Senior InformationSecurity GRC Analyst Senior InformationSecurity GRC Analyst Locations: London, United Kingdom; Manassas, United States Posted on: 4 Days Ago ABOUT US We're the world's leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value - across borders, through cities and overseas. No other organisation … relevant. Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions. Are you passionate about securityGovernance, Risk and Compliance (GRC)? Do you thrive in a dynamic environment where your experience and your security expertise can shape the future of our organization? We … are looking for a GRC Specialist like you to join our growing InformationSecurityGovernance team. In this role, you will: Develop and implement robust GRC frameworks to ensure compliance with increasingly stringent industry regulations and standards. Lead the reporting and presentation of our GRC activities to internal and external stakeholders, ensuring transparency and accountability. Collaborate with More ❯
cross-border transaction banking solutions to enable fintech, corporates, governments, development organisations and banks to move money to, from, and across often hard-to-reach markets. Job Description The Security GRC (Governance, Risk & Compliance) Manager will take the lead in developing, implementing, and continuously improving our global securitygovernance, risk, and compliance programs. You’ll play … a critical role in maintaining and achieving key security certifications, driving regulatory compliance across multiple regions, and enabling a strong security culture across the business. You’ll be joining a small, high-performing, and collaborative security team where your ideas, initiative, and hands-on mindset will make a real impact. If you’re an experienced GRC professional … with a passion for innovation, a data-driven approach, and a proven track record in tech environments—this is the role for you. Responsibilities: Security Frameworks: Lead the management and continuous improvement of security frameworks such as ISO/IEC 27001, NIST CSF, and others as required. Certifications & Audits: Oversee and drive certification and re-certification efforts for More ❯
Are you currently working for an IT provider but ready to step into the world of dedicated Cyber Security? We have an exciting opportunity for an InformationSecurity Consultant looking to elevate their career. We're looking for someone with hands-on experience in ISO 27001 implementation and auditing, and expertise in NIST to drive our Compliance … Team's service offerings forward. Work with a innovative, industry-leading Cyber Security team Play a key role in the development of internal and client security programs Contribute to significant projects that support clients' compliance and risk management goals If you're ready to make an impact in Cyber Security, this role is for you! Responsibilities: Ensure … protection of information assets and technologies Participate in security audits like ISO27001, ISO27701, ISO20000, NIST-CSF, and IASME Governance Conduct and document internal audits for our clients Deliver security awareness training, including public speaking engagements Manage Third-Party Risk Management (TPRM) including vendor security reviews Assist the Sales Team with scoping engagements and delivering valuable More ❯
London, England, United Kingdom Hybrid / WFH Options
WSP
that celebrates new ideas and diverse perspectives. You can experience a world of opportunity and the chance to shape a career as unique as you. Position Summary WSP's InformationSecurity Office (ISO) is responsible for the deployment and maintenance of the informationsecurity framework for both the IT organization and wider business community. This includes … the Governance mechanisms, policies and processes, tools and technologies, and employee training required to protect WSP information and that of our clients. The role of Regional InformationSecurity Officer reports directly to the Business InformationSecurity Officer and is responsible for delivering the InformationSecurity Framework into the applicable region of WSP. … role, although some interaction with clients and third parties may be required. This position requires a senior management professional with relevant experience and a strong working knowledge of IT security, risk management, regulatory compliance, information and public cloud service technology, IT operations management principles, and third-party security management. A little more about your role... Specific areas More ❯
London, England, United Kingdom Hybrid / WFH Options
Nest pensions
InformationSecurity Manager - Corporation Join to apply for the InformationSecurity Manager - Corporation role at Nest pensions InformationSecurity Manager - Corporation Join to apply for the InformationSecurity Manager - Corporation role at Nest pensions Role Overview We're looking for a pragmatic, risk focussed InformationSecurity Manager to work within … Nest and maintain our ISO 27001 certified corporation InformationSecurity Management System (ISMS). We sit in the second line of defence and advise the business on security risks, incidents, audits, assurance and the implementation and monitoring of security controls that protects Nest. You'll have a solid background in informationsecurity management systems … concepts to non-technical people. Please note the minimum criteria for this role is: Practical experience of operating certified ISMS using ISO 27001/2, NIST CSF and other security standards in the design and management of informationsecurity controls. Practical experience working with third party suppliers to audit and evidence compliance with security policies, standards More ❯
Join to apply for the Security GRC Manager role at Boku Continue with Google Continue with Google Join to apply for the Security GRC Manager role at Boku Boku Inc. (BOKU.L) is the leading global provider of local mobile-first payments solutions. Global brands including Amazon, DAZN, Meta, Google, Microsoft, Netflix, Sony, Spotify, and Tencent rely on Boku … UAE. Boku is a truly global company that takes pride in its diversity and thriving equal opportunity workplace. Role Purpose: We are seeking a highly motivated and detail-oriented SecurityGovernance, Risk, and Compliance (GRC) Manager to drive the maturity of our informationsecurity program across governance, risk management, regulatory compliance, and control assurance. This … role plays a critical part in safeguarding the firm’s information assets, ensuring ongoing alignment with ISO 27001, SOC 2, PCI DSS, GDPR, and region-specific regulatory frameworks (e.g., RBI, DORA, MAS). You will act as the central point of coordination for risk reporting, policy governance, audit support, and cross-functional control implementation, working closely with internal More ❯
InformationSecurity GRC Manager Contract role (Outside IR35) Location: London (Remote) iO Associates have collaborated with our consultancy division to help in their search for an InformationSecurity GRC Manager. You will work towards refining the entire GRC programme - frameworks, audits, risk assessments, stakeholder communication - across a regulated environment. You'll also work with vendors and … internal teams to ensure compliance and strong governance. Key Responsibilities: Build and refine informationsecuritygovernance and risk frameworks Lead audits (internal/external) and drive compliance (ISO 27001, GDPR, NIST) Own vendor risk, supplier assurance, and contract governance Communicate risks and policies across the business Support KPI development and risk strategy planning Requirements: Degree in … Computer Science/IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead Auditor/Implementer Working knowledge with legal/security needs in housing association sector and its regulatory environment Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS Proven experience in GRC leadership Skilled in risk analysis, audit reporting, and policy writing Excellent More ❯
Join to apply for the InformationSecurity GRC Manager role at Oliver James Join to apply for the InformationSecurity GRC Manager role at Oliver James Oliver James has partnered with a industry leader who are currently looking for a InformationSecurity GRC Manager to join the team. Experience Required Lead informationsecuritygovernance, risk, and compliance efforts, drawing on solid management experience. Apply deep knowledge of key security frameworks and regulations (ISO 27001, NIST, GDPR) to guide compliance. Develop and implement risk assessments and mitigation plans to address identified threats. Create clear documentation and reports, including audits, assessments, and gap analyses. Oversee compliance with standards such as ISO … and PCI-DSS, ensuring ongoing monitoring and delivery. Communicate effectively with stakeholders at all levels, translating complex security concepts into business terms. Stay informed on legal and regulatory requirements relevant to security, particularly in the housing sector. Establish and maintain effective policies, standards, and controls for managing information security. Build strong relationships with senior leaders and support More ❯
Direct message the job poster from developrec Global Delivery Consultant at developrec InformationSecurity Manager | Full-time Onsite | Victoria, London | 3 Stage Process | £70,000 - £80,000 bonus We are working with a growing security intelligence business with operations in the UK, Ukraine and UAE. They work across national security, NGOs, government and charity organisations offering … intelligence and security risk support in hostile environments. Due to expansion and increased strategic focus, they are looking for an experienced InformationSecurity Manager to take ownership of their ISO 27001-aligned ISMS, build out governance frameworks and lead security strategy across a global footprint. The role is based out of their Victoria office in … week initially. The interview process consists of 3 stages, including technical and stakeholder engagement rounds. Skills & Experience: Proven experience managing and implementing ISO 27001-compliant systems Strong background in informationsecuritygovernance and risk management Experience with Cyber Essentials/Cyber Essentials Plus accreditation processes Knowledge of UK GDPR (though this will be managed by somebody else More ❯
My client, a Financial Services company based in London, are looking for an InformationSecurityGovernance, Risk and Assurance specialsit to join their growing team. This role is two days per week in the office in London (near Canary Wharf). About the InformationSecurityGovernance, Risk and Assurance specialist: The individual will be … part of the security function that is responsible for securitygovernance, risk and assurance, to ensure the organisations security posture is robust, compliant against the security policy, standards and controls. The position will require close collaboration with technical, operational, compliance and audit teams to create a secure and compliant technology environment. What you will be … doing: Maintain security policy, standards, procedures and frameworks. Ensure alignment with security industry standards such as NIST CSF and NIST 800-53. Act as an advisor to colleagues across the organisation on best security practice. Conduct regular risk assessments and maintain risk register in RSA Archer. Identify assess and prioritize security risk across the organisation More ❯
London, Singapore, Sweden and Cyprus. About the Role We are seeking a strategic and hands-on Head of InfoSec to lead our cybersecurity initiatives with a strong emphasis on governance, risk management, and compliance (GRC) . This role is critical in shaping and enforcing security policies, driving enterprise-wide risk management, and ensuring ongoing compliance with frameworks such … as SOC 2, ISO 27001, and other regulatory requirements . The ideal candidate is not only a technical expert but also a business-savvy leader who can align security strategy with organizational goals. Key Responsibilities & Duties Governance, Risk & Compliance: Develop, implement, and maintain the company’s informationsecuritygovernance framework. Lead the strategy and execution … for security compliance initiatives including SOC 2 , ISO 27001 , NIST , and other relevant standards. Oversee and manage the enterprise risk management program , including identification, assessment, and mitigation of informationsecurity risks. Regularly report to executive leadership and the board on security risks, compliance status, and incident responses. External Engagement: Confidently represent Talos in security conversations More ❯
About The Role The Chief InformationSecurity Officer (CISO) is a senior leader responsible for establishing and maintaining the organisation's vision, strategy, and programs related to information security. The CISO plays a crucial role in safeguarding the organisation's sensitive data, intellectual property, and information systems from potential threats and cyberattacks. The CISO collaborates with … various departments, including IT, legal, business risk, and business units, to ensure the implementation of effective security measures and adherence to industry best practices and regulatory requirements. As CISO, you will be responsible for: InformationSecurity Strategy: Develop and communicate a comprehensive informationsecurity strategy that aligns with the overall business goals and objectives. Ensure … adherence to this strategy across the entire technology estate. Risk Management: Identify, assess, and prioritise security risks, considering potential impact on the organisation's operations, reputation, and finances. Implement security risk mitigation measures and foster a security-aware organisational culture. SecurityGovernance: Work with the Data Protection team to establish and maintain the organisation's More ❯
UAE. Boku is a truly global company that takes pride in its diversity and thriving equal opportunity workplace. Role Purpose We are seeking a highly motivated and detail-oriented SecurityGovernance, Risk, and Compliance (GRC) Manager to drive the maturity of our informationsecurity program across governance, risk management, regulatory compliance, and control assurance.This role … plays a critical part in safeguarding the firm’s information assets, ensuring ongoing alignment with ISO 27001, SOC 2, PCI DSS, GDPR, and region-specific regulatory frameworks (e.g., RBI, DORA, MAS).You will act as the central point of coordination for risk reporting, policy governance, audit support, and cross-functional control implementation, working closely with internal stakeholders, regulators … and third-party partners. Key Responsibilities Lead the design, implementation, and continuous improvement of the firm’s InformationSecurityGovernance, Risk, and Compliance program. Own and maintain informationsecurity policies, standards, and procedures aligned to ISO 27001 and other regulatory frameworks. Coordinate internal and external audits, including evidence gathering, control walkthroughs, findings management, and follow More ❯
Join to apply for the Head of Risk & Compliance role at DAZN Get AI-powered advice on this job and more exclusive features. Department: 61-543 - Technology Operations - Technology Governance Location: UK - Leeds Description Are you ready to take the challenge to educate all employees in a young and ambitious organisation about their role in making informationsecurity a core part of their modus operandi and conduct to appropriate behaviour change? DAZN is looking to hire an experienced Head of Risk & Compliance to join their Technology Governance team as a Fixed Term 14-month maternity cover role. Leading a team overseeing the global strategic implementation of DAZN's informationsecurity management system (ISMS), the … form the ISMS programme to ensure continued conformity with standards such as ISO27001 and PCI DSS. What you'll be doing: Leading the implementation and maintenance of DAZN’s informationsecurity management system (ISMS) in conformity with ISO27001. Managing and delivering annual workstreams for successful completion of audits against ISO27001 and PCI DSS. Providing subject matter expertise in More ❯
based asset managers and other wealth related businesses. Due to this Titan Wealth is expanding rapidly through strategic acquisitions, offering a unique combination of start-up energy and the security of private equity backing. It's an inspiring time to join the team! Looking for a self-starting highly motivated and detail-orientated InformationSecurityGovernance, Risk, and Compliance (GRC) Analyst to support the design, implementation, and ongoing improvement of our informationsecuritygovernance and risk management framework. This role is essential in ensuring the organisation proactively manages informationsecurity risk across its employees, technologies, vendors, and operations and adheres to the regulatory and security standards pertinent to financial … services while providing visibility to key stakeholders. Job Responsibilities Support the development, maintenance, and enforcement of informationsecurity policies, procedures, and standards Conduct risk assessments on technology systems, third-party vendors, and new services. Drive, monitor and track remediation efforts related to incidents, assurance internal audits, external audits, and security assessments Strong stakeholder management skills, working closely More ❯
My client, an International Financial Services client based in London, are looking for an InformationSecurity Risk Lead to join their growing team. The InformationSecurity Risk Management Lead is a key member of the Risk Management team and is responsible for leading the implementation of the Enterprise and Operational Risk Management frameworks designed by my … client to identify, measure, monitor and mitigate informationsecurity risks. The successful candidate serves as a second set of eyes to management to provide review and credible challenge of the effectiveness of informationsecurity processes and controls. This position is highly engaged with the firm-wide InformationSecurity teams who provide security solutions … as well as all corporate departments that own informationsecurity risk. What they are looking for: 10+ years of experience specifically related to informationsecuritygovernance, operations, and risk management. Broad-based technology experience at substantial scale and complexity in a global, highly regulated, high-volume transaction environment. Experience must include time operating within transaction More ❯
InformationSecurity Manager | Full-time Onsite | Victoria, London | 3 Stage Process | £70,000 - £80,000 bonus We are working with a growing security intelligence business with operations in the UK, Ukraine and UAE. They work across national security, NGOs, government and charity organisations offering intelligence and security risk support in hostile environments. Due to expansion … and increased strategic focus, they are looking for an experienced InformationSecurity Manager to take ownership of their ISO 27001-aligned ISMS, build out governance frameworks and lead security strategy across a global footprint. The role is based out of their Victoria office in London, with an expectation of being onsite 5 days per week initially. … The interview process consists of 3 stages, including technical and stakeholder engagement rounds. Skills & Experience: Proven experience managing and implementing ISO 27001-compliant systems Strong background in informationsecuritygovernance and risk management Experience with Cyber Essentials/Cyber Essentials Plus accreditation processes Knowledge of UK GDPR (though this will be managed by somebody else) and broader More ❯
InformationSecurity Manager | Full-time Onsite | Victoria, London | 3 Stage Process | £70,000 - £80,000 bonus We are working with a growing security intelligence business with operations in the UK, Ukraine and UAE. They work across national security, NGOs, government and charity organisations offering intelligence and security risk support in hostile environments. Due to expansion … and increased strategic focus, they are looking for an experienced InformationSecurity Manager to take ownership of their ISO 27001-aligned ISMS, build out governance frameworks and lead security strategy across a global footprint. The role is based out of their Victoria office in London, with an expectation of being onsite 5 days per week initially. … The interview process consists of 3 stages, including technical and stakeholder engagement rounds. Skills & Experience: Proven experience managing and implementing ISO 27001-compliant systems Strong background in informationsecuritygovernance and risk management Experience with Cyber Essentials/Cyber Essentials Plus accreditation processes Knowledge of UK GDPR (though this will be managed by somebody else) and broader More ❯
InformationSecurity Manager | Full-time Onsite | Victoria, London | 3 Stage Process | £70,000 - £80,000 bonus We are working with a growing security intelligence business with operations in the UK, Ukraine and UAE. They work across national security, NGOs, government and charity organisations offering intelligence and security risk support in hostile environments. Due to expansion … and increased strategic focus, they are looking for an experienced InformationSecurity Manager to take ownership of their ISO 27001-aligned ISMS, build out governance frameworks and lead security strategy across a global footprint. The role is based out of their Victoria office in London, with an expectation of being onsite 5 days per week initially. … The interview process consists of 3 stages, including technical and stakeholder engagement rounds. Skills & Experience: Proven experience managing and implementing ISO 27001-compliant systems Strong background in informationsecuritygovernance and risk management Experience with Cyber Essentials/Cyber Essentials Plus accreditation processes Knowledge of UK GDPR (though this will be managed by somebody else) and broader More ❯
London, England, United Kingdom Hybrid / WFH Options
Sportradar AG
connects us. It brings people together from around the world to share in unforgettable moments. At Sportradar, we harness this power to shape the future of sports technology. Our InformationSecurity GRC team plays a critical role in protecting the trust and integrity that underpins our services. We are seeking a skilled and dedicated InformationSecurity GRC Specialist to help drive the maturity of our InformationSecurity Management System (ISMS), lead initiatives across risk and compliance domains, and strengthen third-party risk and business continuity capabilities. Sportradar is a global company. The role is hybrid with three office days per week and can be based in the following locations: Trondheim, London or Warsaw. … THE CHALLENGE: As an InformationSecurity GRC Specialist, you will: Collaborate in a dynamic, fast-paced environment, contributing across all key GRC domains. Maintain and enhance the ISMS aligned with ISO/IEC 27001 and related standards. Develop, implement, and manage informationsecurity policies, standards, and procedures. Support the organization-wide adoption of security risk More ❯
London, England, United Kingdom Hybrid / WFH Options
ZipRecruiter
Job Description Role Overview We're looking for a pragmatic, risk-focused InformationSecurity Manager to work within Nest and maintain our ISO 27001 certified corporation InformationSecurity Management System (ISMS). We sit in the second line of defence and advise the business on security risks, incidents, audits, assurance, and the implementation and monitoring … of security controls that protect Nest. You'll have a solid background in informationsecurity management systems, technology, and love communicating technical concepts to non-technical people. Please note the minimum criteria for this role is: Practical experience of operating certified ISMS using ISO 27001/2, NIST CSF, and other security standards in the design … and management of informationsecurity controls. Practical experience working with third-party suppliers to audit and evidence compliance with security policies, standards, etc. Understanding and experience of various InformationSecurity domains including Security Architecture, InformationSecurityGovernance, Network Security, Data Protection, Risk Management, Access Management, Vulnerability Management, Anti-Malware, Mobile More ❯
InformationSecurity Manager - Corporation InformationSecurity Manager - Corporation Please note we only accept online application via our website Role Overview We're looking for a pragmatic, risk focussed InformationSecurity Manager to work within Nest and maintain our ISO 27001 certified corporation InformationSecurity Management System (ISMS). We sit in the … second line of defence and advise the business on security risks, incidents, audits, assurance and the implementation and monitoring of security controls that protects Nest. You'll have a solid background in informationsecurity management systems, technology and love communicating technical concepts to non-technical people. Please note the minimum criteria for this role is: Practical … experience of operating certified ISMS using ISO 27001/2, NIST CSF and other security standards in the design and management of informationsecurity controls. Practical experience working with third party suppliers to audit and evidence compliance with security policies, standards etc. Understanding and experience of various InformationSecurity domains including Security Architecture More ❯
Join to apply for the Information Technology Consultant role at Virgin Atlantic . This role is responsible for supporting the governance of informationsecurity, ensuring that an appropriate risk, policy, and reporting framework is managed to enable Virgin Atlantic Airways to use information safely and in compliance with regulation. It involves supporting the identification, management … and documentation of requirements impacting the risk, policy, and reporting framework, as well as communicating governance matters with internal and external groups such as Internal Audit, Technology Leadership Team, Safety & Security, Virgin Group, or CPNI. The role ensures robust identification, management, and mitigation of information and cybersecurity risks across Virgin Atlantic’s operations. With an emphasis on … risk management activities, third-party supply chain security, and the assurance of policy, control, and compliance effectiveness, you’ll work across functions to support operational resilience and maintain alignment with global security and regulatory frameworks including: ISO/IEC 27001:2022 NIST Cybersecurity Framework PCI-DSS 4.0.1 UK GDPR, NIS2 Directive, CAP1753, and related sector obligations This makes More ❯
IT GRC Specialist is required by prestigious financial services organisation in the heart of the City. In this collaborative role, you will support the development and enhancement of IT Governance, Risk, and Compliance frameworks, working closely with senior stakeholders, internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key Responsibilities … Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk and control management frameworks. Conduct governance reviews in line with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the preparation … and attestations to support second-line permanent control checks. Coordinate IT control attestations across Group IT and with third-party service providers. Key Skills and Experience: Significant experience in InformationSecurityGovernance, Risk, and Compliance (GRC), with a focus on IT risk and control management. Strong analytical skills with the ability to perform technical IT securityMore ❯
IT GRC Specialist is required by prestigious financial services organisation in the heart of the City. In this collaborative role, you will support the development and enhancement of IT Governance, Risk, and Compliance frameworks, working closely with senior stakeholders, internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key Responsibilities … Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk and control management frameworks. Conduct governance reviews in line with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the preparation … and attestations to support second-line permanent control checks. Coordinate IT control attestations across Group IT and with third-party service providers. Key Skills and Experience: Significant experience in InformationSecurityGovernance, Risk, and Compliance (GRC), with a focus on IT risk and control management. Strong analytical skills with the ability to perform technical IT securityMore ❯
