12 of 12 Remote GRC Jobs in the South West

optimize EDR/XDR toolsets and MDR services to meet incident response needs. Stakeholder & Compliance Translate technical threats into clear business risks and mitigation actions for management. Collaborate with GRC to ensure compliance with regulations and frameworks (e.g. NCSC CAF, ONR SyAPs, ISO27001). Support major security incidents and exercises with forensic and technical expertise. Who you are We're More ❯

Security monitoring operations: Support and oversee the day-to-day security monitoring operations, including log analysis, threat intelligence, and SIEM management. Leadership and mentoring: Provide strong leadership to the governance, risk and compliance team and mentor the professional growth and development of security staff. Threat intelligence: Stay up to date with the latest cyber security threats, vulnerabilities, technologies, and best … track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg NCSC, ICO, NHS England). Policy & governance: Extensive experience in developing, implementing, and enforcing comprehensive information security policies, standards, and procedures. Regulatory compliance: Solid understanding of UK and EU data protection laws (eg GDPR, Data Protection Act … security concepts to technical and non-technical stakeholders, including senior leadership, product teams, and external partners. Team leadership & mentoring: Proven ability to lead, mentor, and develop a high-performing governance, risk, and compliance (GRC) team. Vulnerability management: Experience scoping, overseeing and interpreting the results of vulnerability scanning, penetration testing, and security audits. Desirable: Cloud Security Expertise: Experience securing cloud-native More ❯

Security monitoring operations: Support and oversee the day-to-day security monitoring operations, including log analysis, threat intelligence, and SIEM management. Leadership and mentoring: Provide strong leadership to the governance, risk and compliance team and mentor the professional growth and development of security staff. Threat intelligence: Stay up to date with the latest cyber security threats, vulnerabilities, technologies, and best … track record in developing, leading, and managing security incident response plans, including experience with major incident handling and communication with regulatory bodies (eg NCSC, ICO, NHS England). Policy & governance: Extensive experience in developing, implementing, and enforcing comprehensive information security policies, standards, and procedures. Regulatory compliance: Solid understanding of UK and EU data protection laws (eg GDPR, Data Protection Act … security concepts to technical and non-technical stakeholders, including senior leadership, product teams, and external partners. Team leadership & mentoring: Proven ability to lead, mentor, and develop a high-performing governance, risk, and compliance (GRC) team. Vulnerability management: Experience scoping, overseeing and interpreting the results of vulnerability scanning, penetration testing, and security audits. Desirable: Cloud Security Expertise: Experience securing cloud-native More ❯

Doing Advise senior stakeholders on cyber security strategy to support digital and operational transformation Lead the design and delivery of cyber transformation programmes across complex organisations Develop and implement governance and operating models to improve cyber maturity and regulatory readiness Assess enterprise risk and define strategic roadmaps to embed security across business operations Solve critical cyber challenges across diverse industries … and client environments What You'll Bring Strong experience in cyber strategy, risk management, governance, architecture, and regulatory compliance Familiarity with frameworks and standards such as NIST CSF, ISO27001, NCSC CAF, GDPR, and NIS2 Industry-recognised certifications (e.g. CISSP, CISM, CISA, M.Inst.ISP, or equivalent) Practical experience in GRC, threat and vulnerability management, or operational resilience Proven delivery across complex programmes More ❯

Information Assurance that are keen to help us continue to grow and develop. You are a client facing security professional, with substantial experience within security and can deliver complex GRC projects, whilst developing and maintaining client relationships at a senior level. You will have a broad range of expertise across Information Security and be able to articulate and deliver different … to be prepared to deliver to wider public and private sector clients where required. At the Consultant level, you will be working with clients to deliver a range of GRC projects that could range from a single risk assessment to the development of a full ISMS to assuring clients gain accreditation in accordance with the appropriate standards on highly complex … programmes of work. Delivery of client engagements to support governance, risk and compliance against a range of cyber security regulations, frameworks and standards, including ISO 27001, NIST Regulations, CAF and secure by design. Staying on top of the latest developments within Cyber Security & Information Assurance by attending training and conferences. Working with the leadership and sales team to respond to More ❯

engagements, ensuring high-risk items are escalated to risk committees. Own and manage PCI compliance, acting as the key liaison with external assessors and partners. Drive strategic risk managementusing GRC tools, shaping policies and frameworks to protect NFU Mutual. Hybrid working with 80% homeworking and 20% based in Stratford-upon-Avon. About the role We're pleased to share a … This is a fantastic opportunity to influence strategic decisions and play a key role in shaping the NFU Mutual's security posture. Additional duties include: Manage the enterprise-wide Governance, Risk and Compliance (GRC) tool to identify trends and produce actionable insights. Define and maintain security policies and risk frameworks aligned with regulations and best practices. Define and maintain security … Expert understanding of cybersecurity risk frameworks and risk reporting. Strong knowledge of control frameworks, including ISF, ISO 27001:22, NIST, and PCI-DSS. User and manager level knowledge of GRC technologies and associated reporting modules Ideally have, working towards, or willingness to gain industry certifications - CISSP, CSIM, CRISC. At NFU Mutual, we support an inclusive workplace and value all the More ❯

Are you a seasoned SAP Security and GRC expert ready to lead transformative ERP engagements across diverse industries? We're partnering with a leading consultancy to find a Senior Manager who will spearhead SAP S/4 HANA security and access management initiatives, driving innovation and compliance in financial transformation programmes. About the Role As a Senior Manager, you'll … ownership of SAP Security architecture and implementation, leading teams through complex ERP transformations. You'll work closely with senior stakeholders to assess risks, define strategy, and deliver robust access governance solutions across SAP and non-SAP platforms. Key Responsibilities Lead SAP Security and GRC strategy development and implementation. Oversee access management policies, user provisioning, and SoD controls. Manage greenfield SAP … Deep knowledge of S/4 HANA, BW/4 HANA, SAP Analytics Cloud, SAP Access Controls, IAG, BTP, and cloud apps like SuccessFactors, Ariba, and Concur. Expertise in GRC tools such as Saviynt, SailPoint, Pathlock. Strong understanding of SOX, GDPR, and other regulatory frameworks. Excellent project management and communication skills. Professional certifications (e.g., SAP Access Control 12.0, CISSP, CISM More ❯

Are you a seasoned SAP Security and GRC expert ready to lead transformative ERP engagements across diverse industries? We're partnering with a leading consultancy to find a Senior Manager who will spearhead SAP S/4 HANA security and access management initiatives, driving innovation and compliance in financial transformation programmes. About the Role As a Senior Manager, you'll … ownership of SAP Security architecture and implementation, leading teams through complex ERP transformations. You'll work closely with senior stakeholders to assess risks, define strategy, and deliver robust access governance solutions across SAP and non-SAP platforms. Key Responsibilities Lead SAP Security and GRC strategy development and implementation. Oversee access management policies, user provisioning, and SoD controls. Manage greenfield SAP … Deep knowledge of S/4 HANA, BW/4 HANA, SAP Analytics Cloud, SAP Access Controls, IAG, BTP, and cloud apps like SuccessFactors, Ariba, and Concur. Expertise in GRC tools such as Saviynt, SailPoint, Pathlock. Strong understanding of SOX, GDPR, and other regulatory frameworks. Excellent project management and communication skills. Professional certifications (e.g., SAP Access Control 12.0, CISSP, CISM More ❯

senior cyber and information security professional to lead on safeguarding critical healthcare technology platforms. This role is ideal for someone with strong expertise in compliance, risk management, and security governance—particularly within public sector or regulated environments—who’s has been working at CISO level, or is ready to step into a strategic leadership position. A global, forward-thinking organisation … culture through staff training and awareness initiatives. Regulatory Compliance : Support ongoing compliance with UK and EU data protection laws and regulations. Leadership : Provide strategic leadership and mentorship within the governance, risk, and compliance team. Essential Skills: Security Leadership : Senior-level experience in information security, ideally in a CISO or equivalent role within software or health tech. Healthcare Standards : Strong knowledge … Expertise in building and managing security risk frameworks using methodologies like OCTAVE or FAIR. Incident Response : Hands-on experience leading incident response, including regulatory reporting and crisis management. Policy & Governance : Skilled in developing and enforcing comprehensive security policies and governance structures. Regulatory Compliance : Strong grasp of GDPR, the Data Protection Act, and NIS Directive within a health tech context. How More ❯

senior cyber and information security professional to lead on safeguarding critical healthcare technology platforms. This role is ideal for someone with strong expertise in compliance, risk management, and security governance—particularly within public sector or regulated environments—who’s has been working at CISO level, or is ready to step into a strategic leadership position. A global, forward-thinking organisation … culture through staff training and awareness initiatives. Regulatory Compliance : Support ongoing compliance with UK and EU data protection laws and regulations. Leadership : Provide strategic leadership and mentorship within the governance, risk, and compliance team. Essential Skills: Security Leadership : Senior-level experience in information security, ideally in a CISO or equivalent role within software or health tech. Healthcare Standards : Strong knowledge … Expertise in building and managing security risk frameworks using methodologies like OCTAVE or FAIR. Incident Response : Hands-on experience leading incident response, including regulatory reporting and crisis management. Policy & Governance : Skilled in developing and enforcing comprehensive security policies and governance structures. Regulatory Compliance : Strong grasp of GDPR, the Data Protection Act, and NIS Directive within a health tech context. How More ❯

senior cyber and information security professional to lead on safeguarding critical healthcare technology platforms. This role is ideal for someone with strong expertise in compliance, risk management, and security governance—particularly within public sector or regulated environments—who’s has been working at CISO level, or is ready to step into a strategic leadership position. A global, forward-thinking organisation … culture through staff training and awareness initiatives. Regulatory Compliance : Support ongoing compliance with UK and EU data protection laws and regulations. Leadership : Provide strategic leadership and mentorship within the governance, risk, and compliance team. Essential Skills: Security Leadership : Senior-level experience in information security, ideally in a CISO or equivalent role within software or health tech. Healthcare Standards : Strong knowledge … Expertise in building and managing security risk frameworks using methodologies like OCTAVE or FAIR. Incident Response : Hands-on experience leading incident response, including regulatory reporting and crisis management. Policy & Governance : Skilled in developing and enforcing comprehensive security policies and governance structures. Regulatory Compliance : Strong grasp of GDPR, the Data Protection Act, and NIS Directive within a health tech context. How More ❯

at KPMG; a diverse business requires diverse personalities, characters, and perspectives. There really is a place for you here. Why Join KPMG as a Manager - IGH GRCS? KPMG's Governance, Risk and Compliance Services (GRCS) practice within IGH is an area of the firm with tremendous growth potential. GRCS is an integral part of our Enterprise Risk advisory practice. We … provide services relating to internal audit, internal control, corporate governance, risk management and related assurance projects. Clients are based in the public sector and our services deliver added value to clients using modern control assessment, risk management and audit techniques focusing on strategic, management and operational issues as well as financial management and reporting controls. We also work closely with … and co-sourced contractual basis • Managing and directly delivering individual and/or a programme of internal audit projects which includes planning, review, quality assurance and reporting • Risk management, governance and internal audit advisory services • Risk identification workshops and control reviews • Delivering control and risk training • Managing and reviewing internal control questionnaires • Compliance internal audits • Working with members of other More ❯