22 of 22 GRC Jobs in the Thames Valley

GRC Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a GRC Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you will be … responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the GRC Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST …/ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the GRC Analyst: Maintain and improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

possess the following? Relevant experience in cybersecurity risk management or equivalent in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of More ❯

primary client contact for your workstreams Supporting the scoping and mobilisation of new engagements alongside senior colleagues Designing and delivering high-quality finance technology solutions (reporting, planning, close, treasury, GRC, ESG, and beyond) Translating client requirements, existing processes, and spreadsheets into coherent solution designs and implementation documentation Serving as a subject matter expert and providing architectural and technical leadership to More ❯

the need for Sponsorship We're looking for a Compliance Manager to support and evolve the compliance function for a telecoms organisation based in Theale. Reporting to the Senior Governance, Risk & Compliance Counsel, you'll lead the development and implementation of compliance programs that mitigate legal and regulatory risks while embedding a culture of ethical and operational integrity. Key Responsibilities More ❯

cross-functional programme team, ensuring collaboration between internal stakeholders, incumbent provider, and new vendor. Deliver clear, concise ExCo-level reporting, highlighting programme risks, dependencies, and strategic decisions. Drive robust governance and risk management, ensuring regulatory compliance, operational resilience, and smooth customer experience throughout the transition. Oversee change management and stakeholder engagement to embed the new service and operating model. Requirements More ❯

of regulatory frameworks, compliance, and technology standards. Proven ability to influence stakeholders and manage risk appetite decisions. Experience managing audits and large-scale risk assessments. Desirable Qualifications: Familiarity with GRC tools and data analytics. Professional certifications (e.g., CRMP, CIA). Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy. More ❯

and flexibility to support the demands of a FTSE 100 business.Supporting Head of Information Security Architecture and Assurance as well as working closely with key stakeholders including Head of Governance, Risk and Compliance, Digital Security, IT and business teams you will focus on core areas such as risk management and security due-diligence reviews ensuring compliance with legal, regulatory and More ❯

We are seeking a detail-oriented and proactive SaaS GRC Specialist to strengthen our Governance, Risk, and Compliance framework as we scale our SaaS operations. In this role, you will ensure that our business processes, security controls, and regulatory obligations are consistently met. You will work across multiple teams—security, legal, product, and operations—helping us maintain trust with customers … and regulators while supporting business growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and … IT teams to embed compliance into day-to-day operations. Prepare and support external audits, certifications, and customer due diligence requests. Deliver GRC training and awareness sessions to employees across the business. Track regulatory changes and advise leadership on potential business impacts. Requirements Bachelor’s degree in Information Security, Business, Compliance, or related field. 2+ years of experience in GRC More ❯

and project-based hiring needs -- Lead delivery for contract roles including: Microsoft Dynamics (F&O, CE, BC), Salesforce (Admin, Dev, CPQ, Marketing Cloud), Cloud platforms (AWS, Azure, GCP), Cybersecurity (GRC, SecOps, IAM), AI and data roles (ML engineers, NLP, LLM ops) -- Recruit, manage, and mentor a growing team of contract recruiters -- Create and implement internal systems for contractor compliance, reporting More ❯

Governance, Risk & Compliance Officer 📍 Location: City of London (Hybrid – 2 days/week in office) 💰 Salary: Extremely competitive 🧭 Industry: B2B Travel Tech/SaaS A high-growth, profitable B2B travel technology company is hiring a GRC Officer to build and lead its governance, risk, and compliance function from scratch. This is a rare opportunity to shape a new department within … a global tech business powering millions of transactions weekly for the world’s leading travel platforms ✈️🌍. 🔍 What You’ll Do 🧱 Build Frameworks: Design and implement governance, risk, and compliance structures. ⚠️ Manage Risk: Own the risk register and guide risk-aware decision-making. ✅ Ensure Compliance: Stay ahead of GDPR, ISO 27001, NIST, PCI DSS, and more. 📋 Lead Audits: Coordinate internal … evolving laws and advise leadership. 🧠 Educate Teams: Deliver security awareness training across the business. 🤝 Collaborate Widely: Work with Legal, IT, Engineering, and Commercial teams. 🛠️ Own Tools: Select and manage GRC platforms and systems. 🧑 💼 Who You Are ✔️ 5+ years in GRC, cybersecurity, or infosec roles. 📖 Deep understanding of data protection laws (especially GDPR). 🧮 Experience with GRC platforms and audit methodologies. More ❯

practice growth. What You’ll Be Doing Delivering cyber strategies, risk assessments, and maturity roadmaps aligned to client business goals Supporting clients through large-scale cyber transformation programmes Designing governance frameworks and operating models to improve resilience and compliance Managing multi-disciplinary delivery teams across complex environments Building trusted relationships with senior stakeholders and supporting client decision-making Mentoring junior … focus on cyber security strategy and transformation Knowledge of key frameworks and standards such as NIST CSF, ISO27001, GDPR, NIS2, or NCSC CAF Practical expertise in areas such as GRC, security architecture, threat management, or vulnerability management Excellent communication skills with the ability to influence a wide range of stakeholders Proven project management and delivery experience in complex client environments More ❯

Job summary We are seeking an Information Governance & Cyber Security Manager to lead the second line of defence across Information Governance, Cyber Security, Quality, and Digital Clinical Safety. In this role, you will oversee the operational delivery of InHealths management systems, ensuring compliance, accountability, and consistency across the business. You will provide strong leadership, manage a dedicated team, and play … a key part in driving governance priorities that protect our patients, staff, and services. This is a pivotal position for someone who is enthusiastic, motivated, and passionate about embedding high standards of quality and security across a healthcare organisation. This is a full-time permanent role, working remotely. There will be travel to InHealth sites as part of the role. … Main duties of the job Information Governance: Oversee policy frameworks, DPIAs, DSAs, and regulatory compliance, and lead the Data Security Protection Toolkit return. Cyber Security: Manage security policies, lead ISO 27001 certification, embed data security practices, and oversee incident response. Digital Clinical Safety: Maintain digital clinical safety policies (DCB0129/0160), ensure training compliance, and support safety case documentation. Quality More ❯

us as a Senior Manager for Cyber Policies and Controls and help shape the future of cybersecurity across Vodafone. In this global role, you'll lead the development and governance of our Cyber and Information Security policies, standards, and control frameworks-ensuring they reflect industry best practices and align with our risk appetite. You'll collaborate with senior stakeholders across … Your leadership will extend to our Cyber education and awareness programme, where you'll champion a strong security culture through engaging training, testing, and communications.As part of the Cyber Governance, Risk and Control (GRC) leadership team, you'll also help shape the strategic direction of both GRC and the wider Cyber function, contributing to our long-term roadmap and technology … priorities. Role title: Senior Manager, Cyber Policies and Controls Function: Group Technology Band: F Department: Cyber Security Reports to: Global Head of Cyber Governance, Risk & Controls Location: Newbury/Paddington Who you are We're looking for someone who brings: Broad technical knowledge of cybersecurity and controls, ideally with exposure to cloud and telecoms security Deep expertise in policy, control More ❯

tools, and mentoring junior analysts, while contributing to the continuous improvement of their security posture. This is a hands-on, operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems More ❯

tools, and mentoring junior analysts, while contributing to the continuous improvement of their security posture. This is a hands-on, operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems More ❯

programme team, ensuring collaboration between internal stakeholders, incumbent provider, and new vendor. Deliver clear, concise ExCo-level reporting, highlighting programme risks, dependencies, and strategic decisions. Drive robust governance, risk management, and compliance, ensuring resilience and service continuity throughout the transition. Oversee change management and stakeholder engagement to embed the new service and operating model. Requirements Proven experience managing the transition More ❯

and internal policies across multiple jurisdictions. You will implement compliance programs, monitor adherence, provide risk-based legal advice, and help shape a compliance-focused culture. Key Accountabilities: Compliance and Governance Ensure the organisation adheres to corporate governance standards, codes of conduct and relevant laws across all jurisdictions. Monitor regulatory developments and interpret their relevance and impact on the business, providing … not limited to anti-bribery and corruption, competition, whistleblowing, data protection and ethical conduct. Monitor adherence and manage internal reporting mechanisms by liaising with internal Global Risk and Compliance (GRC) function. Global Regulatory Compliance Ensure compliance with international legal and regulatory frameworks (e.g. GDPR, FCPA, local employment laws). Liaise with external counsel where jurisdiction-specific advice is needed with More ❯

frameworks. The focus is business change, integration, testing, cutover, training, adoption and handover to BAU, with clear evidence for PRA and FCA expectations. What you will do • Drive rollout, governance and reporting • Coordinate integrations with procurement, contract management, GRC, SSO and data platforms • Lead UAT, dry run cutover, go live and hypercare • Deliver training, communications and role based guides • Stand More ❯

in close cooperation with other KPMG offices. Our services are of both an assurance and transformation in nature and include: General IT and ERP controls, design and implementation of GRC operating models and solutions, IT Security and Risk Management, control automation, design and implementation of SOX 404 control framework, design and implementation of controls for S/4 HANA programmes … market, as part of a wider strategic plan to grow our ERP & Business Systems team. The services we provide include External and Internal Assurance, Controls Transformation, Process Optimisation and GRC implementations. This work is delivered through stand-alone assignments, or as part of internal audit engagements. Typical activities include: Responsibility for quality, value add and timely delivery of the overall … proposal writing and assisting with client presentations. Coaching and developing team members on engagements. Roles & Responsibilities: Provide consulting and advisory services to clients that operate SAP systems including SAP GRC Access Controls and Process Controls. Help clients enhance their SAP controls capability and increase control automation. Work stream lead/SME on SAP/GRC control and/or Data More ❯

focuses primarily on eight mega process areas: Finance, Source to Pay (procurement and vendor mgmt.), Plan to Fulfil (manufacturing and distribution), Lead to Cash (sales order processing and payment), Governance, Engage to Consume (marketing), Idea to Market (R&D), and Recruit to Retire (HR). This transformation requires thought leadership, quality decision making, deep technical know-how, and an ability … Collectively the new roles will be responsible for the delivery of the core SAP Security deliverables within S/4HANA and FIORI ensuring alignment with role design, processes and governance principles. Responsibilities Demonstrate and exemplify the Five Principles of Mars, Inc. personally and within the team. Support the SAP Security team in ensuring that shared and local/segment template … complex ERP environment that underpins critical business and IT processes. Work with the SAP Security team and Global Process Owners (GPO's) in implementing a comprehensive SAP Security and GRC framework, including strategies, policies, and procedures that align with organisational objectives and industry best practices to ensure robust access controls, risk management and regulatory compliance. Design and deliver technical and More ❯