1 to 25 of 30 Permanent GRC Jobs in London

CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status ...

CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status ...

CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status ...

excellence? If so, we are looking for an experienced IT Security Engineer to join our growing Security Ops team, working closely with the wider GRC & policy team, DevOps teams, Dev’ team & internal IT teams to make sure security is at the heart of all our technical process'. This role ...

practice/standards. Proven experience managing relationships with internal and external auditors, business and technology stakeholders and leading large-scale assessment programmes. Experience with GRC tools and data analytics to enhance efficiency and insight. Strong understanding of IT risk and control frameworks Experience with cloud and on-premises technology environments ...

market/competitive dynamics, and ensuring that we build a product that addresses real pain points for our users (e.g., cybersecurity/risk teams, GRC teams, supply chain teams). Key Responsibilities: Define and maintain a compelling product vision and roadmap aligned with business goals, customer needs and market dynamics … degree in business, engineering, computer science, or equivalent; advanced degree is a plus. Desired/Nice to Have: Experience in cybersecurity, risk management, GRC (governance, risk & compliance) or supply-chain risk management. Familiarity with third-party/vendor risk management platforms and frameworks (e.g., NIST, ISO 27001, SOC2, supply-chain ...

clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure. Services include: • Security consulting across the area of security governance, risk, compliance and standards alignment • Penetration testing • Security architecture for cloud and infrastructure • Detection and response • Fractional heads and virtual support • NCSC Assurance service provider ...

clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure. Services include: • Security consulting across the area of security governance, risk, compliance and standards alignment • Penetration testing • Security architecture for cloud and infrastructure • Detection and response • Fractional heads and virtual support • NCSC Assurance service provider ...

observable and enterprise-ready by: Implementing evaluation frameworks and safety checks across models and agents Designing monitoring, logging, tracing and incident-response patterns Applying governance, risk and compliance principles within client environments Supporting releases, environments and handover into client operations Ensuring reliability, reproducibility, performance and cost controls Reusable Assets & Consulting ...

cyber function in stakeholder meetings when required What we're looking for: 5+ years' cyber security experience, ideally in a software-led environment Strong GRC background with hands-on incident response experience Exposure to major incidents and complex security challenges Understanding of access management, vulnerability management, and technical security Confident ...

Design within the SDLC Threat modelling techniques HLD/LLD review and assurance Technical Knowledge Cloud security Network and infrastructure security AI security and governance ITHC scoping and remediation Cryptography, PKI, Zero Trust, PAM, RBAC, Cross Domain Solutions Cloud security posture management and endpoint security tooling Qualifications & Certifications Achieved ...

Consulting engagements. Act a subject matter expert in various security and risk management domains (e.g., IT risk management, cyber risk, security target operating model, governance, compliance, cyber security maturity assessment, metrics and C-level dashboards) and leading industry-based practices (e.g. NIST CSF, ISO 2700x) Managing the coordination and communication … and experience in implementing the regulations Experience working with regulated financial services entities 3+ years' variedexperience in information security, risk management Strongunderstanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS2 and DORA Hands-onexperience building credibility with external stakeholders Provenability ...

salary of up to £85,000.00 *depending on experience, skills and qualifications plus a 7.5% bonus. You'll be reporting to the Cyber Security Governance, Risk & Compliance Manager and contributing to crucial security initiatives. After a 6-month probation period, enjoy the flexibility of blended working - with 3 days ...

observable and enterprise-ready by: Implementing evaluation frameworks and safety checks across models and agents Designing monitoring, logging, tracing and incident-response patterns Applying governance, risk and compliance principles within client environments Supporting releases, environments and handover into client operations Ensuring reliability, reproducibility, performance and cost controls Reusable Assets & Consulting ...

protecting client data, intellectual property, and business operations while enabling secure innovation. Through four key pillars Digital Trust, Technical Assurance, Security Operations, and Governance, Risk and Compliance (GRC) the team delivers comprehensive security solutions that align with our firms strategic objectives as well as client and regulatory requirements. Our integrated … workable, mature and optimized function and service. This role requires extensive experience across all Identity and Access Management core disciples including identity management, identity governance and administration, privileged access, and conditional access and in particular, machine identities. It also requires deep technical skills in the DevSecOps. This role will support ...

Basic Salary + Hybrid Working Overview We are seeking an experienced Lead Cyber Security Solution Architect to lead a team of Governance, Risk, and Control (GRC) specialists. This team is responsible for conducting Secure-by-Design assessments on technology projects, ensuring compliance with IT security policies and requirements. Role and … Proven ability to manage complex tasks with broad scope and ambiguity. Strong background in cybersecurity assurance, policies, and standards. Expertise across IT security domains: Governance, IAM, Risk Management, Security Testing, Incident Management, Vulnerability Management. Experience in senior stakeholder engagement and management reporting. Ability to coach and mentor team members. Deep ...

engagements across multiple sectors, supporting clients in building robust cybersecurity strategies.This position is ideal for someone with a solid understanding of cybersecurity frameworks and governance practices with 3-5 years' experience, ideally coming from a professional services background and experience within the financial services and insurance sectors. The role … very much GRC focused to support delivery, 3rd party risk assessments, audits, policy, strategy, incident response. Your work will directly influence how businesses manage cyber risk and prepare for evolving threats. What You'll Do Translate complex cybersecurity concepts into clear, actionable guidance. Assess client cyber risks and recommend practical ...

permanent basis. This role offers the opportunity to lead and deliver strategic security initiatives across a varied client base, with a strong focus on governance, risk, and compliance. The successful candidate will have a proven background within an MSP or MSSP environment, ideally hold a CISSP certification and demonstrate deep … expertise in GRC frameworks, particularly ISO27001. Either experience of, or a strong desire to be trained up (by one of the best in the business), to act as a virtual Chief Information Security Officer (vCISO) is essential. This business has made significant investment into its Cyber Security Practice (most recently ...

Microsoft Defender, Intune, and Purview Promote cyber awareness and best practice across the organisation Collaborate with the Information Security Manager and Compliance Team on GRC activity Stay ahead of emerging threats, vulnerabilities, and industry trends Identify opportunities to improve security tooling, processes, and controls Skills & Experience Needed Microsoft 365 Defender …/Security Portal (endpoint and identity protection) Microsoft Purview (data governance and compliance, including Compliance Portal) Proven hands-on experience remediating vulnerabilities and applying patches in a live environment A strong understanding of cybersecurity principles and threat landscapes Experience with endpoint, network, and identity security within Microsoft ecosystems. Strong troubleshooting ...

and Adult Social Care in England. It has responsibility for designing, implementing and the ongoing assurance of the cyber security system risk management and compliance framework in place across the wider health and care system. The JCU iscomprisedof two divisions: Governance, Risk and Compliance - cyber and information governance, system engagement … system cyber risk through development and oversight of a system cyber risk scenario library, drawing on support from the cyber risk intelligence and cyber governance teams. About us Our work supports the NHS to deliver high quality services for patients and best value for taxpayers. Our staff bring expertise across ...

About Norse3 Norse3 is a next-generation AI governance, compliance, and risk-management platform designed for regulated and enterprise environments. We help organisations deploy and operate AI safely, compliantly, and at scale—covering AI risk registers, governance frameworks, audit readiness, and real-time monitoring aligned with … Engage senior decision-makers including CIOs, CROs, Heads of Compliance, Risk, Legal, and Innovation Articulate Norse3’s value proposition clearly in relation to AI governance, regulatory risk, and operational resilience Support onboarding and early account development to ensure long-term client success Go-to-Market Execution Work closely with leadership ...

company's infrastructure and data. This will include designing and deploying new systems, improving existing systems and processes, and supporting engineering, customer and GRC teams to provide the highest quality security outcomes for our team and customers. The role will cover the public hosted SaaS environment; private cloud hosted SaaS … improvements particularly focusing on privilege access management. Work with customer teams to communicate Smart Communications security posture to customers and prospects. Working with the GRC team by implementing security tools and processes used to support ISO 27001, SOC2, PCI, and other certifications held by Smart Communications. What we are looking ...

regulatory requirements (GDPR, NIS2) and interface with auditors. Innovate: Lead evaluations of security tools and adopt Hansen’s AI-first approach to enhance processes. Governance Leadership: Chair IT & Security governance forums and maintain robust reporting mechanisms. What You Bring Proven experience in security operations, engineering, architecture, and GRC. Strong knowledge ...

building the infrastructure that makes autonomous AI safe for enterprise deployment. Not governance theatre. Not compliance checkboxes. Actual technical systems that can monitor, quantify, and govern AI agents operating with autonomy in production environments. If you've been following the trajectory from static models to agentic systems—and the corresponding … firms navigating the shift from analytical AI to agentic systems. The market timing is critical: enterprises are deploying agents at scale, regulators are demanding governance frameworks, and existing Third-Party Risk Management (TPRM) platforms have near-zero AI-risk depth. We have an estimated 18-24 month competitive window before ...

leading professional services organisation is looking for an Information Security Officer with strong governance, risk, and compliance experience. This is a standalone role with real ownership — ideal for someone ready to step up and shape a growing security function. The Role Build and mature security frameworks (ISO 27001, CE+, NIST … Support ISO 22301/business continuity Coordinate internal/external audits and evidence gathering Manage vendor risk and customer due-diligence requests Provide independent governance oversight (separate from IT Ops) About You Strong experience with ISO 27001 (Annex 8), CE+, and risk management Background in audits, incident response, and governance ...