3 of 3 Permanent Information Security Governance Jobs in the UK excluding London

Information Security Officer - International Law Firm (London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the … firm's long-term security strategy, drive ISO 27001 certification, and ensure the resilience of systems and data across offices in the UK, US, and Europe. The position reports to the Director of IT and works closely with regional IT teams and external partners. Key Responsibilities: Lead the firm's information security governance framework across all … offices and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory More ❯

wellness and employee assistance programmes, gymflex, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture Role Purpose Design and implement changes to information security governance & risk management, to ensure that the organisation's security posture is robust, compliant, and adaptable to emerging threats while aligning with strategic business goals. … that we are consistently compliant with customer, regulatory, and shareholder obligations. Implement and continuously improve a risk management process across the organisation. Maintain and assess the effectiveness of the security controls catalogue; recommend improvements. Own the Information Security Management System (ISMS) to ensure compliance with internal and external requirements. Provide assurance that security controls are operating … with defined frameworks. Maintain company risk portfolio and actively review and risk finding Conduct internal assessments against regulatory and customer obligations, compliance assessments, and gap analyses. Develop and implement governance frameworks aligned with business and regulatory requirements. Skills Cyber Risk Oversight - Strategic understanding of cyber security risks and the ability to oversee the implementation of appropriate controls, assurance More ❯

Security Consultant (Governance, Risk, Compliance) Reading, UK (Hybrid with some travel) £30.00–£40.00 per hour (Inside IR35) 6-month contract. Potential to extend up to 2 years We are seeking an experienced Cyber Security Consultant (GRC) to join a leading global technology organization as part of their expanding Cyber Security practice. The successful candidate will deliver … a range of Governance, Risk, and Compliance (GRC) consulting engagements for large enterprise clients, supporting the full project lifecycle from scoping to delivery and reporting. You’ll work closely with senior stakeholders, from technical teams through to directors, providing expert advisory support to strengthen cyber security frameworks and ensure compliance with global standards. Key Responsibilities Deliver end-to … enterprise clients. Conduct risk assessments, develop compliance frameworks, and provide actionable recommendations. Apply industry standards such as ISO27001, NIST CSF, CIS Top 18, and COBIT. Support clients with Cloud Security, Business Continuity, Disaster Recovery, and emerging technology risk management. Collaborate with internal and client teams to enhance cyber resilience and compliance maturity. About You Minimum of 4+ years’ experience More ❯