1 to 25 of 91 Remote GRC Jobs in England

Head of Cybersecurity Governance Risk and Compliance Location: Mainly remote based working in the UK with travel to Oxford, Cowley (OX4 2GQ) occasionally Contract: Permanent Hours: Full time Salary: £70,000 per annum, plus car/car allowance Benefits: 33 days holiday, pension, life assurance, employee assistance programme, wellbeing support, and flexible benefits scheme About the Job As our Head … of Cybersecurity Governance Risk and Compliance youll work closely with business and technology teams, helping to articulate and communicate the InfoSec governance program, identify risks and evaluate and help implement controls and improvements. As part of your key responsibilities youll: Manage the day to day of the function and team Support the management of Information Security governance for the organisation … following skills and experience, but please apply if you think youd be able to perform well in this role! Excellent written and verbal communication skills Previous experience within a GRC function, IT Security/Cyber team, Internal Audit or an IT environment Hands on practical experience of ensuring full compliance with legal & regulatory frameworks including ISO 27001 Risk management Strong More ❯

Governance, Risk & Compliance (GRC) Lead Location: Fully Remote - UK Wide Department: Technology - IT Security and Service Management Contract Type: Permanent Salary: £55,000 - £65,000 About the Role We are seeking a highly experienced and motivated GRC Lead to join our Cyber Security team. This role is critical in shaping and delivering our information assurance strategy, ensuring that cyber security … such as DSPT , CAF , and DORA . You will also play a key role in stakeholder engagement, presenting confidently to senior leadership and translating complex technical requirements into actionable governance strategies. With a significant project pipeline launching in 2026, this is a unique opportunity to influence the future of cyber security governance in a regulated environment. Key Responsibilities Own and … leadership teams. Ensure timely and accurate submission of compliance documentation, including NHS audits and DSPT submissions. Skills & Experience Minimum 5 years' experience in information security , with a focus on governance, risk, and compliance. Proven ability to lead teams and manage complex programmes in regulated environments. Strong understanding of cyber security frameworks and regulations (DSPT, ISO 27001, CAF, GDPR, DORA). More ❯

environments. Relevant certifications such as CISSP, CISM, CISA, M.Inst.ISP, or a postgraduate qualification (e.g. MSc in Cyber Security). Practical knowledge in domains like threat management, vulnerability management, cyber GRC, cyber architecture, and cyber assurance. Detail-oriented with strong analytical and problem-solving capabilities. Excellent written and verbal communication skills, including stakeholder reporting and presentation development. Consulting & Delivery Skills: Project More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

risk assessments. Excellent analytical, organisational, and problem-solving skills. Strong written and verbal communication skills, with experience presenting to senior leaders. Proficiency in Risk management platforms (e.g., Archer, ServiceNow GRC). Professional certifications such as CTPRP, CISM, CISSP, or CRISC are highly desirable. What do we offer in return? A career that you define. Yes, we offer all the usual More ❯

lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity As S/4 HANA Roles & GRC Access Manager, you will lead and support our SAP Security and Governance, Risk, and Compliance (GRC) initiatives. The ideal candidate will have extensive experience with SAP Security architecture and implementation … SAP GRC solutions (Access Control, Identity Access Governance), and proven experience managing teams through complex SAP implementations and security risk assessments. This role will play a crucial part in designing, implementing, and re-design of security roles, Identity and Access Governance for cross-platform ecosystems while maintaining secure and compliant SAP environments across the organisation. You will demonstrate and develop … your capabilities in the following areas: Develop and implement S/4 HANA security and GRC strategy, design to protect the integrity and confidentiality of our clients' enterprise systems. Oversee S/4 HANA Security during implementation ensuring compliance embedding audit and regulatory requirements. Lead the design, configuration, implementation and testing of SAP GRC modules such as Access Control (AC More ❯

lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity As S/4 HANA Roles & GRC Access Manager, you will lead and support our SAP Security and Governance, Risk, and Compliance (GRC) initiatives. The ideal candidate will have extensive experience with SAP Security architecture and implementation … SAP GRC solutions (Access Control, Identity Access Governance), and proven experience managing teams through complex SAP implementations and security risk assessments. This role will play a crucial part in designing, implementing, and re-design of security roles, Identity and Access Governance for cross-platform ecosystems while maintaining secure and compliant SAP environments across the organisation. You will demonstrate and develop … your capabilities in the following areas: Develop and implement S/4 HANA security and GRC strategy, design to protect the integrity and confidentiality of our clients' enterprise systems. Oversee S/4 HANA Security during implementation ensuring compliance embedding audit and regulatory requirements. Lead the design, configuration, implementation and testing of SAP GRC modules such as Access Control (AC More ❯

will help keep BT safe and secure, empowering our colleagues with clear guidance and controls. This role is a fantastic opportunity for those looking to build their career in governance, risk and compliance while making a real difference to the security and resilience of BT. This role is hybrid (3 days in office) in one of the following: Bristol, London … and improvements to BT Security Policy and Standards and associated processes Supporting the definition of metrics for measuring compliance to security policies and standards, working in collaboration with the Risk, Governance, and Assurance teams to ensure they align to the risks the business faces and providing regular reports on compliance metrics Tracking effectiveness of the delivery of content with various … championing a security-conscious mindset through your actions and collaboration. You will be responsible for executing the day-to-day administrative duties that form the foundation of our risk management and compliance programs. Skills Required for the Role Presentation skills. Strong communication skills. Experience of stakeholder management and influencing skills A thorough approach to your work, with the ability to More ❯

will help keep BT safe and secure, empowering our colleagues with clear guidance and controls. This role is a fantastic opportunity for those looking to build their career in governance, risk and compliance while making a real difference to the security and resilience of BT. This role is hybrid (3 days in office) in one of the following: Bristol, London … and improvements to BT Security Policy and Standards and associated processes Supporting the definition of metrics for measuring compliance to security policies and standards, working in collaboration with the Risk, Governance, and Assurance teams to ensure they align to the risks the business faces and providing regular reports on compliance metrics Tracking effectiveness of the delivery of content with various … championing a security-conscious mindset through your actions and collaboration. You will be responsible for executing the day-to-day administrative duties that form the foundation of our risk management and compliance programs. Skills Required for the Role Presentation skills. Strong communication skills. Experience of stakeholder management and influencing skills A thorough approach to your work, with the ability to More ❯

Are you looking for an exciting new opportunity? Join a London based, product-agnostic consultancy specialising in information security governance, risk, and compliance management for clients across Europe. With a deep-rooted passion for cyber risk, the team excels at developing measurable controls that align with an organisation's risk appetite, capacity, and tolerance for breaches. Known for crafting innovative More ❯

and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯

and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯

globally. What You’ll Do Advise executive stakeholders on defining and executing risk-based cyber security strategies. Design and deliver cyber transformation programmes that align with business goals. Define governance frameworks, target operating models, and maturity roadmaps. Support clients in achieving regulatory compliance (e.g., NIS2, GDPR, ISO27001). Lead or support project delivery across multiple sectors and stakeholder levels. What … and team management (Agile or Waterfall). Analytical and lateral problem-solving mindset. Bonus if you have: Security clearance or the ability to obtain it. Hands-on experience across GRC, cyber threat management, or vulnerability management. If you’re ready to work on some of the most pressing and complex cyber challenges facing organisations today and want to do it More ❯

globally. What You’ll Do Advise executive stakeholders on defining and executing risk-based cyber security strategies. Design and deliver cyber transformation programmes that align with business goals. Define governance frameworks, target operating models, and maturity roadmaps. Support clients in achieving regulatory compliance (e.g., NIS2, GDPR, ISO27001). Lead or support project delivery across multiple sectors and stakeholder levels. What … and team management (Agile or Waterfall). Analytical and lateral problem-solving mindset. Bonus if you have: Security clearance or the ability to obtain it. Hands-on experience across GRC, cyber threat management, or vulnerability management. If you’re ready to work on some of the most pressing and complex cyber challenges facing organisations today and want to do it More ❯

better place. A safer place. A more ethical place. A place where anyone, anywhere can have a voice. That's a serious impact. NAVEX is a global leader in GRC solutions and helps organisations strengthen their risk and compliance programs with a 360-degree view of enterprise, third party and ecosystem risk for enhanced regulatory compliance and proactive risk management. More ❯

experts, to ensure our business commitments are delivered with quality and to expectation. Assessing new technology solutions Ensuring our non-functional requirements are met regarding performance, scalability, resilience, and GRC requirements (Information security, risk, industry regulation compliance) Helping to encourage collaboration and product ownership across developers and testers Ensuring continual shift of secure, quality and tested code activity left Working More ❯

experts, to ensure our business commitments are delivered with quality and to expectation. Assessing new technology solutions Ensuring our non-functional requirements are met regarding performance, scalability, resilience, and GRC requirements (Information security, risk, industry regulation compliance) Helping to encourage collaboration and product ownership across developers and testers Ensuring continual shift of secure, quality and tested code activity left Working More ❯

resilience and enable growth. What You’ll Do Advise executives on actionable cyber strategies to support digital transformation Shape and deliver cyber transformation programmes aligned with organisational objectives Design governance and operational models to enhance cyber maturity and regulatory readiness Assess and define risk-based roadmaps that embed cyber security into business operations Work across a range of industries and … of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability management Strong communication skills – written and verbal – with the ability to present to both technical and business stakeholders Consulting: Proven project delivery using Agile and Waterfall More ❯

resilience and enable growth. What You’ll Do Advise executives on actionable cyber strategies to support digital transformation Shape and deliver cyber transformation programmes aligned with organisational objectives Design governance and operational models to enhance cyber maturity and regulatory readiness Assess and define risk-based roadmaps that embed cyber security into business operations Work across a range of industries and … of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability management Strong communication skills – written and verbal – with the ability to present to both technical and business stakeholders Consulting: Proven project delivery using Agile and Waterfall More ❯

Security monitoring operations: Support and oversee the day-to-day security monitoring operations, including log analysis, threat intelligence, and SIEM management. Leadership and mentoring: Provide strong leadership to the governance, risk and compliance team and mentor the professional growth and development of security staff. Threat intelligence: Stay up to date with the latest cyber security threats, vulnerabilities, technologies, and best … track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg NCSC, ICO, NHS England). Policy & governance: Extensive experience in developing, implementing, and enforcing comprehensive information security policies, standards, and procedures. Regulatory compliance: Solid understanding of UK and EU data protection laws (eg GDPR, Data Protection Act … security concepts to technical and non-technical stakeholders, including senior leadership, product teams, and external partners. Team leadership & mentoring: Proven ability to lead, mentor, and develop a high-performing governance, risk, and compliance (GRC) team. Vulnerability management: Experience scoping, overseeing and interpreting the results of vulnerability scanning, penetration testing, and security audits. Desirable: Cloud Security Expertise: Experience securing cloud-native More ❯

Identify and implement emerging technologies that enhance performance and security. Leadership & People Development Build and develop a high-performing, collaborative team culture. Support team members' personal and professional development. Governance, Risk & Compliance Maintain the infrastructure and security risk register, ensuring compliance with all relevant regulations and policies. Supplier & Stakeholder Management Manage supplier relationships to maximise service quality and value. Collaborate More ❯

Identify and implement emerging technologies that enhance performance and security. Leadership & People Development Build and develop a high-performing, collaborative team culture. Support team members' personal and professional development. Governance, Risk & Compliance Maintain the infrastructure and security risk register, ensuring compliance with all relevant regulations and policies. Supplier & Stakeholder Management Manage supplier relationships to maximise service quality and value. Collaborate More ❯