1 to 25 of 31 Permanent GRC Jobs in the South East

packaging solutions, paper products and recycling services in more than 30 different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and … risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T GRC scope, delegated and assigned by the Head of I&T GRC. Key Accountabilities Engage with More ❯

risk management, and vulnerability identification. Certifications: ISO 27001 Lead Implementer/Auditor, CISSP, CISM (highly desirable). Skills: Excellent communication, documentation, and project management abilities. Preferred Extras Familiarity with GRC tools and ISMS platforms. Ability to work independently and manage multiple priorities. Strong problem-solving skills in a fast-paced environment. Your expertise will keep us secure, compliant, and ahead More ❯

such as CISSP, CISM or CISA Knowledge of security standards and good practice Understanding of cloud, access control and networking Strong communication and customer facing skills Good knowledge of governance, risk and compliance Ability to manage workload and meet deadlines Desirable Skills UK Cyber Security Council registration Knowledge of HMG or MoD security policy Secure by Design experience Experience with More ❯

sites across the UK. We offer full 360-degree services to our clients from initial consulting on a range of areas including Risk Assessments, Vulnerability Management, Accreditations (ISO27001, GDPR), GRC (Governance, Risk, Compliance), Security Architecture Design and Build (technical and Non-technical), Incident Response, Protective Monitoring Services, Penetration Testing and much more. We take clients through a journey to improve More ❯

achieved through clear strategic partnerships and technical expertise. Responsibilities will cover both technical (working with vendors, quality assurance, requirements analysis, technical L3 work) and non-technical (line management, mentoring, governance, roadmap, risk, and compliance). Someone who isn't afraid to get their sleeves rolled up and get into the detail will be a key trait. No two days will More ❯

and implementing secure cloud solutions. Strong understanding of application and infrastructure architecture. Background in network and web application security (OSI, TCP/IP, OWASP, PKI, TLS). Knowledge of governance, risk, and compliance practices. Relevant certifications (OSCP, CREST, TIGER, etc.) are beneficial. Benefits Include: Up to £120,000 base salary + performance bonus Healthcare and dental insurance Pension scheme Minimum More ❯

and implementing secure cloud solutions. Strong understanding of application and infrastructure architecture. Background in network and web application security (OSI, TCP/IP, OWASP, PKI, TLS). Knowledge of governance, risk, and compliance practices. Relevant certifications (OSCP, CREST, TIGER, etc.) are beneficial. Benefits Include: Up to £120,000 base salary + performance bonus Healthcare and dental insurance Pension scheme Minimum More ❯

of regulatory frameworks, compliance, and technology standards. Proven ability to influence stakeholders and manage risk appetite decisions. Experience managing audits and large-scale risk assessments. Desirable Qualifications: Familiarity with GRC tools and data analytics. Professional certifications (e.g., CRMP, CIA). Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy. More ❯

our ideal customers use are are familiar with the procurement and billing/AP space You have experience with demoing, implementing or administering key applications such as ERPs, CLMs, GRC, procurement and/or AP automation platforms. You're an effective communicator, simplifying technical concepts for both technical and non-technical audiences. You're a proactive problem solver, with strong More ❯

strategic senior leader to oversee our Cyber Engineering, Identity & Access Management (IAM), and Data Loss Prevention (DLP) functions. This role will be responsible for driving the design, delivery, and governance of enterprise-wide security engineering solutions, while ensuring secure, scalable, and resilient identity and data protection services. The ideal candidate will combine deep technical expertise with strong leadership skills to … automation, orchestration, and advanced analytics to improve detection, response, and resiliency. Identity & Access Management Own enterprise-wide IAM strategy, including workforce and customer identity, privileged access management (PAM), identity governance and administration (IGA), and multi-factor authentication (MFA). Lead initiatives to modernize and integrate IAM platforms to support cloud adoption, Zero Trust, and frictionless user experiences. Partner with business … to prevent unauthorized data exfiltration, insider threats, and regulatory breaches. Implement monitoring, classification, and enforcement mechanisms that balance data protection with business enablement. Partner with business, compliance, and data governance teams to align DLP strategy with General Data Protection Regulation, Financial Conduct Authority, Prudential Regulation Authority, Sarbanes-Oxley, and other global data protection requirements. Provide executive and Board-level reporting More ❯

Cyber Security GRC Consultant (DV Cleared) Location: Hybrid/Southeast Region - on-site presence required Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate with multi-disciplinary More ❯

good understanding of security frameworks and regulatory requirements. In addition, this role requires you to have experience of Information Security. The role will report directly to the Head of Governance, Risk and Compliance, with whom you will work to deliver the goals of the company to have a fit-for-purpose security standards framework. This is a role that requires … Align all standards with applicable regulatory requirements and frameworks (e.g., ISO 27001, GDPR, NIS-R). Review and update standards regularly in response to emerging threats and regulatory changes. Governance & Compliance: Oversee the exception management framework, including reporting, approvals and reviews prior to expiry. Monitor compliance with security policies and standards across digital and business teams. Act as the primary … regulations, technologies and industry best practices to ensure standards remain current and effective. What you should bring to the role: Essential Experience: Experience in information security or a related governance role. Experience applying security frameworks and regulatory requirements (CIS, GDPR, NIS-R). Experience collaborating across multiple business areas and functional teams. Proven ability to work independently, with strong stakeholder More ❯

their customers' assets and data against an evolving landscape of sophisticated global and local threats. Job Type: Permanent Location: London, UK Work Place: Remote Requirements Experience with information security governance, risk and compliance experience for a global organization Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk A strategic business partner with the … the capacity to effectively lead, manage, and inspire a team, enabling them to achieve both strategic and functional objectives Experience developing and publishing company-wide policies, standards, and other governance documents Ability to work very well cross-functionally and are able to think rigorously and make hard decisions and tradeoffs Ability to demonstrate initiative, operate autonomously, and assume complete responsibility More ❯

Step into a pivotal role at the forefront of cyber security, driving impact for our client base! Were looking for an experienced Governance, Risk & Compliance Manager to join our dynamic team. This is your opportunity to take a leading role in shaping and delivering robust security strategies that protect our clients and strengthen their resilience against evolving cyber threats. As … our new GRC Manager, you will be the driving force behind the implementation of our Information Security Management System (ISMS) for assigned clients. Your expertise will help organisations understand their security challenges and enable them to enhance their security posture. Youll lead from the front, fostering a culture of compliance and risk awareness across Sopra Steria, while delivering tangible value … client Security Working Group meetings and stakeholder sessions. Ensure audit readiness and support internal/external audits. Drive continuous improvement initiatives within Sopra Sterias security function. What youll bring: GRC/Operational Security Manager experience with solid understanding and experience with security policies and standards Technical proficiency and knowledge across the spectrum of information security solutions and operations Knowledge of More ❯

Cyber Security GRC Manager - London Remote working Salary up to £60,000 per annum This is a fully remote position, with occasional meetings in London and possible travel to India twice yearly. Cyber Security Manager (GRC) position available for a client based in London. The role involves shaping and implementing a governance, risk, and compliance (GRC) strategy. Responsibilities include establishing … implementing technical controls. Skilled in articulating technical risks in terms of business impact. Professional certifications such as CISM, CISSP, CRISC, ISO 27001 Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the More ❯

telemetry from SIEM (e.g., Splunk, Sentinel), CSPM (e.g., Prisma Cloud, Wiz), EDR, and workload protection platforms. Develop analytics pipelines for early risk detection and automated alerting. Lead the technical governance of risk remediation, orchestrating automated workflows (e.g., SOAR, IaC-based remediation) to ensure timely, effective, and sustainable outcomes. Develop and maintain integrated, actionable risk dashboards and reporting using Power BI … designing and implementing controls for hybrid and cloud-native systems (AWS, Azure, GCP). Deep expertise in risk analytics, SIEM, CSPM, EDR, automation (Python, PowerShell, Terraform), and integration with GRC platforms. Deep technical knowledge of enterprise systems, cloud platforms, infrastructure, and application architectures. Proven understanding of risk management frameworks (e.g., NIST, ISO 27005, FAIR) and regulatory requirements (e.g., SOX, DORA … a working environment that welcomes everyone and creates inclusive teams, celebrates difference and encourages everyone to be themselves at work. Our commitment to the community and environmental, social and governance investing: We partner with charitable organisations globally to make an impact in the communities where we live and work. Our people are encouraged to support the charities they feel most More ❯

/consulting experience within transactions: ideally due diligence, value creation, carve-out or integrations experience; or Deep understanding of one or more core aspects of a cyber function (e.g. governance, risk, and compliance, CISO, AppSec, compliance, privacy etc). Have deep knowledge of cyber governance and risk controls within businesses and how this can support and safeguard business operations. Ideally More ❯

+ benefits** The IT Risk & Policy Analyst is responsible for managing IT risks, monitoring audit actions, maintaining IT policies and procedures, and supporting GDPR compliance. The role ensures effective governance and compliance across IT processes, providing a framework for the identification, mitigation, and management of risks. This position bridges technical and governance aspects, ensuring alignment with company standards and regulatory … programme. Assisting the Privacy Team in ensuring DPIAs are completed where required. Required skills and experience: Some experience of working in an IT function or in an audit/governance role Knowledge of IT risk management and IT governance, risk, and compliance (GRC) would be an advantage but not essential. Understanding of cybersecurity risks and controls would be an advantage … oral and written communication skills, with high attention to detail Ability to produce high quality, detailed outputs. Good analytical skills Highly organised and able to implement and manage robust governance processes. Strong relationship building and interpersonal skills across a wide range of stakeholders. Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply More ❯

+ benefits The IT Risk & Policy Analyst is responsible for managing IT risks, monitoring audit actions, maintaining IT policies and procedures, and supporting GDPR compliance. The role ensures effective governance and compliance across IT processes, providing a framework for the identification, mitigation, and management of risks. This position bridges technical and governance aspects, ensuring alignment with company standards and regulatory … programme. Assisting the Privacy Team in ensuring DPIAs are completed where required. Required skills and experience: Some experience of working in an IT function or in an audit/governance role Knowledge of IT risk management and IT governance, risk, and compliance (GRC) would be an advantage but not essential. Understanding of cybersecurity risks and controls would be an advantage … oral and written communication skills, with high attention to detail Ability to produce high quality, detailed outputs. Good analytical skills Highly organised and able to implement and manage robust governance processes. Strong relationship building and interpersonal skills across a wide range of stakeholders. Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply More ❯

Permanent | Full-time Sector: Technology/Data Infrastructure Client: Leading Data Centre Provider A prominent data centre provider is seeking a Compliance and Assurance Officer to join its expanding governance team on a permanent basis. This role offers the opportunity to contribute to the development and maintenance of a robust compliance framework within a highly regulated and security-conscious environment. … to identify areas for improvement. Assist in the development and implementation of compliance policies, procedures, and training initiatives. Work with operational and technical teams to embed effective controls and governance practices. Prepare documentation and reports for internal governance forums and external audits. Keep abreast of regulatory changes and emerging risks relevant to the data infrastructure sector. Experience required: Experience in … compliance, assurance, or audit within a technology-led or regulated environment. Strong understanding of governance frameworks, risk management, and regulatory compliance. Excellent communication and stakeholder engagement skills. Detail-oriented with a proactive and analytical approach. Relevant qualifications (e.g., ISO Lead Auditor, CISA) would be advantageous. Must be eligible to work in the UK. Office based. (Farnborough) Paying up to More ❯

independent managed services provider. Your day-to-day responsibilities will centre around coordinating diverse teams of technical experts, managing budgets with precision, facilitating transparent stakeholder communications, and upholding rigorous governance standards. You will play an integral role in identifying risks early on and ensuring robust documentation is maintained throughout each project phase. By fostering an environment built on inclusive collaboration … throughout the project lifecycle. Facilitate stakeholder engagement by organising meetings, preparing presentations, and communicating progress updates in a clear and considerate manner. Maintain comprehensive project documentation including risk registers, governance reports, technical handover materials, and lessons learned logs for future reference. Identify potential risks early in the project lifecycle by conducting thorough assessments and implementing mitigation strategies collaboratively with relevant … at all levels. You will possess deep technical knowledge of MSP product offerings combined with strong organisational capabilities that allow you to juggle competing priorities efficiently. Your familiarity with governance frameworks ensures that all aspects of risk management and documentation are handled responsibly. By demonstrating empathy in your interactions-whether mentoring junior staff or collaborating on problem-solving-you will More ❯

our growing team of ServiceNow experts. As part of a trusted ServiceNow Partner, you'll play a key role in designing, implementing, and optimising Integrated Risk Management (IRM) and Governance, Risk & Compliance (GRC) solutions for our clients across multiple industries. You'll work closely with enterprise customers, helping them transform their risk, compliance, and audit processes using the power of … the Now Platform. Key Responsibilities Lead and deliver ServiceNow IRM/GRC implementations, including Policy & Compliance, Risk Management, Audit, and Vendor Risk modules Collaborate with clients to capture requirements and translate them into effective ServiceNow solutions Configure and customise the ServiceNow platform to align with business and regulatory needs Conduct workshops, demos, and user training sessions Support pre-sales activities … current with the latest ServiceNow releases and IRM capabilities Contribute to best practices, templates, and accelerators within the partner organisation Required Skills & Experience Proven experience delivering ServiceNow IRM/GRC solutions (at least one full implementation cycle) Strong understanding of risk management, compliance, and audit frameworks ServiceNow Certified System Administrator (CSA) - essential ServiceNow IRM/GRC Implementation Specialist certification - highly More ❯

pragmatic High Level Architectures (HLA) and High Level Designs (HLD) for priority initiatives. Define and maintain architecture principles, patterns, guardrails, and decision logs. Work closely with Business, IT Operations, GRC, and Security stakeholders to ensure architecture governance supports delivery, not just documentation. Guide domain SMEs (Security, Data, Integration, Solution) and ensure their work is aligned to the overall architecture. Run … templates, and knowledge base. Requirements 8+ years' experience in Solution Architecture and/or Enterprise Architecture in complex, multi-system environments. Proven track record of designing and running architecture governance (architecture review boards, stage gates, design standards, decision logs). Hands-on experience producing architecture views and HLA/HLDs using standard notations (e.g. C4, UML, BPMN), without over-engineering. … Background working in project-heavy industries such as engineering, construction, energy, utilities, manufacturing, or similar. Strong stakeholder skills – able to work credibly with CIO, Heads of IT, GRC, Security, and business leaders. Comfortable working in hybrid mode (remote + on-site visits to Casablanca and occasionally to London). Excellent communication skills in English (written and verbal). Able to More ❯

achieving our ambition to be a net zero company by 2050 or sooner. About the role: This specialist role in the global cyber behaviours team, part of the digital governance, risk and compliance (DGRC) organization. DGRC fosters a culture of transparency, accountability, and trust by promoting good governance, effective risk management and regulatory compliance. These capabilities help bp balance security More ❯

our long term aspirations can be achieved through clear strategic partnerships and spend control. Responsibilities will cover both sourcing (working with vendors, quality assurance, requirements analysis) and non-technical (governance, risk, and compliance). Someone who isn't afraid to get their sleeves rolled up and get into the detail will be a key trait. No two days will be … with IT and business leaders to understand requirements and align procurement strategy with goals Analyse spend data and trends to identify opportunities for cost optimisation & risk reduction Ensure effective governance, contract management and risk mitigation across the supply base Support broader procurement initiatives The skills and experience you need for this role: Proven experience in procurement and category management, with … with the ability to prioritise cost savings and quality Stakeholder engagement, with the ability to influence at all levels of the organisation Experience in supplier performance management and contract governance Analytical and data driven approach, with strong problem solving skills Understanding of procurement best practices, compliance and risk management frameworks Professional procurement qualifications (e.g., CIPS) – desirable Must drive and hold More ❯