1 to 25 of 105 GRC Jobs in London

activities Remediation workstreams and roadmaps Policy & process implementation Information Security Maturity Audits/CMMI Certification or alignment with recognised industry standards Compliance with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing of security tooling BC/DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management … as Health and Safety procedures as outlined by the Companies Health and Safety Policy. Essential Skills/Attributes: 3+ years in a client-facing information/cyber security/GRC role or 5+ years in a directly related field/role (such as cyber/intelligence/security in UK Armed Forces, Law Enforcement, UK Intelligence Community, UK Government Departments … Degree in Cyber Security, Computer Science, or related subject; or genuine equivalent experience working in cyber-security, GRC, security audit etc Professional certifications (currently held) including but not limited to CISSP, CCSP, CISM, CRISC, CISA Qualifications/experience in auditing against/implementing multiple security standards and frameworks, such as ISO 27001/2, NIST CSF, ISF CMMI, CIS, UK More ❯

NIST, ISO 27001, CIS20) and regulatory requirements relevant to the financial sector Broad technical knowledge spanning desktops, mobile devices, networking, operating systems, and cloud services. Proficiency with risk analytics, GRC tools, and security assessment methodologies. Exceptional analytical, communication, and report-writing skills, with the ability to translate complex technical issues into clear, actionable recommendations for both technical and non-technical More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

PCI DSS compliance and consultancy services across a range of requirements for clients. Operating as a subject matter expert and engaging confidently with clients relating to solving Information Security Governance, Risk, and Compliance problems. Supporting the growth of PGI's consultancy services in the UK and internationally in line with industry and globally recognised standards. Contribute towards the maintenance of More ❯

Governance Risk and Compliance Lead (GRC) - Cyber We're partnering with a leading global financial services firm to appoint a Governance, Risk, and Compliance (GRC) Lead into their high-performing Information Security function. GRC Lead - Cybersecurity (Financial Services) London Competitive Package This is an exciting opportunity to join a fast-paced, globally recognised institution with a mature cyber programme and … significant investment in its security posture. As a trusted search partner, we're looking for an experienced and strategic GRC professional who can bring deep subject matter expertise across third-party risk, regulatory compliance, audit readiness, and awareness training. You'll play a pivotal role in helping the firm navigate the evolving threat landscape while maintaining compliance with complex global … regulations. The Opportunity Sitting within a dynamic global InfoSec team, you'll be responsible for: Leading third-party risk assessments and driving continuous improvement of vendor governance processes. Owning client due diligence responses, ensuring the business meets external compliance and assurance requirements. Developing and delivering enterprise-wide awareness training, phishing simulations, and educational campaigns. Advising technical teams and stakeholders on More ❯

We’re working with a leading organisation in the entertainment industry who are seeking an experienced Governance, Risk and Compliance (GRC) Manager to join their Group division. This is a fantastic opportunity for a proactive and strategic individual to shape and maintain a strong compliance culture across a dynamic and fast-growing business operating across the UK and Europe. Location … + 25 days holiday + bank holidays + Up to 5% bonus Full-time, Permanent In this newly-created role, you’ll lead the execution of the Group GRC programme, align risk and compliance efforts with wider business goals, and ensure robust governance across information security and operational practices. Key Responsibilities: Develop and implement a comprehensive GRC framework across the … and standards Ensure compliance with GDPR, CIS18, PCI DSS, and ISO27001 Lead on third-party audits and provide documentation and evidence Support cybersecurity programmes and incident response planning Provide GRC advisory to senior leadership and cross-functional teams Promote a culture of risk awareness through training and communication Monitor changes in regulation and adapt the GRC framework accordingly Ideal Candidate More ❯

technology compliance, and other industry best practices. Own and manage the implementation of risk management tools and automation of processes using industry-leading platforms, including those that support AI governance when relevant. Lead or contribute to digital risk maturity assessments and process improvement initiatives. Develop and maintain documentation, reports, and dashboards for risk tracking and compliance monitoring, emphasizing digital risks. … methodologies, and compliance requirements. Ability to interpret regulatory requirements and translate them into actionable business strategies for IT risks and opportunities. Proficiency in risk management tools and platforms (e.g. GRC platforms), ideally with experience in implementing and/or optimizing these solutions. Experience in leading risk assessments and developing and implementing risk mitigation strategies. Strong analytical and problem-solving skills … and presentation skills for executive reporting, stakeholder engagement, and internal team leadership. To qualify for the role you should have 5+ years of experience in digital risk management, IT governance, cybersecurity, or related fields; experience in AI would be an additional advantage. Professional certifications such as CISA, CISSP, or equivalent (preferred but not mandatory). Expertise in risk management tools More ❯

services, and assets, ensuring compliance with industry standards (e.g., CIS, NIST, ISO 27001, SOC 1/2) and internal security policies across all platforms and environments. Lead the security governance mechanism for capturing and managing security baseline adherence to rectify any policy exceptions and dispensations (deviations or gaps) against the security policy standards and controls and align security risks. Oversee … Artificial Intelligence, post quantum computing and cyber risk quantification. Considerable experience in cybersecurity, with notable experience in a senior or managerial role focused on security policy, standards, controls testing, governance, and compliance. Mastery experience of how security controls are implemented, their effectiveness, and alignment with security policy, standards and NIST best practice guidelines. Strong ability to consult with control owners … information clearly and effectively. Presenting data insights to non-technical stakeholders. Strong understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Experience with GRC tools and best practices. RSA Archer is preferred. Proficiency in security frameworks (e.g., NIST CSF, ISO 27001, SOC1,2). Expert knowledge of security assurance practices such as audit, risk More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

of experience in cybersecurity, specializing in cyber assurance, third-party risk management, and regulatory compliance audits. Proven track record of leading cyber assurance engagements and guiding clients through risk management and compliance processes based on industry frameworks (e.g., NIST, ISO 27001). Expertise in managing third-party audits and ensuring regulatory compliance across audit lifecycles. In-depth understanding of regulatory … Science, Engineering, or a related field. Relevant certifications such as CREST, OSCP, CISSP, CISM, CISA, ISO 27001 Lead Auditor, SANS, or other recognized credentials in cybersecurity, third-party risk management, and compliance auditing. Skills: Strong commercial acumen, with proven ability to generate new business in cyber assurance and regulatory compliance services. Exceptional communication, presentation, and analytical skills with the ability … Head of Credit Risk Management Services London, England, United Kingdom 1 day ago Director of Risk & Compliance (law firm) London, England, United Kingdom 2 months ago Head of Cyber Governance, Risk and Complience London, England, United Kingdom 4 days ago London, England, United Kingdom 3 weeks ago Head of Governance, Risk and Compliance - Info Sec - 12 Month FTC Director Financial More ❯

Vice President, Security Governance, Risk and Assurance About CLS: CLS is the trusted party at the centre of the global FX ecosystem. Utilized by thousands of counterparties, CLS makes FX safer, smoother and more cost effective. Trillions of dollars' worth of currency flows through our systems each day. Created by the market for the market, our unrivalled global settlement infrastructure … and shape a supportive and inclusive working environment in which everyone is encouraged to be open and forward-thinking. Job information: Functional title - VP, IT Security Risk Department - Security Governance and Risk Management Corporate level - Vice President Report to - Director of Security Location - London, onsite 2 days per week About the role The individual will be part of the security … function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is robust, compliant against the security policy, standards and controls. The position will require close collaboration with technical, operational, compliance and audit teams to create a secure and compliant technology environment. What you will be doing: Maintain security policy, standards, procedures and frameworks. Ensure More ❯

Senior IT GRC Analyst City of London/Hybrid £Competitive + strong bonus and benefits GRC Frameworks, ISO 27001, NIST A prestigious financial services organisation in the heart of the City of London is seeking a Senior IT GRC Analyst to join its dynamic team. In this collaborative role, you will support the development and enhancement of IT Governance, Risk … and Compliance (GRC) frameworks, working closely with senior stakeholders, internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key Responsibilities: Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk … and control management frameworks. Conduct governance reviews in line with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the preparation and delivery of formal IT GRC reporting. Risk: Identifying, assessing, and documenting IT risks. Supporting IT risk management activities, including the execution of technical IT risk assessments. Supporting risk owners to define remediation More ❯

oversight, conducting reviews across all environments, services, and assets to ensure compliance with industry standards (e.g., CIS, NIST, ISO 27001, SOC 1/2) and internal policies. Lead security governance to manage adherence to security policies, rectify exceptions, and align security risks. Oversee remediation review lifecycle, testing evidence, and producing reports on risk trends. Collaborate on vulnerability and patch management … preferred. Certifications such as CRISC, CISM, CISA, or similar. Experience with AI, post-quantum computing, and cyber risk quantification advantageous. Extensive cybersecurity experience, especially in security policy, standards, controls, governance, and compliance. Deep understanding of security controls, their effectiveness, and alignment with policies and best practices. Ability to consult on security remediation and evidence provision. Proficiency in security data analysis … and reporting. Excellent communication skills for technical and non-technical audiences. Knowledge of security risk management principles and taxonomy. Experience with GRC tools, preferably RSA Archer. Familiarity with security frameworks like NIST CSF, ISO 27001, SOC1/2. Understanding of security assurance practices, audits, and lifecycle management. Ability to lead teams through change and adapt to evolving threats. High integrity More ❯

Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment with … wellness and employee assistance programmes, gymflex, buy and sell annual leave, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external More ❯

of our Insurance clients on a 12-month contract. Inside IR35 Hybrid Responsibilities: Analyze large datasets to identify trends, anomalies, and emerging risks across technology and cyber domains. Support governance and risk forums with timely and accurate reporting on key risk indicators (KRIs), control effectiveness, and remediation progress. Develop and maintain dashboards and reports to visualize technology and cyber risk … general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using Power BI, Tableau, or similar tools). Familiarity with GRC platforms and risk data management practices. Experience in a risk management, IT audit, or cyber security role within a financial services or regulated environment. Qualifications: Educated to degree level or More ❯

of our Insurance clients on a 6-month contract. Inside IR35 Hybrid Responsibilities: Analyze large datasets to identify trends, anomalies, and emerging risks across technology and cyber domains. Support governance and risk forums with timely and accurate reporting on key risk indicators (KRIs), control effectiveness, and remediation progress. Develop and maintain dashboards and reports to visualize technology and cyber risk … general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using Power BI, Tableau, or similar tools). Familiarity with GRC platforms and risk data management practices. Experience in a risk management, IT audit, or cyber security role within a financial services or regulated environment. Qualifications: Educated to degree level or More ❯

knack for stakeholder engagement with 5-15 years' experience? We're looking for multiple Cybersecurity Consultants, mid to manager level, with expertise in Identity and Access Management (IAM) and Governance, Risk, and Compliance (GRC).SPONSORSHIP IS UNAVAILABLE - UK ONLY FOR 5 YEARS MINIMUM DUE TO CLEARANCE What You'll Do Advise enterprise clients on IAM and GRC strategies, frameworks, and … to both technical and non-technical stakeholders. Act as a trusted advisor in customer-facing engagements. What You Bring Proven experience with multiple cyber domains including IAM technologies and GRC frameworks (ISO 27001, NIST, GDPR). Strong stakeholder management and interpersonal skills. Excellent communication skills - both written and verbal. Experience in customer-facing roles with technical and business advisory responsibilities. More ❯

knack for stakeholder engagement with 5-15 years' experience We're looking for multiple Cybersecurity Consultants, mid to manager level, with expertise in Identity and Access Management (IAM) and Governance, Risk, and Compliance (GRC).SPONSORSHIP IS UNAVAILABLE - UK ONLY FOR 5 YEARS MINIMUM DUE TO CLEARANCEWhat You'll Do Advise enterprise clients on IAM and GRC strategies, frameworks, and implementations. … to both technical and non-technical stakeholders. Act as a trusted advisor in customer-facing engagements. What You Bring Proven experience with multiple cyber domains including IAM technologies and GRC frameworks (ISO 27001, NIST, GDPR). Strong stakeholder management and interpersonal skills. Excellent communication skills - both written and verbal. Experience in customer-facing roles with technical and business advisory responsibilities. More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

about CyberArk , visit our CyberArk blogs or follow us on X , LinkedIn or Facebook . Job Description About the Role: We are seeking a highly motivated and detail-oriented GRC Compliance Expert to join our Governance, Risk, and Compliance team. This role is pivotal in supporting customer security assessments during RFx processes, driving compliance initiatives including DORA , NIS2 , and other … regulatory frameworks, and assisting with broader GRC activities across the organization. The ideal candidate is a self-starter with strong communication skills, who thrives in a fast-paced environment and is passionate about cybersecurity, regulatory compliance, and risk management. Please note that this is a hybrid role located in our office in London. We ask to come to the office … to compliance initiatives such as DORA , NIS2 , and other applicable standards and frameworks (e.g., ISO 27001, SOC 2, GDPR). Assist in the development, maintenance, and improvement of internal GRC processes, policies, and documentation. Collaborate with cross-functional teams (Security, Legal, IT, Product, etc.) to gather information and ensure compliance obligations are met. Participate in risk assessments, control testing, and More ❯

Information Security Analyst - 6-Month FTC Governance, Risk and Compliance Location: London/Hybrid Contract Type: Fixed Term (6 months) Salary: Competitive A global professional services firm is seeking a proactive Information Security Analyst to support the delivery of robust security and privacy policies across its global operation. This role is ideal for someone with hands-on experience in information More ❯

deliver on engagements, managing multiple internal and external stakeholders. Projects will vary and may include internal audits, implementation or review of internal and financial control frameworks, enterprise risk management, governance risk and control (GRC), Sarbanes-Oxley (SoX) implementations or reviews, risk and control automation, and performance improvement. Support the execution and daily deliverables of a portfolio of client projects, ensuring More ❯

or advisory work in support of a highly technical environment. 3+ years of experience in performing and/or participating in technical assessments of complex IT architecture • Experience with Governance, Risk, and Compliance tools and technology. Hands-on experience working successfully in a very fast-paced, rapidly evolving, results-oriented environment • Experience in working directly with auditors/regulators in More ❯