1 to 25 of 79 Permanent GRC Jobs in the UK excluding London

Head of Technology Governance, Risk, and Compliance (GRC) Because your new ideas are our way new ways of working. Evolve, your way. The Head of Technology Governance, Risk, and Compliance (GRC) is a key leadership role within the Primark Tech, reporting to the Chief Technology Security & Risk Officer (CTSRO). The role is responsible for ensuring effective governance, compliance, managing … Primark is all about tailoring to you, we offer Tax Saver Tickets, fitness centre, and a subsidised cafeteria. What You'll Do as a Head of Technology Governance, Risk, and Compliance (GRC) We want you to feel challenged and inspired. Here, you'll develop your skills across a range of responsibilities: Provide general leadership, oversight, and development of technology governance … levels of the organization and influence decision making process. Proven record of accomplishment in driving change using positive influencing skills to modify opinions, plans and behaviours to adopt risk management and compliance practices. Strong project management skills to oversee the implementation of risk management initiatives and compliance programs. Ability to provide guidance and training to employees on technology risk and More ❯

Head of Cybersecurity Governance Risk and Compliance Location: Mainly remote based working in the UK with travel to Oxford, Cowley (OX4 2GQ) occasionally Contract: Permanent Hours: Full time Salary: £70,000 per annum, plus car/car allowance Benefits: 33 days holiday, pension, life assurance, employee assistance programme, wellbeing support, and flexible benefits scheme About the Job As our Head … of Cybersecurity Governance Risk and Compliance youll work closely with business and technology teams, helping to articulate and communicate the InfoSec governance program, identify risks and evaluate and help implement controls and improvements. As part of your key responsibilities youll: Manage the day to day of the function and team Support the management of Information Security governance for the organisation … following skills and experience, but please apply if you think youd be able to perform well in this role! Excellent written and verbal communication skills Previous experience within a GRC function, IT Security/Cyber team, Internal Audit or an IT environment Hands on practical experience of ensuring full compliance with legal & regulatory frameworks including ISO 27001 Risk management Strong More ❯

GRC Analyst Title: Governance, Risk & Compliance (GRC) Analyst Department: Procode IT Location: Chandlers Ford Salary: Circa £ 41,504 + Discretionary bonus scheme. Do you have commercial experience as a Governance, Risk & Compliance Analyst ? Do you have hands-on experience with ISO 27001 and being involved with audits? If so, this could be the role for you! About us We are … curious about what the future in tech holds? Do you have the drive to want to deliver great solutions for customers? Then we have an exciting opportunity as a GRC Analyst , where w e aim to provide you with a uniquely inclusive and diverse workplace, which showcases the extraordinary in all of us, by enabling you to be the best More ❯

Governance, Risk & Compliance (GRC) Lead Location: Fully Remote - UK Wide Department: Technology - IT Security and Service Management Contract Type: Permanent Salary: £55,000 - £65,000 About the Role We are seeking a highly experienced and motivated GRC Lead to join our Cyber Security team. This role is critical in shaping and delivering our information assurance strategy, ensuring that cyber security … such as DSPT , CAF , and DORA . You will also play a key role in stakeholder engagement, presenting confidently to senior leadership and translating complex technical requirements into actionable governance strategies. With a significant project pipeline launching in 2026, this is a unique opportunity to influence the future of cyber security governance in a regulated environment. Key Responsibilities Own and … leadership teams. Ensure timely and accurate submission of compliance documentation, including NHS audits and DSPT submissions. Skills & Experience Minimum 5 years' experience in information security , with a focus on governance, risk, and compliance. Proven ability to lead teams and manage complex programmes in regulated environments. Strong understanding of cyber security frameworks and regulations (DSPT, ISO 27001, CAF, GDPR, DORA). More ❯

environments. Relevant certifications such as CISSP, CISM, CISA, M.Inst.ISP, or a postgraduate qualification (e.g. MSc in Cyber Security). Practical knowledge in domains like threat management, vulnerability management, cyber GRC, cyber architecture, and cyber assurance. Detail-oriented with strong analytical and problem-solving capabilities. Excellent written and verbal communication skills, including stakeholder reporting and presentation development. Consulting & Delivery Skills: Project More ❯

Governance, Risk and Compliance (GRC) Officer The Opportunity: Are you a specialist in corporate governance, risk and compliance? Are you a GRC Officer or Manager looking for an interesting role with huge future potential within the beautiful county of Somerset? If so, then please do read on, please do send us an enquiry so that we can talk to you … sense of responsibility and a desire to drive efficiency and compliance. Job Responsibilities: The primary function of this role is to support the Managing Director in all administrative and governance-related matters, ensuring smooth operations across various corporate functions. This role is responsible for a broad range of administrative, legal, and governance tasks, as well as contributing to strategic projects … years all within a busy engineering environment. Assist in the preparation and submission of confirmation statements and other statutory filings, including those to Companies House. Ensure compliance with corporate governance requirements and best practices. Assist with legal documentation, including reviewing and maintaining contracts and corporate policies. Project-Based Responsibilities may include: GDPR Implementation, Business Continuity Planning, IT Policy Development, Corporate More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

and data privacy frameworks like NIST Cybersecurity Framework (CSF), GDPR, CIS or similar. Experience of certification body audits. Should have good experience and knowledge of Cyber/Information Security Governance, Risk Management, and Compliance. ISO Consultant – SC Cleared - £50,000 to £60,000 per year – Remote with limited travel to Midlands area More ❯

to continuously improve capability, enhance & integrate service offerings, and build the Professional Services team Skills/Must have: 5 years in a client-facing information/cyber security/GRC role Professional certifications including but not limited to CISSP, CCSP, CISM, CRISC, CISA, CDPSE. Experience in auditing and implementing security standards such as ISO 27001/2, NIST CSF, and More ❯

threats and vulnerabilities in the cyber security landscape. Collaborate with the Incident Response team to provide insights into potential risks and vulnerabilities associated with security incidents. Proven experience in governance, risk, and compliance roles, preferably in the cybersecurity domain. Proven experience in risk assessment or related roles. In-depth knowledge of risk management frameworks and methodologies. Familiarity with cyber security More ❯

providing actionable recommendations. Essential Skills & Qualifications ISO 27001 Lead Implementer or Lead Auditor certification (or equivalent). Demonstrable experience managing compliance for ISO , and PCI-DSS. Strong understanding of governance, risk management, and regulatory compliance. Proficiency with security monitoring tools and incident management processes. Excellent analytical, communication, and leadership skills. Desirable Knowledge of GDPR, NIST, or other security frameworks. Experience More ❯

of emerging cyber threats. Working closely with stakeholders across IT, security, and compliance, you'll strengthen the business's overall security posture. What You'll Bring: Extensive experience in governance, risk, and compliance within cyber security Proven leadership skills, with experience guiding teams in dynamic, complex environments Deep understanding of risk management frameworks and cyber security best practices Strong analytical More ❯

GRC Manager Up to £78,000 + bonus South Wales/Hybrid I'm looking for a GRC Manager to oversee the identification, evaluation and management of risks from a cyber security perspective for a client based in South Wales. The ideal candidate will have experience of leading a GRC team and a firm grasp of experience of commonplace infosec … and regulations * Reporting risk findings and actions to the Risk Management Manager * Supporting incident response planning with risk insights * Continuously improving risk assessment methodologies What I'm Looking For: * GRC leadership experience * Strong understanding of security frameworks (e.g., NIST, ISO 27001). * Proven experience completing internal and external cyber risk assessments * CNI experience would be very useful What's in More ❯

GRC Manager Up to 78,000 + bonus South Wales/Hybrid I'm looking for a GRC Manager to oversee the identification, evaluation and management of risks from a cyber security perspective for a client based in South Wales. The ideal candidate will have experience of leading a GRC team and a firm grasp of experience of commonplace infosec … and regulations Reporting risk findings and actions to the Risk Management Manager Supporting incident response planning with risk insights Continuously improving risk assessment methodologies What I'm Looking For: GRC leadership experience Strong understanding of security frameworks (e.g., NIST, ISO 27001). Proven experience completing internal and external cyber risk assessments CNI experience would be very useful What's in More ❯

and flexibility to support the demands of a FTSE 100 business.Supporting Head of Information Security Architecture and Assurance as well as working closely with key stakeholders including Head of Governance, Risk and Compliance, Digital Security, IT and business teams you will focus on core areas such as risk management and security due-diligence reviews ensuring compliance with legal, regulatory and More ❯

audiences of various technical abilities (e.g. senior stakeholders, development teams). DESIRABLE Experience of Identity management and authentication/authorisation products and patterns. End-to-end security involvement, including governance, risk and compliance, operational security, supply chain security and secure user management. Penetration testing qualifications (e.g. OSCP, CREST, TIGER or equivalent) Experience leading security engineers and other junior members of More ❯

new security technologies to support compliance efforts. Enhance Team & Program Capacity: Learn from senior team members and external experts, developing a strong foundational understanding of product security, regulatory compliance (GRC principles), and incident response. Assist in the coordination of the 'security champions' program by preparing materials, tracking engagement, and supporting training initiatives. Basic Qualifications We are looking for an enthusiastic More ❯

new security technologies to support compliance efforts. Enhance Team & Program Capacity: Learn from senior team members and external experts, developing a strong foundational understanding of product security, regulatory compliance (GRC principles), and incident response. Assist in the coordination of the "security champions" program by preparing materials, tracking engagement, and supporting training initiatives. Basic Qualifications We are looking for an enthusiastic More ❯

Head of Governance, Risk and Compliance Salary : Competitive Salary plus cash car allowance Location: Remote Keywords: Information Security, ISO 27001, Risk Management, Compliance, Governance, Cyber Security, Team Management, Audit, Stakeholder Engagement, Data Protection A distinguished opportunity has arisen for a Head of Governance, Risk and Compliance to join a highly regarded organisation. This position is integral to the Group's … Information Security strategy, underpinning the maintenance of exemplary standards, compliance, and risk management practices. The successful candidate will play a pivotal role in shaping and overseeing information security governance programmes, working in close concert with both business and technology divisions to ensure that security imperatives are clearly articulated and diligently executed. Opportunity to influence and direct the Group's Information … Security governance programme through collaboration with cross-functional teams and by shaping strategic decisions at all levels. What you'll do:As a Head of Governance, Risk and Compliance you will assume responsibility for guiding a proficient team devoted to safeguarding organisational information assets through robust governance frameworks. Your remit will encompass close engagement with technical specialists as well as More ❯

Head of Governance, Risk and Compliance Salary : Competitive Salary plus cash car allowance Location : Remote Keywords : Information Security, ISO 27001, Risk Management, Compliance, Governance, Cyber Security, Team Management, Audit, Stakeholder Engagement, Data Protection A distinguished opportunity has arisen for a Head of Governance, Risk and Compliance to join a highly regarded organisation. This position is integral to the Group's … Information Security strategy, underpinning the maintenance of exemplary standards, compliance, and risk management practices. The successful candidate will play a pivotal role in shaping and overseeing information security governance programmes, working in close concert with both business and technology divisions to ensure that security imperatives are clearly articulated and diligently executed. Opportunity to influence and direct the Group's Information … Security governance programme through collaboration with cross-functional teams and by shaping strategic decisions at all levels. What you'll do: As a Head of Governance, Risk and Compliance you will assume responsibility for guiding a proficient team devoted to safeguarding organisational information assets through robust governance frameworks. Your remit will encompass close engagement with technical specialists as well as More ❯

the need for Sponsorship We're looking for a Compliance Manager to support and evolve the compliance function for a telecoms organisation based in Theale. Reporting to the Senior Governance, Risk & Compliance Counsel, you'll lead the development and implementation of compliance programs that mitigate legal and regulatory risks while embedding a culture of ethical and operational integrity. Key Responsibilities More ❯

including risk assessments. Using tools such as Nessus, Tenable, or Microsoft Defender to identify and prioritise vulnerabilities. Delivering clear, actionable security reports to technical and non-technical stakeholders. Supporting governance, risk, and compliance activities related to security findings. Collaborating with wider teams and contributing to security training and mentoring initiatives. Ideal candidate profile: 2-3 years' experience in vulnerability management More ❯

experts, to ensure our business commitments are delivered with quality and to expectation. Assessing new technology solutions Ensuring our non-functional requirements are met regarding performance, scalability, resilience, and GRC requirements (Information security, risk, industry regulation compliance) Helping to encourage collaboration and product ownership across developers and testers Ensuring continual shift of secure, quality and tested code activity left Working More ❯