1 to 25 of 46 GRC Jobs in the South East

Security Consultant – GRC (Governance, Risk & Compliance) Location: Reading (Remote role with once or twice per month on-site) Rate: Negotiable (DOE) Contract: Until May 2026An excellent opportunity has arisen for an experienced Security Consultant (GRC) to join a global technology organisation that’s expanding its EMEA cyber security consulting practice and investing heavily in a new Centre of Excellence.This is … a hands-on consulting position delivering Governance, Risk and Compliance (GRC) projects for major enterprise clients — including risk management, cloud security governance, and compliance frameworks such as ISO27001, NIST CSF, CIS Top 18 and COBIT .You’ll play a key role in engaging with senior stakeholders, assessing cyber maturity, and driving best-practice improvements across a range of industries. Key … Responsibilities Deliver Cyber GRC consulting engagements end-to-end — from scoping and planning through to delivery and close-out. Provide advisory services covering areas such as Information Security Governance, Risk Management, Compliance, Business Continuity, and Cloud Security. Translate complex security and compliance requirements into actionable business solutions. Build trusted relationships with clients at both technical and senior management levels. Skills More ❯

Are you a governance leader who thrives at the intersection of information security, compliance, and organisational resilience? We're looking for an experienced Senior Security Governance Manager to drive our Information Governance, Cyber Security, and Quality frameworks to new heights. This is a high-impact role where you'll shape the strategic direction of security governance across the business, ensuring … compliance with UK, NHS, and international regulations - while empowering teams to work securely and confidently in a complex digital environment. What You'll Be Responsible For Information Governance Develop and execute the organisation's Information Governance (IG) strategy in line with UK, NHS, and international data protection frameworks. Maintain governance policies and key artefacts such as DPIAs, Data Processing Agreements … and support independent audit processes. Monitor compliance across business units and lead corrective actions where required. Cyber Security Lead the implementation and maintenance of Cyber Security policies, ensuring robust governance across all business areas. Manage the ISO 27001 certification lifecycle - including audits, remediation, and recertification. Collaborate with technical and product teams to embed security standards and oversee incident response procedures. More ❯

packaging solutions, paper products and recycling services in more than 30 different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and … risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T GRC scope, delegated and assigned by the Head of I&T GRC. Key Accountabilities Engage with More ❯

risk management, and vulnerability identification. Certifications: ISO 27001 Lead Implementer/Auditor, CISSP, CISM (highly desirable). Skills: Excellent communication, documentation, and project management abilities. Preferred Extras Familiarity with GRC tools and ISMS platforms. Ability to work independently and manage multiple priorities. Strong problem-solving skills in a fast-paced environment. Your expertise will keep us secure, compliant, and ahead More ❯

willing to work at customer premises, sometimes requiring some degree of travel. Demonstrated professional consulting experience of 4 or more years with Enterprise IT-security, Information and Cyber Security Governance, Technology Risk Management, Compliance, Business Continuity/DR, Cloud Security gained in a previous delivery capacity. Experience in delivering assignments using well known security frameworks, standards and methodologies such as More ❯

willing to work at customer premises, sometimes requiring some degree of travel. Demonstrated professional consulting experience of 4 or more years with Enterprise IT-security, Information and Cyber Security Governance, Technology Risk Management, Compliance, Business Continuity/DR, Cloud Security gained in a previous delivery capacity. Experience in delivering assignments using well known security frameworks, standards and methodologies such as More ❯

such as CISSP, CISM or CISA Knowledge of security standards and good practice Understanding of cloud, access control and networking Strong communication and customer facing skills Good knowledge of governance, risk and compliance Ability to manage workload and meet deadlines Desirable Skills UK Cyber Security Council registration Knowledge of HMG or MoD security policy Secure by Design experience Experience with More ❯

sites across the UK. We offer full 360-degree services to our clients from initial consulting on a range of areas including Risk Assessments, Vulnerability Management, Accreditations (ISO27001, GDPR), GRC (Governance, Risk, Compliance), Security Architecture Design and Build (technical and Non-technical), Incident Response, Protective Monitoring Services, Penetration Testing and much more. We take clients through a journey to improve More ❯

frameworks, policies, and regulatory requirements. Collaborate with IT, Risk, Compliance, and project teams to deliver practical, client-focused security advice. What they're looking for: Strong technical security and GRC experience. Experience in project delivery and stakeholder engagement (not hands-off). Knowledge of ISO 27001, NIST, or similar frameworks. Excellent communication, analytical, and problem-solving skills. Contract Details: Location More ❯

achieved through clear strategic partnerships and technical expertise. Responsibilities will cover both technical (working with vendors, quality assurance, requirements analysis, technical L3 work) and non-technical (line management, mentoring, governance, roadmap, risk, and compliance). Someone who isn't afraid to get their sleeves rolled up and get into the detail will be a key trait. No two days will More ❯

and implementing secure cloud solutions. Strong understanding of application and infrastructure architecture. Background in network and web application security (OSI, TCP/IP, OWASP, PKI, TLS). Knowledge of governance, risk, and compliance practices. Relevant certifications (OSCP, CREST, TIGER, etc.) are beneficial. Benefits Include: Up to £120,000 base salary + performance bonus Healthcare and dental insurance Pension scheme Minimum More ❯

and implementing secure cloud solutions. Strong understanding of application and infrastructure architecture. Background in network and web application security (OSI, TCP/IP, OWASP, PKI, TLS). Knowledge of governance, risk, and compliance practices. Relevant certifications (OSCP, CREST, TIGER, etc.) are beneficial. Benefits Include: Up to £120,000 base salary + performance bonus Healthcare and dental insurance Pension scheme Minimum More ❯

of regulatory frameworks, compliance, and technology standards. Proven ability to influence stakeholders and manage risk appetite decisions. Experience managing audits and large-scale risk assessments. Desirable Qualifications: Familiarity with GRC tools and data analytics. Professional certifications (e.g., CRMP, CIA). Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy. More ❯

driving the implementation of controls, monitoring, and documentation for compliance readiness. Key Requirements Proven experience in s ecurity engineering and compliance delivery Deep understanding of SOC 2, ISO 27001, GRC frameworks and audit processes Hands-on experience integrating cybersecurity tools and platforms such as Crowdstrike, Vanta, Rapid7 Strong adherence to Azure security best practices Knowledge of TX-RAMP and FedRAMP More ❯

skills, experience + tasks will include: ServiceNow Architect with TSOM (Telecoms Service Operations Management) implementation projects. Design + implementation of ServiceNow modules including: TSOM, ITSM, ITOM, ITAM, HRSD, CSM, GRC, SecOps + custom applications. Designing + implementing CMDB and Discovery. Proven expertise in ServiceNow integrations involving: REST, SOAP, APIs, and MID Servers. ServiceNow scripting (JavaScript, Glide, Flow Designer) and ServiceNow More ❯

our ideal customers use are are familiar with the procurement and billing/AP space You have experience with demoing, implementing or administering key applications such as ERPs, CLMs, GRC, procurement and/or AP automation platforms. You're an effective communicator, simplifying technical concepts for both technical and non-technical audiences. You're a proactive problem solver, with strong More ❯

strategic senior leader to oversee our Cyber Engineering, Identity & Access Management (IAM), and Data Loss Prevention (DLP) functions. This role will be responsible for driving the design, delivery, and governance of enterprise-wide security engineering solutions, while ensuring secure, scalable, and resilient identity and data protection services. The ideal candidate will combine deep technical expertise with strong leadership skills to … automation, orchestration, and advanced analytics to improve detection, response, and resiliency. Identity & Access Management Own enterprise-wide IAM strategy, including workforce and customer identity, privileged access management (PAM), identity governance and administration (IGA), and multi-factor authentication (MFA). Lead initiatives to modernize and integrate IAM platforms to support cloud adoption, Zero Trust, and frictionless user experiences. Partner with business … to prevent unauthorized data exfiltration, insider threats, and regulatory breaches. Implement monitoring, classification, and enforcement mechanisms that balance data protection with business enablement. Partner with business, compliance, and data governance teams to align DLP strategy with General Data Protection Regulation, Financial Conduct Authority, Prudential Regulation Authority, Sarbanes-Oxley, and other global data protection requirements. Provide executive and Board-level reporting More ❯

GRC Consultant - MOD DV Location: Farnborough or Cambridgeshire Type: Hybrid (3 days on-site) IR Status: Inside Rate: £500 - £600 Lenghth: Initial 6 months, scope for extension Must have Active MOD DV Clearance In this role, you'll be: Providing the Secure by Design risk and security assurance function within MOD as part of a managed service. Have an excellent More ❯

Cyber Security GRC Consultant (DV Cleared) Location: Hybrid/Southeast Region - on-site presence required Contract Type: Permanent & Full-time Salary: Competitive + Benefits About the Role As a Cyber Security Consultant, you will play a pivotal role in delivering Secure by Design risk and security assurance services within MOD and Public Sector environments. You'll collaborate with multi-disciplinary More ❯

good understanding of security frameworks and regulatory requirements. In addition, this role requires you to have experience of Information Security. The role will report directly to the Head of Governance, Risk and Compliance, with whom you will work to deliver the goals of the company to have a fit-for-purpose security standards framework. This is a role that requires … Align all standards with applicable regulatory requirements and frameworks (e.g., ISO 27001, GDPR, NIS-R). Review and update standards regularly in response to emerging threats and regulatory changes. Governance & Compliance: Oversee the exception management framework, including reporting, approvals and reviews prior to expiry. Monitor compliance with security policies and standards across digital and business teams. Act as the primary … regulations, technologies and industry best practices to ensure standards remain current and effective. What you should bring to the role: Essential Experience: Experience in information security or a related governance role. Experience applying security frameworks and regulatory requirements (CIS, GDPR, NIS-R). Experience collaborating across multiple business areas and functional teams. Proven ability to work independently, with strong stakeholder More ❯

their customers' assets and data against an evolving landscape of sophisticated global and local threats. Job Type: Permanent Location: London, UK Work Place: Remote Requirements Experience with information security governance, risk and compliance experience for a global organization Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk A strategic business partner with the … the capacity to effectively lead, manage, and inspire a team, enabling them to achieve both strategic and functional objectives Experience developing and publishing company-wide policies, standards, and other governance documents Ability to work very well cross-functionally and are able to think rigorously and make hard decisions and tradeoffs Ability to demonstrate initiative, operate autonomously, and assume complete responsibility More ❯

Step into a pivotal role at the forefront of cyber security, driving impact for our client base! Were looking for an experienced Governance, Risk & Compliance Manager to join our dynamic team. This is your opportunity to take a leading role in shaping and delivering robust security strategies that protect our clients and strengthen their resilience against evolving cyber threats. As … our new GRC Manager, you will be the driving force behind the implementation of our Information Security Management System (ISMS) for assigned clients. Your expertise will help organisations understand their security challenges and enable them to enhance their security posture. Youll lead from the front, fostering a culture of compliance and risk awareness across Sopra Steria, while delivering tangible value … client Security Working Group meetings and stakeholder sessions. Ensure audit readiness and support internal/external audits. Drive continuous improvement initiatives within Sopra Sterias security function. What youll bring: GRC/Operational Security Manager experience with solid understanding and experience with security policies and standards Technical proficiency and knowledge across the spectrum of information security solutions and operations Knowledge of More ❯

Cyber Security GRC Manager - London Remote working Salary up to £60,000 per annum This is a fully remote position, with occasional meetings in London and possible travel to India twice yearly. Cyber Security Manager (GRC) position available for a client based in London. The role involves shaping and implementing a governance, risk, and compliance (GRC) strategy. Responsibilities include establishing … implementing technical controls. Skilled in articulating technical risks in terms of business impact. Professional certifications such as CISM, CISSP, CRISC, ISO 27001 Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the More ❯

telemetry from SIEM (e.g., Splunk, Sentinel), CSPM (e.g., Prisma Cloud, Wiz), EDR, and workload protection platforms. Develop analytics pipelines for early risk detection and automated alerting. Lead the technical governance of risk remediation, orchestrating automated workflows (e.g., SOAR, IaC-based remediation) to ensure timely, effective, and sustainable outcomes. Develop and maintain integrated, actionable risk dashboards and reporting using Power BI … designing and implementing controls for hybrid and cloud-native systems (AWS, Azure, GCP). Deep expertise in risk analytics, SIEM, CSPM, EDR, automation (Python, PowerShell, Terraform), and integration with GRC platforms. Deep technical knowledge of enterprise systems, cloud platforms, infrastructure, and application architectures. Proven understanding of risk management frameworks (e.g., NIST, ISO 27005, FAIR) and regulatory requirements (e.g., SOX, DORA … a working environment that welcomes everyone and creates inclusive teams, celebrates difference and encourages everyone to be themselves at work. Our commitment to the community and environmental, social and governance investing: We partner with charitable organisations globally to make an impact in the communities where we live and work. Our people are encouraged to support the charities they feel most More ❯

Working Our client are seeking an experienced Information Security Analyst to provide immediate support to the Information Security team. This role is a hybrid of technical security analysis and governance, risk, and compliance (GRC)activities. The successful candidate will play a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident … This is a hands-on delivery role for someone who can work independently, make sound judgements, and communicate clearly with both technical and non-technical stakeholders. Key Responsibilities Security Governance & Risk Technical Security Oversight Supplier and Third-Party Security Assurance Advisory and Awareness Desirable Relevant certifications such as CISSP, CISM, CRISC, CEH, CompTIA Security+, or equivalent experience. Experience working in More ❯