1 to 25 of 26 GRC Jobs in the North of England

Business Analyst Lead -GRC Location: Manchester, Birmingham and London Job Type: Contract Job Summary: The GRC Lead & Business Analyst is responsible for managing the organization's Governance, Risk, and Compliance (GRC) framework while also performing business analysis to enhance risk management, regulatory compliance, and operational efficiency. This role involves assessing risks, ensuring compliance, conducting audits, analyzing business processes, and driving … GRC-related projects. The GRC Lead Cum BA will work closely with IT, legal, finance, and business units to enforce policies, ensure compliance, and implement best practices for governance, risk, and assurance. Key Responsibilities: 1. Governance, Risk & Compliance (GRC) Management Develop, implement, and maintain GRC policies, frameworks, and procedures aligned with industry standards and regulatory requirements (ISO 27001, NIST, SOC … place. Maintain a risk register and track risk management initiatives. Lead third-party/vendor risk assessments requirement gathering, ensuring supplier security and compliance. Collaborate with leadership to align GRC practices with business objectives. 2. Compliance & Assurance Ensure the organization meets regulatory requirements and industry best practices. Manage compliance audits (ISO 27001, SOC 2, PCI DSS, GDPR, HIPAA) and coordinate More ❯

Governance, Risk & Compliance (GRC) Lead Location: Fully Remote - UK Wide Department: Technology - IT Security and Service Management Contract Type: Permanent Salary: £55,000 - £65,000 About the Role We are seeking a highly experienced and motivated GRC Lead to join our Cyber Security team. This role is critical in shaping and delivering our information assurance strategy, ensuring that cyber security … such as DSPT , CAF , and DORA . You will also play a key role in stakeholder engagement, presenting confidently to senior leadership and translating complex technical requirements into actionable governance strategies. With a significant project pipeline launching in 2026, this is a unique opportunity to influence the future of cyber security governance in a regulated environment. Key Responsibilities Own and … leadership teams. Ensure timely and accurate submission of compliance documentation, including NHS audits and DSPT submissions. Skills & Experience Minimum 5 years' experience in information security , with a focus on governance, risk, and compliance. Proven ability to lead teams and manage complex programmes in regulated environments. Strong understanding of cyber security frameworks and regulations (DSPT, ISO 27001, CAF, GDPR, DORA). More ❯

of the Information Security Graduate: Assist with incidents and requests that are assigned to Information Security within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO/IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally More ❯

of the Information Security Graduate: Assist with incidents and requests that are assigned to Information Security within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO/IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally More ❯

lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity As S/4 HANA Roles & GRC Access Manager, you will lead and support our SAP Security and Governance, Risk, and Compliance (GRC) initiatives. The ideal candidate will have extensive experience with SAP Security architecture and implementation … SAP GRC solutions (Access Control, Identity Access Governance), and proven experience managing teams through complex SAP implementations and security risk assessments. This role will play a crucial part in designing, implementing, and re-design of security roles, Identity and Access Governance for cross-platform ecosystems while maintaining secure and compliant SAP environments across the organisation. You will demonstrate and develop … your capabilities in the following areas: Develop and implement S/4 HANA security and GRC strategy, design to protect the integrity and confidentiality of our clients' enterprise systems. Oversee S/4 HANA Security during implementation ensuring compliance embedding audit and regulatory requirements. Lead the design, configuration, implementation and testing of SAP GRC modules such as Access Control (AC More ❯

to continuously improve capability, enhance & integrate service offerings, and build the Professional Services team Skills/Must have: 5 years in a client-facing information/cyber security/GRC role Professional certifications including but not limited to CISSP, CCSP, CISM, CRISC, CISA, CDPSE. Experience in auditing and implementing security standards such as ISO 27001/2, NIST CSF, and More ❯

CEH, GIAC Desirable to understand risk driven architecture such as Sherwood/SABSA/SANS Highly desirable to have exposure to DevSecOps functions. For clarification: This role is NOT GRC, neither is it a SOC role, rather it is more suited to a Security Engineer who has progress to a broader role engaging on multiple concurrent projects, influencing initial idealisation More ❯

cross-functional cyber incident planning and ensuring cybersecurity practices extend across the Supply Chain. This is a fast paced role, where the successful candidate will lead cybersecurity governance, risk management, and compliance initiatives within an enterprise environment. Managing incident response frameworks, including cross-functional planning and coordination. They will have excellent interpersonal skills and ability to build and maintain relationships … expert recommendations on security improvements, infrastructure hardening and threat mitigation strategies. The successful candidate will monitor and assess emerging cyber risks, delivering proactive strategies to safeguard company assets and ensure cybersecurity governance aligns with the Cyber Governance Code of Practice, supporting compliance efforts. They will also, strengthen supply chain cybersecurity, working with partners and vendors to enforce … security best practices, and report findings, strategies and recommendations to senior stakeholders, providing regular updates on risk posture. Candidates should ideally have demonstrable experience in: Leading cybersecurity governance, risk management, and compliance initiatives within an enterprise environment. Managing incident response frameworks, including cross-functional planning and coordination. Conducting security audits and vulnerability assessments, with a proven track record of risk More ❯

cross-functional cyber incident planning and ensuring cybersecurity practices extend across the Supply Chain. This is a fast paced role, where the successful candidate will lead cybersecurity governance, risk management, and compliance initiatives within an enterprise environment. Managing incident response frameworks, including cross-functional planning and coordination. They will have excellent interpersonal skills and ability to build and maintain relationships … expert recommendations on security improvements, infrastructure hardening and threat mitigation strategies. The successful candidate will monitor and assess emerging cyber risks, delivering proactive strategies to safeguard company assets and ensure cybersecurity governance aligns with the Cyber Governance Code of Practice, supporting compliance efforts. They will also, strengthen supply chain cybersecurity, working with partners and vendors to enforce … security best practices, and report findings, strategies and recommendations to senior stakeholders, providing regular updates on risk posture. Candidates should ideally have demonstrable experience in: Leading cybersecurity governance, risk management, and compliance initiatives within an enterprise environment. Managing incident response frameworks, including cross-functional planning and coordination. Conducting security audits and vulnerability assessments, with a proven track record of risk More ❯

including risk assessments. Using tools such as Nessus, Tenable, or Microsoft Defender to identify and prioritise vulnerabilities. Delivering clear, actionable security reports to technical and non-technical stakeholders. Supporting governance, risk, and compliance activities related to security findings. Collaborating with wider teams and contributing to security training and mentoring initiatives. Ideal candidate profile: 2-3 years' experience in vulnerability management More ❯

Head of Governance, Risk and Compliance Salary : Competitive Salary plus cash car allowance Location: Remote Keywords: Information Security, ISO 27001, Risk Management, Compliance, Governance, Cyber Security, Team Management, Audit, Stakeholder Engagement, Data Protection A distinguished opportunity has arisen for a Head of Governance, Risk and Compliance to join a highly regarded organisation. This position is integral to the Group's … Information Security strategy, underpinning the maintenance of exemplary standards, compliance, and risk management practices. The successful candidate will play a pivotal role in shaping and overseeing information security governance programmes, working in close concert with both business and technology divisions to ensure that security imperatives are clearly articulated and diligently executed. Opportunity to influence and direct the Group's Information … Security governance programme through collaboration with cross-functional teams and by shaping strategic decisions at all levels. What you'll do:As a Head of Governance, Risk and Compliance you will assume responsibility for guiding a proficient team devoted to safeguarding organisational information assets through robust governance frameworks. Your remit will encompass close engagement with technical specialists as well as More ❯

guiding us to deliver impact how and where it mattersmost . Connect to your opportunity As a Senior Manager, you will lead and oversee a variety of SAP Security, Governance, Risk, and Compliance (GRC) and Identity Access management work for a portfolio of diversified clients in different industries where you will be required to lead and collaborate effectively. The ideal … candidate will have extensive experience with SAP Security architecture and implementation, SAP GRC solutions (Access Control, Identity Access Governance), and proven experience managing teams through complex SAP ERP Transformation engagements. You will demonstrate and develop your capabilities in the following areas: Apply problem solving and critical thinking to enable the identification of Technology and Risks associated. Access the security requirements … and risks for complex ERP environment supporting the core business and IT processes. Develop and implement a comprehensive SAP security and GRC strategy, policies, and procedure aligned with Organisational goals and industry best practice. Oversee SAP Security during implementations, ensuring compliance with regulatory requirements and internal security standards. Establish and maintain robust access management policies and procedure for user provisioning More ❯

lifecycle from planning to deployment. Collaboration & Communication Partner with Product, Operations, and Executive teams to align technical strategy with company vision. Translate business needs into innovative, practical engineering solutions. Governance & Risk Ensure compliance with regulatory, security, and operational standards. Proactively manage technical risks and drive architectural decisions. Innovation & Technical Excellence Stay ahead of emerging technologies and recommend tools or frameworks More ❯

lifecycle from planning to deployment. Collaboration & Communication Partner with Product, Operations, and Executive teams to align technical strategy with company vision. Translate business needs into innovative, practical engineering solutions. Governance & Risk Ensure compliance with regulatory, security, and operational standards. Proactively manage technical risks and drive architectural decisions. Innovation & Technical Excellence Stay ahead of emerging technologies and recommend tools or frameworks More ❯

impact in Cyber Security, this role is for you! Responsibilities: Ensure protection of information assets and technologies Participate in security audits like ISO27001, ISO27701, ISO20000, NIST-CSF, and IASME Governance Conduct and document internal audits for our clients Deliver security awareness training, including public speaking engagements Manage Third-Party Risk Management (TPRM) including vendor security reviews Assist the Sales Team … with scoping engagements and delivering valuable services to clients Skills/Must have: Extensive experience in Information Security Governance, Risk, and Compliance (GRC) Experience contributing to an Information Security Management System (ISMS) certified to ISO27001 standards Knowledge of the Cyber Essentials Plus Scheme, GDPR, and Data Protection Act (2018) Strong communication skills and the ability to build relationships with internal More ❯

Are you looking for an exciting new opportunity? Join a trusted security and compliance partner offering comprehensive services including GRC consulting, CREST-accredited penetration testing, and an industry-leading vulnerability management service. As the number one Global Service Partner of Vanta, the company has a proven track record of helping hundreds of businesses from tech startups to global industry leaders More ❯

and communication activities • Working closely with Technology project teams to realise the end to end delivery of technology changes that are required to realise the business goal • Ensuring all governance, risk management, controls and compliance requirements are considered, planned for an adhered to safeguard the customer experience • Driving the delivery of pragmatic business and operational design solutions which maximise benefits More ❯

As a Senior Principal - GRC in the Technology & Telecoms sector, you will lead governance, risk, and compliance initiatives while ensuring alignment with accounting and finance objectives. This role is ideal for a detail-oriented professional passionate about fostering robust compliance frameworks and driving organisational success. Client Details The employer is a medium-sized organisation within the Technology & Telecoms industry, specialising … in innovative solutions and services. They are recognised for their focus on ensuring operational excellence and delivering high-quality results to their stakeholders. Description Develop and implement governance, risk, and compliance strategies in line with organisational goals. Collaborate with accounting and finance teams to ensure regulatory compliance across all operations. Monitor and assess existing GRC processes, identifying areas for improvement. … and risk assessments. Stay up-to-date with evolving regulations within the Technology & Telecoms sector. Support training initiatives to enhance compliance awareness across departments. Profile A successful Senior Principal - GRC should have: Strong knowledge of governance, risk, and compliance frameworks. A background in accounting or finance with relevant professional qualifications. Proven experience in the Technology & Telecoms industry or a related More ❯

team. This opportunity offers a hybrid working model and the chance to join a forward-thinking business during a period of transformation. The role blends technical security experience with GRC responsibilities and provides visibility across key areas of the business. 🔐 Key Responsibilities Lead security risk assessments and ensure mitigations are tracked and completed. Develop, review, and maintain information security policies … awareness campaigns and contribute to a culture of security. Support internal and external audits, representing the security function as needed. Stand in for the Head of Information Security in governance and strategy discussions. ✅ What We’re Looking For 3+ years in Information Security roles, with GRC and technical exposure. Experience working with ISO 27001, NIST, or equivalent frameworks. Understanding of More ❯

all, andworking hard to decarbonise the planet for generations to come. About the role This is an information security risk and compliance-based role, reporting intothe Head of InfoSec, Governance, Risk and Compliance via the OT Risk andCompliance Manager. You'll be part of the Information Security, Governance,Risk and Compliance Team (IGRC) but will work closely but with a More ❯

exciting opportunity has arisen for an experienced Information Security Analyst to join a thriving organisation - offering hybrid working. This role is perfect for someone looking to further develop both Governance, Risk and Compliance (GRC) and technical security skills within a business that truly values professional growth. You will be part of a knowledgeable information security team during a period of More ❯

client's team as a vCISO, where you'll work closely with mid-enterprise businesses to assess, strategize, and implement robust security frameworks. You will lead Gap Analysis and GRC assessments, playing a pivotal role in helping organizations align with industry standards like ISO27001, Cyber Essentials, and NCSC CAF. This role requires immediate impact, with a start date of November. … Responsibilities: Act as a vCISO for multiple mid-enterprise businesses, providing expert guidance on cybersecurity strategies. Conduct comprehensive Gap Analysis and GRC assessments to identify and mitigate risks. Implement and oversee security strategies, ensuring alignment with ISO27001, Cyber Essentials, and NCSC CAF. Collaborate with clients to enhance their overall security posture and compliance with industry regulations. Skills/Must have … Proven experience in Governance, Risk, and Compliance (GRC). Strong background in conducting Gap Analysis and risk assessments. In-depth knowledge of ISO27001, Cyber Essentials, and NCSC CAF frameworks. Ability to start by November. Nice to Haves: Experience working with mid-enterprise businesses. Benefits: Flexibility to be based anywhere in the UK, with office access in Leeds. Salary More ❯

on retail and dining, to health and wellbeing, travel, and technology...and plenty more The Role We are currently recruiting for a Manager to join our existing Data and Information Governance Team. Reporting into the Senior Manager, Information Governance and Deputy Data Protection Officer supporting the further developing of the, dedicated first line capability for information risk, control frameworks and testing … a control framework across a complex infrastructure of product lines, control functions and subsidiaries, enabling effective oversight of information risk. You will develop elements of and implement an Information Governance Framework whilst developing and monitoring various risk controls within the RCSA framework in both Operations and as SME across the business. You will work directly with local 1LoD defence risk … in-depth knowledge and practical experience in the following: - Data Protection - Information Rights - Records Management - Information Risk You will be able to demonstrate evidence of delivering change in Information Governance to create a transparent, but 'privacy aware' compliance culture with proven experience in an operational risk management role in the public or private sector, preferably in financial services. You will More ❯

of the customer. Adding value every day will be a key goal. Role Responsibilities: Not limited to User administration across multiple environments and clients (SAP BAU and Project) User governance (SAP reporting and Excel) Leavers review, inactivity checks and access review actions Privileged access reviews Supporting audit with requests for information (FCF, Deloitte and GCSS) Catalogue requests (ServiceNow and SAP … HR SuccessFactors and Workforce Manager time bookings) Cost centre master data changes Support with general queries relating to processes, controls, GUI etc. Firefighter management (limited now as most through GRC) Batch job maintenance (Excel and SAP) What are BAE Systems looking for from you? Working knowledge of SAP S/4HANA Experience with ECC 6 will be beneficial. Good understanding More ❯

Provide 1st and 2nd level support for SAP access-related incidents and service requests via ticketing systems (e.g., ServiceNow). Troubleshoot user access issues in SAP and contribute to GRC compliance. Support user provisioning, de-provisioning, and access modifications in collaboration with business teams, internal controls, and IT access management. Assist end-users and business collaborators with access-related questions … ensuring a positive customer experience. Support role assignments, approvals, and risk analysis in SAP GRC Access Control. Perform routine checks and monitoring of SAP access controls and segregation of duties. Document SOPs and knowledge articles for recurring issues and workflows. Escalate complex issues to senior specialists or the CoE Lead for resolution. Collaborate with other IT and security teams on More ❯