1 to 25 of 87 Permanent GRC Jobs in London

will be influenced by your own breadth of experience and can encompass a wide spectrum of tasks, from crafting robust security architectures to offering guidance on GRC (governance, risk management, and compliance) activities. Your responsibilities may also involve: Offering your security expertise in support of significant system procurements and Agile programs, ensuring the secure delivery of solutions. Identifying, analysing, and More ❯

following fields of expertise: 7+ years' varied experience in information security, data protection, and security architecture roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, UK CNI/OT/IIOT compliance. Hands-on experience building credibility with More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

risk assessments. Excellent analytical, organisational, and problem-solving skills. Strong written and verbal communication skills, with experience presenting to senior leaders. Proficiency in Risk management platforms (e.g., Archer, ServiceNow GRC). Professional certifications such as CTPRP, CISM, CISSP, or CRISC are highly desirable. What do we offer in return? A career that you define. Yes, we offer all the usual More ❯

Are you looking for an exciting new opportunity? Join a London based, product-agnostic consultancy specialising in information security governance, risk, and compliance management for clients across Europe. With a deep-rooted passion for cyber risk, the team excels at developing measurable controls that align with an organisation's risk appetite, capacity, and tolerance for breaches. Known for crafting innovative More ❯

and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯

and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯

team of high quality advisors that are able to work effectively with technical teams and business leaders around the globe. Gather feedback on policies and standards from implementation teams, GRC and cyber operations to improve and optimize the policies and standards. Act as a point of escalation for any infosec or policy issues, and undertaking risk assessments before approving any More ❯

Please visit our careers site to find out more about working at Ki Job Details: Technology Governance Analyst Full details of the job. Vacancy Name: Technology Governance Analyst Employment Type: Permanent Location: London Role Details How insurance is underwritten here hasn't changed in 300 years - until now. At Ki, we are genuinely solving problems that haven't been solved … a risk taxonomy and reference library. Incident & Event Management - Review, analyse, and document internal/external risk events; support risk assessments, control testing, and vendor assurance processes. Risk Controls & Governance - Develop and maintain governance frameworks, policies, and IT controls; manage compliance procedures and support the GRC platform. Technology Service Governance - Operate service interfaces, track governance decisions, analyse performance metrics, and … facilitate audits/certifications. Reporting & Documentation - Prepare reports on technology risk and governance performance; maintain accurate documentation and explore new risk visualisations. Collaboration & Learning - Drive awareness campaigns, support compliance training, research advancements in technology risk, and contribute to team development. Required skills & experience: Experience in Enterprise technology services, support or administration including ITIL and asset management Understanding of various types More ❯

in security across our entire organisation What you'll have: A passion for security, a drive to make things better by harnessing technology Experience in, or knowledge of, automating GRC and other security processes to reduce manual work Strong analytical and problem-solving skills, with the ability to identify and mitigate security risks A good understanding of information security principles More ❯

globally. What You’ll Do Advise executive stakeholders on defining and executing risk-based cyber security strategies. Design and deliver cyber transformation programmes that align with business goals. Define governance frameworks, target operating models, and maturity roadmaps. Support clients in achieving regulatory compliance (e.g., NIS2, GDPR, ISO27001). Lead or support project delivery across multiple sectors and stakeholder levels. What … and team management (Agile or Waterfall). Analytical and lateral problem-solving mindset. Bonus if you have: Security clearance or the ability to obtain it. Hands-on experience across GRC, cyber threat management, or vulnerability management. If you’re ready to work on some of the most pressing and complex cyber challenges facing organisations today and want to do it More ❯

globally. What You’ll Do Advise executive stakeholders on defining and executing risk-based cyber security strategies. Design and deliver cyber transformation programmes that align with business goals. Define governance frameworks, target operating models, and maturity roadmaps. Support clients in achieving regulatory compliance (e.g., NIS2, GDPR, ISO27001). Lead or support project delivery across multiple sectors and stakeholder levels. What … and team management (Agile or Waterfall). Analytical and lateral problem-solving mindset. Bonus if you have: Security clearance or the ability to obtain it. Hands-on experience across GRC, cyber threat management, or vulnerability management. If you’re ready to work on some of the most pressing and complex cyber challenges facing organisations today and want to do it More ❯

resilience and enable growth. What You’ll Do Advise executives on actionable cyber strategies to support digital transformation Shape and deliver cyber transformation programmes aligned with organisational objectives Design governance and operational models to enhance cyber maturity and regulatory readiness Assess and define risk-based roadmaps that embed cyber security into business operations Work across a range of industries and … of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability management Strong communication skills – written and verbal – with the ability to present to both technical and business stakeholders Consulting: Proven project delivery using Agile and Waterfall More ❯

resilience and enable growth. What You’ll Do Advise executives on actionable cyber strategies to support digital transformation Shape and deliver cyber transformation programmes aligned with organisational objectives Design governance and operational models to enhance cyber maturity and regulatory readiness Assess and define risk-based roadmaps that embed cyber security into business operations Work across a range of industries and … of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability management Strong communication skills – written and verbal – with the ability to present to both technical and business stakeholders Consulting: Proven project delivery using Agile and Waterfall More ❯

solutions that automate evidence gathering and real-time compliance monitoring across frameworks such as NIST 800-53, HITRUST, PCI-DSS, and FedRAMP. - Collaborate Across Teams: Partner with cloud engineering, GRC, and program teams to align internal tooling with evolving compliance needs and operational goals. Qualifications (Text Only) Required Qualifications: - Demonstrated experience deploying automation for security operations (SOAR platforms, script-based More ❯

better place. A safer place. A more ethical place. A place where anyone, anywhere can have a voice. That's a serious impact. NAVEX is a global leader in GRC solutions and helps organisations strengthen their risk and compliance programs with a 360-degree view of enterprise, third party and ecosystem risk for enhanced regulatory compliance and proactive risk management. More ❯

ServiceNow ServiceNow IRM knowledge A proven track record of implementing ServiceNow, delivering to deadline and milestones ServiceNow Certified Administrator with ServiceNow CIS in one or more ServiceNow modules (ideally GRC and/or HR) Demonstrable evidence of delivering real and sustainable ServiceNow solutions Some experience of people management and ability to manage different types/groups of stakeholders to build More ❯

digital risk frameworks, methodologies, and compliance requirements. Ability to interpret IT Risk regulatory requirements and translate them into actionable sales opportunities. Proficiency in risk management tools and platforms (e.g. GRC platforms), ideally with experience in implementing and/or optimizing these solutions. Proven strategic experience in leading risk assessments and developing and implementing risk mitigation strategies. Strong analytical and problem … Exceptional communication and presentation skills for executive reporting, stakeholder engagement, and internal team leadership. To qualify for the role you should have Extensive experience in digital risk management, IT governance, cybersecurity, or related fields; experience with AI would be an additional advantage. Professional certifications such as CISA, CISSP, or equivalent (preferred but not mandatory). Significant expertise in risk management More ❯

The post holder will need todevelop strong relationships with the rest of legal team, senior management andin particular key stakeholders in the SaaS Operations, SaaS Commercial andSales, Security, Privacy, Governance, Risk and Compliance and Finance teams. The post holder will be responsible forensuring the consistent application of the company internal policies and thatappropriate expert legal advice is applied to our More ❯

of navigating material weakness or significant deficiency remediation is advantageous, but not essential. Some experience of significant finance transformation activities in ICFR or with ICFR impacts, such as a GRC implementation, global process owner deployment, an ERP implementation, or technology enablement of the annual ICFR cycle, is advantageous, but not essential. Experience of betting, gaming or online entertainment businesses is More ❯

of defense. Contribute to the evolution of the Technology and Cyber Risk and Control Framework through data-driven insights. Ensure alignment of analytics activities with regulatory expectations and internal governance standards. Drive continuous improvement in risk data quality, reporting processes, and analytics capabilities. The Requirements: Skills: Strong knowledge of risk management frameworks (e.g., NIST, ISO 27001, COBIT) and control environments. … general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using Power BI, Tableau, or similar tools). Familiarity with GRC platforms and risk data management practices. Experience in a risk management, IT audit, or cyber security role within a financial services or regulated environment. Ability to interpret complex technical data More ❯

of defense. Contribute to the evolution of the Technology and Cyber Risk and Control Framework through data-driven insights. Ensure alignment of analytics activities with regulatory expectations and internal governance standards. Drive continuous improvement in risk data quality, reporting processes, and analytics capabilities. Qualifications The Requirements: Skills: Strong knowledge of risk management frameworks (e.g., NIST, ISO 27001, COBIT) and control … general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using Power BI, Tableau, or similar tools). Familiarity with GRC platforms and risk data management practices. Experience in a risk management, IT audit, or cyber security role within a financial services or regulated environment. Ability to interpret complex technical data More ❯

As a Senior Product Manager , your focus will be on our Governance, Risk and Compliance, (GRC) product , you will define and drive the end-to-end product vision and strategy for your area. You will work closely with customers to understand their needs and pain points and prioritize and sequence feature development and releases leading to significant and tangible business … What You'll Need Undergraduate degree or equivalent combination of education and experience in a related field 6 years of related experience in Product Management Experience within Audit or Governance, Risk & Compliance (GRC) Preferred qualifications A proven track record of leading the development of product vision and strategy Shipped products with great customer experience user reviews A self-starter mindset … to execute in a fast-paced environment with minimal direction An excellent understanding of product development and how web technologies work Working knowledge of Audit or Governance, Risk & Compliance (GRC) space or with related subject matter Strong Leadership skills - the ability to influence and inspire across multiple teams and job functions Strong analytical, problem solving, and prioritization skills Experience working More ❯

My client, an International Financial Services firm based in London, are looking for an IT Security Governance and Risk AVP to join their growing team. They would like individuals to come from Financial Services background. You have to be in the office two times per week.Feedback from the Hiring Manager on CV's he has seen so far:The CVs … security tools or policy strategy focused. About the IT Security Goverance and Risk AVP role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is robust, compliant against the security policy, standards and controls. The position will require close collaboration with technical, operational, compliance and … stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. RSA Archer is preferred. Financial and/or Banking industry experience preferred. Ideally qualified in MSc Information Security, CICA, CRISC, CISM and/or Data analysis More ❯

Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment with … wellness and employee assistance programmes, gymflex, buy and sell annual leave, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external More ❯