead strategic efforts to embed security, trust, and regulatory readiness into a platform that supports world-leading biomedical … research and drug design. You will play a pivotal role in aligning data governance, security operations, and compliance within an environment that spans regulated biopharma workflows, cloud-native infrastructure, and AI/ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for More ❯

Information Security Risk and Governance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days/week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity’s most devastating … world-class team at the intersection of biology, AI, and engineering. Role Overview This role offers a unique opportunity to architect and operationalise a best-in-class information security governance framework. Reporting directly to the Chief Information Security Officer (CISO), you will lead strategic efforts to embed security, trust, and regulatory readiness into a platform that supports world-leading biomedical … research and drug design. You will play a pivotal role in aligning data governance, security operations, and compliance within an environment that spans regulated biopharma workflows, cloud-native infrastructure, and AI/ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for More ❯

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform £70–80k base + 10% bonus Hybrid in London Training budget for certifications + conference attendance Strong emphasis on professional autonomy and ethical leadership A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of … required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans Mentorship ability … ready to step up, guide analysts, and model high-integrity InfoSec practice What you’ll be doing: GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays Security awareness & training: manage phishing simulations and content using Proofpoint Security architecture reviews: support More ❯

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform £70–80k base + 10% bonus Hybrid in London Training budget for certifications + conference attendance Strong emphasis on professional autonomy and ethical leadership A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of … required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans Mentorship ability … ready to step up, guide analysts, and model high-integrity InfoSec practice What you’ll be doing: GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays Security awareness & training: manage phishing simulations and content using Proofpoint Security architecture reviews: support More ❯

Are you passionate about risk management, compliance, and protecting organisational integrity? Join a team as a Governance, Risk & Compliance (GRC) Analyst and play a pivotal role in strengthening our operational resilience and regulatory alignment. About the Role As the GRC Analyst, you’ll work closely with process owners, auditors, and stakeholders to monitor and address risk and compliance issues. You … ll be responsible for administering ISO 27001, ISO 22301, and PCI compliance programs, managing audits, and overseeing our GRC tooling to ensure it’s configured and maintained to the highest standards. Key Responsibilities Own and manage the GRC tool and vendor relationship Lead risk assessments, compliance reviews, and validation testing Support and manage ISO 27001, 22301, and other audits Maintain … a central repository for audit evidence Develop and enhance the GRC framework in line with best practices Collaborate across teams to identify and mitigate IT and business risks Maintain the IT Risk Register and RoPA Align closely with the Group Risk function and Head of Audit What We’re Looking For Strong computer literacy and adaptability to niche IT systems More ❯

Are you passionate about risk management, compliance, and protecting organisational integrity? Join a team as a Governance, Risk & Compliance (GRC) Analyst and play a pivotal role in strengthening our operational resilience and regulatory alignment. About the Role As the GRC Analyst, you’ll work closely with process owners, auditors, and stakeholders to monitor and address risk and compliance issues. You … ll be responsible for administering ISO 27001, ISO 22301, and PCI compliance programs, managing audits, and overseeing our GRC tooling to ensure it’s configured and maintained to the highest standards. Key Responsibilities Own and manage the GRC tool and vendor relationship Lead risk assessments, compliance reviews, and validation testing Support and manage ISO 27001, 22301, and other audits Maintain … a central repository for audit evidence Develop and enhance the GRC framework in line with best practices Collaborate across teams to identify and mitigate IT and business risks Maintain the IT Risk Register and RoPA Align closely with the Group Risk function and Head of Audit What We’re Looking For Strong computer literacy and adaptability to niche IT systems More ❯

I’m currently working with a business that is looking to hire a Group Cyber GRC Manager. This is a fantastic opportunity to take ownership of a global cyber GRC function, shaping strategy and driving maturity across a complex, multinational environment. The Role Define and deliver the strategic roadmap for global Cyber GRC. Lead and develop a high-performing team … data-driven insights and dashboards for senior stakeholders. Champion a strong security culture and continuous improvement mindset. What they are looking for: Proven success leading high-performing security or GRC teams. Expertise in cyber risk management, frameworks, and assurance. Strong stakeholder engagement and communication skills. Experience in large, federated, and complex global organisations would be particularly valuable. Certifications such as More ❯

I’m currently working with a business that is looking to hire a Group Cyber GRC Manager. This is a fantastic opportunity to take ownership of a global cyber GRC function, shaping strategy and driving maturity across a complex, multinational environment. The Role Define and deliver the strategic roadmap for global Cyber GRC. Lead and develop a high-performing team … data-driven insights and dashboards for senior stakeholders. Champion a strong security culture and continuous improvement mindset. What they are looking for: Proven success leading high-performing security or GRC teams. Expertise in cyber risk management, frameworks, and assurance. Strong stakeholder engagement and communication skills. Experience in large, federated, and complex global organisations would be particularly valuable. Certifications such as More ❯

level technical design. Platform Strategy & Roadmapping: Develop and articulate ServiceNow platform strategies and roadmaps, identifying opportunities for leveraging out-of-the-box capabilities, integrations, and strategic customizations. Technical Advisory & Governance: Act as a subject matter expert and technical advisor to clients and internal teams, providing guidance on platform capabilities, performance optimization, security, and scalability. Establish technical governance to ensure solution … and implement end-to-end ServiceNow solutions across multiple modules. Deep understanding of the ServiceNow platform architecture, data model, and security framework. Expertise in ServiceNow best practices, including platform governance, performance optimization, and security hardening. Proven experience with large-scale ServiceNow implementations and complex integrations. Strong analytical and problem-solving skills with the ability to articulate complex technical concepts to … both technical and non-technical audiences. Experience with Agile development methodologies. Relevant ServiceNow certifications (e.g., Certified Master Architect, Certified Technical Architect, Certified Application Developer, Certified System Administrator). ServiceNow GRC & SecOps More ❯

level technical design. Platform Strategy & Roadmapping: Develop and articulate ServiceNow platform strategies and roadmaps, identifying opportunities for leveraging out-of-the-box capabilities, integrations, and strategic customizations. Technical Advisory & Governance: Act as a subject matter expert and technical advisor to clients and internal teams, providing guidance on platform capabilities, performance optimization, security, and scalability. Establish technical governance to ensure solution … and implement end-to-end ServiceNow solutions across multiple modules. Deep understanding of the ServiceNow platform architecture, data model, and security framework. Expertise in ServiceNow best practices, including platform governance, performance optimization, and security hardening. Proven experience with large-scale ServiceNow implementations and complex integrations. Strong analytical and problem-solving skills with the ability to articulate complex technical concepts to … both technical and non-technical audiences. Experience with Agile development methodologies. Relevant ServiceNow certifications (e.g., Certified Master Architect, Certified Technical Architect, Certified Application Developer, Certified System Administrator). ServiceNow GRC & SecOps More ❯

Cyber Strategy Manager to lead the design and execution of cyber programmes for complex, large-scale clients. You’ll work directly with C-level stakeholders, shaping cyber operating models, governance structures, and transformation initiatives. Key Responsibilities Own end-to-end delivery of cyber strategy and transformation engagements Define and execute security roadmaps, operating models, and risk frameworks Lead teams delivering … GRC, cyber maturity, and compliance workstreams Communicate with client execs (CISO, CTO, Audit) and manage internal delivery teams Contribute to business development, team mentorship, and capability growth What We’re Looking For 5+ years in cybersecurity or cyber advisory Experience leading cyber transformation in a consulting or enterprise environment Deep understanding of frameworks: NIST, ISO27001, GDPR, NIS2, CAF Track record More ❯

Cyber Strategy Manager to lead the design and execution of cyber programmes for complex, large-scale clients. You’ll work directly with C-level stakeholders, shaping cyber operating models, governance structures, and transformation initiatives. Key Responsibilities Own end-to-end delivery of cyber strategy and transformation engagements Define and execute security roadmaps, operating models, and risk frameworks Lead teams delivering … GRC, cyber maturity, and compliance workstreams Communicate with client execs (CISO, CTO, Audit) and manage internal delivery teams Contribute to business development, team mentorship, and capability growth What We’re Looking For 5+ years in cybersecurity or cyber advisory Experience leading cyber transformation in a consulting or enterprise environment Deep understanding of frameworks: NIST, ISO27001, GDPR, NIS2, CAF Track record More ❯

processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous control monitoring. Create & execute test plans and participate in client UAT & production migration Manage GRC Use-stories in agile team and lead the iterations from delivery perspective Understand Observables, Indicators of Compromise (IOC) and IoC Look Ups Good to have experience with configuring and implementing … Service-Now GRC Applications/Modules with working knowledge of its built-in capabilities including Plug-ins, Workflows, UI elements, tables, dictionaries, integrations and dependencies. Experience of working on Scripting in ServiceNow. Skills Certified ServiceNow IRM/SecOps administrator/consultant (this is mandatory) Must have concluded at least 1 lifecycle of ServiceNow IRM/SecOps implementation. Experience in JavaScript … API, Web Services Working knowledge of Vulnerability Mgmt. process & tools ISO/CISA/CISM/CISSP/CRICS (preferred) PLATFORM/TOOL EXPERTISE ServiceNow GRC & SecOps More ❯

processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous control monitoring. Create & execute test plans and participate in client UAT & production migration Manage GRC Use-stories in agile team and lead the iterations from delivery perspective Understand Observables, Indicators of Compromise (IOC) and IoC Look Ups Good to have experience with configuring and implementing … Service-Now GRC Applications/Modules with working knowledge of its built-in capabilities including Plug-ins, Workflows, UI elements, tables, dictionaries, integrations and dependencies. Experience of working on Scripting in ServiceNow. Skills Certified ServiceNow IRM/SecOps administrator/consultant (this is mandatory) Must have concluded at least 1 lifecycle of ServiceNow IRM/SecOps implementation. Experience in JavaScript … API, Web Services Working knowledge of Vulnerability Mgmt. process & tools ISO/CISA/CISM/CISSP/CRICS (preferred) PLATFORM/TOOL EXPERTISE ServiceNow GRC & SecOps More ❯

and internal policies across multiple jurisdictions. You will implement compliance programs, monitor adherence, provide risk-based legal advice, and help shape a compliance-focused culture. Key Accountabilities: Compliance and Governance Ensure the organisation adheres to corporate governance standards, codes of conduct and relevant laws across all jurisdictions. Monitor regulatory developments and interpret their relevance and impact on the business, providing … not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and manage internal reporting mechanisms by liaising with internal Global Risk and Compliance (GRC) function. Global Regulatory Compliance Ensure compliance with international legal and regulatory frameworks (e.g. GDPR, FCPA, local employment laws). Liaise with external counsel where jurisdiction-specific advice is needed with More ❯

and internal policies across multiple jurisdictions. You will implement compliance programs, monitor adherence, provide risk-based legal advice, and help shape a compliance-focused culture. Key Accountabilities: Compliance and Governance Ensure the organisation adheres to corporate governance standards, codes of conduct and relevant laws across all jurisdictions. Monitor regulatory developments and interpret their relevance and impact on the business, providing … not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and manage internal reporting mechanisms by liaising with internal Global Risk and Compliance (GRC) function. Global Regulatory Compliance Ensure compliance with international legal and regulatory frameworks (e.g. GDPR, FCPA, local employment laws). Liaise with external counsel where jurisdiction-specific advice is needed with More ❯

Are you a seasoned SAP Security and GRC expert ready to lead transformative ERP engagements across diverse industries? We're partnering with a leading consultancy to find a Senior Manager who will spearhead SAP S/4 HANA security and access management initiatives, driving innovation and compliance in financial transformation programmes. About the Role As a Senior Manager, you'll … ownership of SAP Security architecture and implementation, leading teams through complex ERP transformations. You'll work closely with senior stakeholders to assess risks, define strategy, and deliver robust access governance solutions across SAP and non-SAP platforms. Key Responsibilities Lead SAP Security and GRC strategy development and implementation. Oversee access management policies, user provisioning, and SoD controls. Manage greenfield SAP … Deep knowledge of S/4 HANA, BW/4 HANA, SAP Analytics Cloud, SAP Access Controls, IAG, BTP, and cloud apps like SuccessFactors, Ariba, and Concur. Expertise in GRC tools such as Saviynt, SailPoint, Pathlock. Strong understanding of SOX, GDPR, and other regulatory frameworks. Excellent project management and communication skills. Professional certifications (e.g., SAP Access Control 12.0, CISSP, CISM More ❯