1 to 25 of 34 Permanent GRC Jobs in the North of England

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years’ experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years’ experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

possess the following? Relevant experience in cybersecurity risk management or equivalent in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of More ❯

Senior GRC Analyst This is a hybrid role and can be based from either our Peterborough, Manchester, Stoke, Tunbridge Wells or Chesterfield office. Role Purpose: Reporting to the Head of Information Security to provide BAU operational technical security support. The Senior GRC Analyst will be responsible for compliance governance to security standards, delivering required GRC processes and analysis day to … also help provide ongoing assurance that digital systems and data are safe and secure. Key Accountabilities & Responsibilities: Be an SME for PCI DSS and contribute to and ensure compliance governance to security standards. Contribute to business and technology audits. Engagement with 3rd party partners as a SME and to ensure due diligence process adherence. Management IT Security GRC activities and … end-to-end delivery of information security practices and processes. SME, advice, oversight and governance of security policies, processes, procedures and standards. Contribute to the delivery of the security roadmap and a continuous improvement model for security. Ensure Information Security controls are operating effectively. Ensure where gaps are identified that these have remediation plans agreed and delivered. Ensure annual Security More ❯

security leader with a blend of strategic vision and operational expertise. You should bring: Proven experience defining and executing cyber security strategy at a senior level Strong knowledge of governance, risk, compliance, and regulatory frameworks Leadership experience managing cyber security operations teams Excellent stakeholder management skills, including board-level engagement The ability to represent the organisation externally with authority and More ❯

technical audiences Experience working in a consultancy environment, with a strong understanding of client engagement and delivery dynamics Desirable Experience Identity management and authentication/authorization patterns Involvement in governance, risk, compliance, operational security, and secure user management Penetration testing certifications (e.g. OSCP, CREST, TIGER or equivalent) Active participation in knowledge sharing and community engagement Benefits Competitive salary and comprehensive More ❯

into CI/CD workflows Familiarity with security frameworks such as DSOMM, OWASP, and SAMM Suitability: This role is a technical hands-on security engineering role, it is NOT GRC focused. It would be well-suited to experienced Security Engineers or Developers with a strong security focus and interest in building secure, scalable systems in the cloud and alongside Salesforce More ❯

Governance, Risk & Compliance Specialist Location: Manchester, UK (on-site, full-time … Eligibility: Open only to UK citizens/residents with full work rights About the Role We’re seeking a Governance, Risk & Compliance (GRC) Specialist to strengthen our security, risk management, and compliance practices. This role ensures our organisation meets regulatory requirements, manages information security risks, and upholds governance standards. Key Responsibilities Monitor and manage IT security risks, maintaining risk registers … with UK regulations (GDPR, NIS, Data Protection Act) and international standards (ISO 27001). Support audits, compliance reporting, and incident response activities. Assist in drafting and updating security policies and governance frameworks. Contribute to staff awareness and training initiatives. Assess vendor/third-party security risks and compliance. What You’ll Bring Knowledge of UK regulatory frameworks (GDPR, NIS, Data More ❯

Governance, Risk & Compliance Specialist Location: Manchester, UK (on-site, full-time … Eligibility: Open only to UK citizens/residents with full work rights About the Role We’re seeking a Governance, Risk & Compliance (GRC) Specialist to strengthen our security, risk management, and compliance practices. This role ensures our organisation meets regulatory requirements, manages information security risks, and upholds governance standards. Key Responsibilities Monitor and manage IT security risks, maintaining risk registers … with UK regulations (GDPR, NIS, Data Protection Act) and international standards (ISO 27001). Support audits, compliance reporting, and incident response activities. Assist in drafting and updating security policies and governance frameworks. Contribute to staff awareness and training initiatives. Assess vendor/third-party security risks and compliance. What You’ll Bring Knowledge of UK regulatory frameworks (GDPR, NIS, Data More ❯

Governance, Risk & Compliance Specialist Location: Manchester, UK (on-site, full-time … Eligibility: Open only to UK citizens/residents with full work rights About the Role We’re seeking a Governance, Risk & Compliance (GRC) Specialist to strengthen our security, risk management, and compliance practices. This role ensures our organisation meets regulatory requirements, manages information security risks, and upholds governance standards. Key Responsibilities Monitor and manage IT security risks, maintaining risk registers … with UK regulations (GDPR, NIS, Data Protection Act) and international standards (ISO 27001). Support audits, compliance reporting, and incident response activities. Assist in drafting and updating security policies and governance frameworks. Contribute to staff awareness and training initiatives. Assess vendor/third-party security risks and compliance. What You’ll Bring Knowledge of UK regulatory frameworks (GDPR, NIS, Data More ❯

against climate change: we want you to be part of our journey. The role: The Information Security Assurance Manager is a hands-on, multi-disciplinary role combining project assurance, governance, risk management, and compliance. You will work across business units, projects, and suppliers to ensure security is embedded in everything we dofrom design to delivery. You will also support the More ❯

lifecycle from planning to deployment. Collaboration & Communication Partner with Product, Operations, and Executive teams to align technical strategy with company vision. Translate business needs into innovative, practical engineering solutions. Governance & Risk Ensure compliance with regulatory, security, and operational standards. Proactively manage technical risks and drive architectural decisions. Innovation & Technical Excellence Stay ahead of emerging technologies and recommend tools or frameworks More ❯

education via salary finance Online savings- major retailers, utilities, entertainment plus many more! About Our Opportunity We are seeking a technically proficient and strategically minded Head of Information Security Governance, Risk and Compliance (GRC) to lead our governance, risk, and compliance functions. This role is ideal for a seasoned security professional with a strong technical foundation who can bridge the … gap between security operations and enterprise risk management. You will be responsible for developing and maintaining a robust GRC framework that aligns with business objectives, regulatory requirements, and industry best practices. What You Will Be Doing You’ll lead the governance, risk, and compliance functions across the enterprise, balancing strategic oversight with technical depth. This includes: Designing and maintaining an … enterprise-wide security governance framework. Creating, enforcing, and monitoring security policies, standards, and procedures. Embedding security into business strategy and culture through close collaboration with senior leadership. Owning the organisation’s risk register and assessment processes. Leading technical risk assessments across infrastructure, applications, and third parties. Overseeing threat modelling and vulnerability management initiatives. Providing risk-based recommendations to mitigate threats More ❯

risk and enterprise risk registers Familiarity with frameworks like NIST, ISO 27001 or NCSC CAF Confident presenting to technical and exec audiences Skilled with reporting tools (Excel, Power BI, GRC platforms) Organised, proactive, and a clear communicator Whats on offer 30 days holiday plus bank holidays, flexible leave options, and family-friendly policies Up to 15% bonusand a generous employer More ❯

the SaaS space, they are on a mission to make risk management simple, smart, and accessible. Their platform helps businesses take control of risk without the complexity of legacy GRC tools. Instead of replacing risk teams, they empower them with better visibility, streamlined workflows, and decision-making support. As they continue their scale-up journey, they are building a collaborative More ❯

the SaaS space, they are on a mission to make risk management simple, smart, and accessible. Their platform helps businesses take control of risk without the complexity of legacy GRC tools. Instead of replacing risk teams, they empower them with better visibility, streamlined workflows, and decision-making support. As they continue their scale-up journey, they are building a collaborative More ❯

the SaaS space, they are on a mission to make risk management simple, smart, and accessible. Their platform helps businesses take control of risk without the complexity of legacy GRC tools. Instead of replacing risk teams, they empower them with better visibility, streamlined workflows, and decision-making support. As they continue their scale-up journey, they are building a collaborative More ❯

Exposure to multiple programming languages and data storage technologies Experience managing performance reviews, setting objectives, and giving feedback Active participation in technology communities and knowledge-sharing initiatives Understanding of governance, risk, and compliance in technical delivery Benefits Competitive salary and comprehensive benefits package Flexible working arrangements Opportunities to work on impactful, large-scale digital transformation projects Supportive environment focused on More ❯

lifecycle from planning to deployment. Collaboration & Communication Partner with Product, Operations, and Executive teams to align technical strategy with company vision. Translate business needs into innovative, practical engineering solutions. Governance & Risk Ensure compliance with regulatory, security, and operational standards. Proactively manage technical risks and drive architectural decisions. Innovation & Technical Excellence Stay ahead of emerging technologies and recommend tools or frameworks More ❯

lifecycle from planning to deployment. Collaboration & Communication Partner with Product, Operations, and Executive teams to align technical strategy with company vision. Translate business needs into innovative, practical engineering solutions. Governance & Risk Ensure compliance with regulatory, security, and operational standards. Proactively manage technical risks and drive architectural decisions. Innovation & Technical Excellence Stay ahead of emerging technologies and recommend tools or frameworks More ❯

design and delivery of enterprise-wide cyber strategies and transformation programmes Advising senior stakeholders, including board-level executives, on managing cyber risk and enabling digital growth Shaping operating models, governance frameworks, and risk-based roadmaps for resilience and compliance Managing diverse delivery teams across complex client environments Building long-term client relationships and acting as a trusted advisor Contributing to … cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board level Track record of leading large-scale More ❯

design and delivery of enterprise-wide cyber strategies and transformation programmes Advising senior stakeholders, including board-level executives, on managing cyber risk and enabling digital growth Shaping operating models, governance frameworks, and risk-based roadmaps for resilience and compliance Managing diverse delivery teams across complex client environments Building long-term client relationships and acting as a trusted advisor Contributing to … cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board level Track record of leading large-scale More ❯

design and delivery of enterprise-wide cyber strategies and transformation programmes Advising senior stakeholders, including board-level executives, on managing cyber risk and enabling digital growth Shaping operating models, governance frameworks, and risk-based roadmaps for resilience and compliance Managing diverse delivery teams across complex client environments Building long-term client relationships and acting as a trusted advisor Contributing to … cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board level Track record of leading large-scale More ❯