1 to 25 of 202 Permanent GRC Jobs in the UK

Job Advert: Solution Architect – Governance, Risk & Compliance (GRC) Location: [UK or US ] Department: Technology/Professional Services Employment Type: Full-time About Us My client is a fast-growing leader in the Governance, Risk & Compliance (GRC) domain, helping organizations strengthen resilience, stay compliant, and make informed risk-based decisions. Their solutions support enterprises across industries to manage complex regulatory environments … mitigate risk, and drive operational efficiency. Seeking a highly skilled Solution Architect with deep expertise in GRC solutions to join our team. This is an opportunity to shape the architecture of enterprise-grade solutions that have a real impact on global organizations. The Role As a Solution Architect (GRC) , you will: Act as the technical authority for the design and … delivery of GRC solutions, ensuring alignment with client business needs, regulatory requirements, and industry best practices. Partner with stakeholders (CISOs, Risk Officers, Compliance Managers, CIOs) to translate complex requirements into scalable solution architectures. Guide pre-sales engagements, providing technical leadership and thought partnership during customer discussions. Own solution blueprints and oversee implementation, ensuring delivery excellence, security, and sustainability. Stay ahead More ❯

Job Role: Head of Security GRC Salary: £100,000 + bonus Location: Birmingham, Hybrid Role The Head of Security Governance, Risk and Compliance (GRC) plays a key leadership role in safeguarding the customers, assets, and reputation. This role is responsible for embedding effective security governance, risk management, and compliance practices, ensuring that security and regulatory obligations are met while enabling … CSF), maintaining readiness for internal and external audits. Communications, Awareness & Training – Oversee security and compliance awareness initiatives, ensuring effective staff training and customer-focused communication. Continuous Improvement – Monitor and review governance and compliance processes, adapting to regulatory updates and emerging risks, and driving improvements. Collaboration & Influence – Build strong relationships with Legal, IT, Procurement, and business functions to embed risk-based … risk, and compliance leadership, ideally within financial services or a regulated environment. Strong knowledge of UK and EU regulatory requirements relevant to financial institutions. Demonstrated ability to design and embed proportionate governance and risk frameworks in a mid-sized organisation. Excellent stakeholder management skills, with the ability to influence at Board and executive level. Strong communication and leadership skills, with More ❯

Oliver James is proud to be partnering with a globally renowned reinsurance company in their search for a Cyber Security Governance, Risk & Compliance (GRC) and Third-Party Risk Management (TPRM) Specialist. This role will play a crucial part in strengthening the organisation's security posture, focusing heavily on vendor risk, regulatory readiness, and cyber governance. Overview Oliver James is proud … to be partnering with a globally renowned reinsurance company in their search for a Cyber Security Governance, Risk & Compliance (GRC) and Third-Party Risk Management (TPRM) Specialist. This role will play a crucial part in strengthening the organisation's security posture, focusing heavily on vendor risk, regulatory readiness, and cyber governance. Based in the City of London with a flexible … and validate vendor security documentation (e.g., SOC 2, ISO 27001), evaluate control effectiveness, and coordinate remediation efforts for identified gaps. Ensure relevant business stakeholders are informed of potential risks. Governance, Risk & Compliance (GRC): Actively contribute to broader GRC initiatives, including: Managing GRC platforms and tools (e.g., control catalogues, issue tracking, policy management). Designing and deploying security awareness programs (e.g. More ❯

seamless data flow and integration between corporate systems (for example, linking finance and procurement systems or HR and payroll systems) to create a single source of truth. Implement data governance practices so that management reports and analytics are accurate and timely. Governance, Risk & Compliance: Implement strong IT governance and security practices for all corporate tech systems. Proactively use technology to … Expertise: Hands-on knowledge of implementing and supporting enterprise software such as ERP systems (e.g., Oracle Financials, SAP, or Netsuite), HRIS/Payroll systems (e.g., Workday, PeopleSoft, ADP), and GRC (Governance, Risk & Compliance) tools. Understanding of system architecture, integrations (middleware, APIs), and data management. Enterprise Applications: Proficiency with enterprise resource planning (ERP) systems, financial reporting software, and HR management systems. More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years’ experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years’ experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

possess the following? Relevant experience in cybersecurity risk management or equivalent in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of More ❯

possess the following? Relevant experience in cybersecurity risk management or equivalent in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of More ❯

possess the following? Relevant experience in cybersecurity risk management or equivalent in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of More ❯

possess the following? Relevant experience in cybersecurity risk management or equivalent in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of More ❯

possess the following? Relevant experience in cybersecurity risk management or equivalent in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

the tender process. This is a hybrid working role, with a requirement to be in our Warwick a few times per month. What you'll do: Assist on all Governance, Risk and Compliance activities across Network Services Business Unit. Provide specialist security expertise for multiple internal projects across the Network Services business area. Provide guidance in secure software development throughout More ❯

the tender process. This is a hybrid working role, with a requirement to be in our Warwick a few times per month. What you'll do: Assist on all Governance, Risk and Compliance activities across Network Services Business Unit. Provide specialist security expertise for multiple internal projects across the Network Services business area. Provide guidance in secure software development throughout More ❯

the tender process. This is a hybrid working role, with a requirement to be in our Warwick a few times per month. What you'll do: Assist on all Governance, Risk and Compliance activities across Network Services Business Unit. Provide specialist security expertise for multiple internal projects across the Network Services business area. Provide guidance in secure software development throughout More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

Overview "Head of Cyber Governance, Risk and Compliance" - London Hybrid Full-time Personal Contract REQ5121 As a strategic leader in Governance, Risk and Compliance, you will guide SGN's cyber security and regulatory approach, ensuring our operations remain secure, resilient and fully compliant. We deliver safety, warmth, and comfort to homes and businesses. Every role, whether in the office or … on the front line, plays a key part in this mission. Here's how you will contribute Governance, Risk & Compliance (GRC) Leadership Lead and manage the GRC team, aligning cyber and business goals while ensuring compliance with NIS-R, ISO27001/2, and NIST-2. Oversee delivery plans, resource allocation, and stakeholder engagement for GRC initiatives. Training & Awareness Develop and More ❯

Head of Cyber Governance, Risk and Compliance London | Hybrid | Full-time | Personal Contract Competitive pension scheme – Enhanced maternity/paternity pay – Life assurance – HolidayPlus – Cycle2work Scheme & more REQ5121 As a strategic leader in Governance, Risk and Compliance, you will guide SGN’s cyber security and regulatory approach, ensuring our operations remain secure, resilient and fully compliant. We deliver safety, warmth … comfort to homes and businesses. Every role, whether in the office or on the front line, plays a key part in this mission. Here’s how you will contribute... Governance, Risk & Compliance (GRC) Leadership Lead and manage the GRC team, aligning cyber and business goals while ensuring compliance with NIS-R, ISO27001/2, and NIST-2. Oversee delivery plans … resource allocation, and stakeholder engagement for GRC initiatives. Training & Awareness Develop and maintain SGN’s Information Security training and awareness materials. Integrate lessons learned from incidents and address feedback from training delivery. Information Security Policy & ISMS Maintain a robust portfolio of security policies, standards, and procedures to support ISO27001, NIST, and NIS eCAF compliance. Ensure policies are current, reviewed regularly More ❯

to join our dynamic international team. As a Senior Security Consultant, you will play a crucial role in advising our clients at C-level on security strategy, governance, risk management, and compliance to enhance their cybersecurity maturity. You will work closely with clients to identify risks, conduct workshops, implement effective strategies, and ensure compliance with industry regulations and best practices. More ❯

and develop your career. We offer full 360-degree services to our clients from initial consulting on a range of areas including Risk Assessments, Vulnerability Management, Accreditations (ISO27001, GDPR), GRC (Governance, Risk, Compliance), Security Architecture Design and Build (technical and Non-technical), Incident Response, Protective Monitoring Services, Penetration Testing and much more. We take clients through a journey to improve More ❯