Oxford, Oxfordshire, South East, United Kingdom Hybrid / WFH Options
Unipart
Head of Cybersecurity GovernanceRiskandCompliance Location: Mainly remote based working in the UK with travel to Oxford, Cowley (OX4 2GQ) occasionally Contract: Permanent Hours: Full time Salary: £70,000 per annum, plus car/car allowance Benefits: 33 days holiday, pension, life assurance, employee assistance programme, wellbeing support, and flexible benefits scheme About the Job As our Head … of Cybersecurity GovernanceRiskandCompliance youll work closely with business and technology teams, helping to articulate and communicate the InfoSec governance program, identify risks and evaluate and help implement controls and improvements. As part of your key responsibilities youll: Manage the day to day of the function and team Support the management of Information Security governance for the organisation … following skills and experience, but please apply if you think youd be able to perform well in this role! Excellent written and verbal communication skills Previous experience within a GRC function, IT Security/Cyber team, Internal Audit or an IT environment Hands on practical experience of ensuring full compliance with legal & regulatory frameworks including ISO 27001 Riskmanagement Strong More ❯
Snelshall West, Milton Keynes, Buckinghamshire, England, United Kingdom
DS Smith
packaging solutions, paper products and recycling services in more than 30 different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, GovernanceandRisk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and … risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T GovernanceandRisk Lead you will have the responsibility of aspects of the I&T GRC scope, delegated and assigned by the Head of I&T GRC. Key Accountabilities Engage with More ❯
Milton Keynes, Buckinghamshire, United Kingdom Hybrid / WFH Options
Deloitte LLP
possess the following? Relevant experience in cybersecurity riskmanagement or equivalent in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards andrisk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of More ❯
Jam Management Consultancy Limited T/A JAM RECRUITMENT
providing actionable recommendations. Essential Skills & Qualifications ISO 27001 Lead Implementer or Lead Auditor certification (or equivalent). Demonstrable experience managing compliance for ISO , and PCI-DSS. Strong understanding of governance, riskmanagement, and regulatory compliance. Proficiency with security monitoring tools and incident management processes. Excellent analytical, communication, and leadership skills. Desirable Knowledge of GDPR, NIST, or other security frameworks. Experience More ❯
london, south east england, united kingdom Hybrid / WFH Options
Albany Beck
and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber RiskManagement principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯
london (city of london), south east england, united kingdom Hybrid / WFH Options
Albany Beck
and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber RiskManagement principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯
slough, south east england, united kingdom Hybrid / WFH Options
Albany Beck
and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber RiskManagement principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯
london, south east england, united kingdom Hybrid / WFH Options
EML
protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with complianceGRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯
london (city of london), south east england, united kingdom Hybrid / WFH Options
EML
protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with complianceGRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯
slough, south east england, united kingdom Hybrid / WFH Options
EML
protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with complianceGRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯
Senior Information Security Analyst We are looking for a Senior Information Security Analyst with a strong operational background with a focus on Cyber Security and a working knowledge of GRC to be part of a central team supporting a mixture of security operations ensuring compliance with business needs. This will focus around vulnerability and threat management, making sure security controls More ❯
london, south east england, united kingdom Hybrid / WFH Options
Anson McCade
resilience and enable growth. What You’ll Do Advise executives on actionable cyber strategies to support digital transformation Shape and deliver cyber transformation programmes aligned with organisational objectives Design governanceand operational models to enhance cyber maturity and regulatory readiness Assess and define risk-based roadmaps that embed cyber security into business operations Work across a range of industries and … of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability management Strong communication skills – written and verbal – with the ability to present to both technical and business stakeholders Consulting: Proven project delivery using Agile and Waterfall More ❯
slough, south east england, united kingdom Hybrid / WFH Options
Anson McCade
resilience and enable growth. What You’ll Do Advise executives on actionable cyber strategies to support digital transformation Shape and deliver cyber transformation programmes aligned with organisational objectives Design governanceand operational models to enhance cyber maturity and regulatory readiness Assess and define risk-based roadmaps that embed cyber security into business operations Work across a range of industries and … of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability management Strong communication skills – written and verbal – with the ability to present to both technical and business stakeholders Consulting: Proven project delivery using Agile and Waterfall More ❯
Oxford, Oxfordshire, United Kingdom Hybrid / WFH Options
Nomios
accessible environment for all our employees. If you require accommodations during the application process, let us know, and we'll work to meet your needs. As a Senior AI Governance Consultant within our highly skilled Cyber Security Team, you will be at the forefront of our new and exciting AI governance service. This will involve advising clients on developing and … implementing robust AI governance frameworks, conducting AI risk assessments, and creating policies for the secure and ethical use of AI. While the primary focus is on AI, you will also apply your expertise to broader GRC projects, including information security assessments, ISO 27001 audits, and general information security consulting. The ability to be adaptable and work on a variety of … projects is essential. Essential experience and skills: A strong foundation in traditional GRC, demonstrated by significant experience in auditing and implementing Information Security Management Systems. A recognised ISO 27001 qualification (e.g., Lead Auditor or Lead Implementer) is essential. You must be able to apply this rigorous mindset to new challenges. Demonstrable, hands-on experience applying AI governance principles. This must More ❯
site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, andCompliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements … activities with the Group Information Security Framework, Cyber Essentials, and PCI DSS attestation. Collaborating with the wider organization to integrate control testing andriskmanagement activities into the existing governance framework. Assisting cross-functional teams and business units in integrating security measures into business operations. Facilitating regular reviews and updates of control andriskmanagement processes to remain effective and … responsive to emerging threats and changes in the organizational landscape. Documenting and visualizing reports for governance forums, providing insights and recommendations to inform decision-making andriskmanagement strategy across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control andgovernance frameworks. Practical experience of implementing NIST CSF More ❯
london (city of london), south east england, united kingdom
Sanderson
site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, andCompliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements … activities with the Group Information Security Framework, Cyber Essentials, and PCI DSS attestation. Collaborating with the wider organization to integrate control testing andriskmanagement activities into the existing governance framework. Assisting cross-functional teams and business units in integrating security measures into business operations. Facilitating regular reviews and updates of control andriskmanagement processes to remain effective and … responsive to emerging threats and changes in the organizational landscape. Documenting and visualizing reports for governance forums, providing insights and recommendations to inform decision-making andriskmanagement strategy across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control andgovernance frameworks. Practical experience of implementing NIST CSF More ❯
site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, andCompliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements … activities with the Group Information Security Framework, Cyber Essentials, and PCI DSS attestation. Collaborating with the wider organization to integrate control testing andriskmanagement activities into the existing governance framework. Assisting cross-functional teams and business units in integrating security measures into business operations. Facilitating regular reviews and updates of control andriskmanagement processes to remain effective and … responsive to emerging threats and changes in the organizational landscape. Documenting and visualizing reports for governance forums, providing insights and recommendations to inform decision-making andriskmanagement strategy across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control andgovernance frameworks. Practical experience of implementing NIST CSF More ❯
Horsham, West Sussex, South East, United Kingdom Hybrid / WFH Options
Platform Recruitment Limited
Wi-Fi, and email security platforms Acting as the main contact for our outsourced SOC and overseeing incident response Running pen tests, vulnerability scans, and regular security assessments Owning governance, risk, andcompliance activities (ISO 27001, Cyber Essentials) Delivering supplier risk assessments and secure onboarding processes What were looking for Strong technical security knowledge across cloud platforms (Office 365, Azure More ❯
East Grinstead, West Sussex, United Kingdom Hybrid / WFH Options
Spectrum IT Recruitment
Identify and implement emerging technologies that enhance performance and security. Leadership & People Development Build and develop a high-performing, collaborative team culture. Support team members' personal and professional development. Governance, Risk & Compliance Maintain the infrastructure and security risk register, ensuring compliance with all relevant regulations and policies. Supplier & Stakeholder Management Manage supplier relationships to maximise service quality and value. Collaborate More ❯
london, south east england, united kingdom Hybrid / WFH Options
Hlx Life Sciences
Information Security RiskandGovernance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days/week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity’s most devastating … world-class team at the intersection of biology, AI, and engineering. Role Overview This role offers a unique opportunity to architect and operationalise a best-in-class information security governance framework. Reporting directly to the Chief Information Security Officer (CISO), you will lead strategic efforts to embed security, trust, and regulatory readiness into a platform that supports world-leading biomedical … research and drug design. You will play a pivotal role in aligning data governance, security operations, andcompliance within an environment that spans regulated biopharma workflows, cloud-native infrastructure, and AI/ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for More ❯
london (city of london), south east england, united kingdom Hybrid / WFH Options
Hlx Life Sciences
Information Security RiskandGovernance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days/week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity’s most devastating … world-class team at the intersection of biology, AI, and engineering. Role Overview This role offers a unique opportunity to architect and operationalise a best-in-class information security governance framework. Reporting directly to the Chief Information Security Officer (CISO), you will lead strategic efforts to embed security, trust, and regulatory readiness into a platform that supports world-leading biomedical … research and drug design. You will play a pivotal role in aligning data governance, security operations, andcompliance within an environment that spans regulated biopharma workflows, cloud-native infrastructure, and AI/ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for More ❯
slough, south east england, united kingdom Hybrid / WFH Options
Hlx Life Sciences
Information Security RiskandGovernance Lead Location: London or Lausanne Type: Full-time | Hybrid (3 days/week onsite) Company Overview Join a pioneering AI-first biotech company that’s redefining how we discover and develop medicines. This organisation leverages cutting-edge machine learning to unlock new possibilities in drug discovery, aiming to solve some of humanity’s most devastating … world-class team at the intersection of biology, AI, and engineering. Role Overview This role offers a unique opportunity to architect and operationalise a best-in-class information security governance framework. Reporting directly to the Chief Information Security Officer (CISO), you will lead strategic efforts to embed security, trust, and regulatory readiness into a platform that supports world-leading biomedical … research and drug design. You will play a pivotal role in aligning data governance, security operations, andcompliance within an environment that spans regulated biopharma workflows, cloud-native infrastructure, and AI/ML experimentation at scale. Key Responsibilities Design and implement a unified compliance framework across AI, cyber, and life sciences regulatory domains. Own and drive the strategic programme for More ❯
Horsham, Sussex, United Kingdom Hybrid / WFH Options
iO Associates
projects and BAU operations across Microsoft 365 security tools, networks, firewalls, and email security Acting as the go-to technical lead during incidents, supporting monitoring, detection, and response Driving governance, risk, andcompliance programmes (ISO 27001, Cyber Essentials, audits, remediation) Managing supplier and third-party security risk, ensuring robust onboarding and ongoing controls Delivering Cyber awareness training to strengthen the More ❯
Type: Full-Time, Permanent About the Company We are a fast-growing SaaS scale-up working with some of the world’s largest enterprises to transform how they manage governance, risk, andcompliance across their supply chains. Our award-winning platform delivers measurable ROI, efficiency, and automation for global businesses — and we’re only just getting started. As part of More ❯
Tunbridge Wells, Kent, Royal Tunbridge Wells, United Kingdom Hybrid / WFH Options
FPSG
into CI/CD workflows Familiarity with security frameworks such as DSOMM, OWASP, and SAMM Suitability: This role is a technical hands-on security engineering role, it is NOT GRC focused. It would be well-suited to experienced Security Engineers or Developers with a strong security focus and interest in building secure, scalable systems in the cloud and alongside Salesforce More ❯