1 to 25 of 275 GRC Jobs in the UK

Senior Information Security GRC Analyst Senior Information Security GRC Analyst Locations: London, United Kingdom; Manassas, United States Posted on: 4 Days Ago ABOUT US We're the world's leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value - across borders, through cities and overseas. No other organisation can address the scale … Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions. Are you passionate about security Governance, Risk and Compliance (GRC)? Do you thrive in a dynamic environment where your experience and your security expertise can shape the future of our organization? We are looking for a … GRC Specialist like you to join our growing Information Security Governance team. In this role, you will: Develop and implement robust GRC frameworks to ensure compliance with increasingly stringent industry regulations and standards. Lead the reporting and presentation of our GRC activities to internal and external stakeholders, ensuring transparency and accountability. Collaborate with cross-functional security teams to maintain and More ❯

activities Remediation workstreams and roadmaps Policy & process implementation Information Security Maturity Audits/CMMI Certification or alignment with recognised industry standards Compliance with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing of security tooling BC/DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management … as Health and Safety procedures as outlined by the Companies Health and Safety Policy. Essential Skills/Attributes: 3+ years in a client-facing information/cyber security/GRC role or 5+ years in a directly related field/role (such as cyber/intelligence/security in UK Armed Forces, Law Enforcement, UK Intelligence Community, UK Government Departments … Degree in Cyber Security, Computer Science, or related subject; or genuine equivalent experience working in cyber-security, GRC, security audit etc Professional certifications (currently held) including but not limited to CISSP, CCSP, CISM, CRISC, CISA Qualifications/experience in auditing against/implementing multiple security standards and frameworks, such as ISO 27001/2, NIST CSF, ISF CMMI, CIS, UK More ❯

The team you'll be working with: Security Consultant (GRC) NTT DATA is one of the world's largest global security service providers, partnering with some of the most recognized security technology brands. We're looking for passionate, curious, and motivated individuals to join our team. What you'll be doing: Using your background in Governance, Risk & Compliance, you will … help our clients: Governance: directs, oversees, designs, implements or operates within the set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage cyber and information security at an enterprise level. Supporting an organisation's immediate and future regulatory, legal, risk, environmental and operational requirements and ensuring compliance with those requirements. Policy and Procedure Management: directs, develops or … internal teams, external partners, and regulatory authorities. Providing remediation guidance and prepare management reports to track remediation activities. Continuous Improvement: Identify opportunities for process enhancements, driving initiatives to bolster governance framework and security posture. Assess and test the effectiveness of security controls, and document the compliance levels to identify risks and control gaps. What experience you'll bring: What experience More ❯

NIST, ISO 27001, CIS20) and regulatory requirements relevant to the financial sector Broad technical knowledge spanning desktops, mobile devices, networking, operating systems, and cloud services. Proficiency with risk analytics, GRC tools, and security assessment methodologies. Exceptional analytical, communication, and report-writing skills, with the ability to translate complex technical issues into clear, actionable recommendations for both technical and non-technical More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

following fields of expertise: 7+ years' varied experience in information security, data protection, and security architecture roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, UK CNI/OT/IIOT compliance. Hands-on experience building credibility with More ❯

verbal communication abilities, with a focus on clear reporting and stakeholder engagement. Possession of industry-recognised certifications such as CISSP, CISM, CRISC, or CEH would be preferred. Familiarity with Governance, Risk, and Compliance (GRC) platforms and maintaining structured risk registers. Understanding of applicable regulations and data protection legislation, including GDPR and other industry-specific mandates. What you'll get in More ❯

verbal communication abilities, with a focus on clear reporting and stakeholder engagement. Possession of industry-recognised certifications such as CISSP, CISM, CRISC, or CEH would be preferred. Familiarity with Governance, Risk, and Compliance (GRC) platforms and maintaining structured risk registers. Understanding of applicable regulations and data protection legislation, including GDPR and other industry-specific mandates. What you'll get in More ❯

CISM and/or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer/Auditor certification is essential. Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO 27001 compliant management system. Extensive experience of information security management and/or security awareness. In-depth expert More ❯

compliance and assurance programs.* Ensure alignment with ISO 27001, NIST, and other relevant security frameworks.* Collaborate with the Security Operations team to monitor, detect, and respond to threats.* Manage governance, risk, and compliance (GRC) activities, including risk assessments and mitigation strategies.* Train and mentor internal teams on security awareness and best practices.* Engage with stakeholders across the business to communicate … audits and regulatory inspections as required.Essential Skills & Experience:* Proven experience in incident management and cyber security operations.* Strong knowledge of ISO 27001, NIST, and other security frameworks.* Experience with governance, risk, and compliance (GRC) processes.* Familiarity with Security Operations Centres (SOC) and threat detection tools.* Excellent understanding of the cyber threat landscape and mitigation strategies.* Demonstrated ability to train teams … confidence and we would always speak to you before discussing your CV with any potential employer.Keywords:Cyber Security Manager, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GRC, Security Operations, SOC, Risk Management, Threat Landscape, Defence, Stakeholder Engagement, Security Frameworks, SC Clearance, British National, Cyber Compliance, Security Governance, Security Training, Wiltshire, Cyber Risk, Cyber Strategy, Adecco More ❯

compliance and assurance programs. * Ensure alignment with ISO 27001, NIST, and other relevant security frameworks. * Collaborate with the Security Operations team to monitor, detect, and respond to threats. * Manage governance, risk, and compliance (GRC) activities, including risk assessments and mitigation strategies. * Train and mentor internal teams on security awareness and best practices. * Engage with stakeholders across the business to communicate … and regulatory inspections as required. Essential Skills & Experience: * Proven experience in incident management and cyber security operations. * Strong knowledge of ISO 27001, NIST, and other security frameworks. * Experience with governance, risk, and compliance (GRC) processes. * Familiarity with Security Operations Centres (SOC) and threat detection tools. * Excellent understanding of the cyber threat landscape and mitigation strategies. * Demonstrated ability to train teams … and we would always speak to you before discussing your CV with any potential employer. Keywords: Cyber Security Manager, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GRC, Security Operations, SOC, Risk Management, Threat Landscape, Defence, Stakeholder Engagement, Security Frameworks, SC Clearance, British National, Cyber Compliance, Security Governance, Security Training, Wiltshire, Cyber Risk, Cyber Strategy, Adecco More ❯

The Role We are seeking a motivated and detail-oriented Junior GRC Analyst to join our team. The successful candidate will assist in developing and maintaining our governance, risk, and compliance program. This role offers an excellent opportunity to gain experience in GRC practices and work alongside experienced professionals. The role entails collaboration with various departments such as Operations, Client … strong relationships, their collaborative spirit, and their expertise in fostering growth. This role reports to a Senior Security Engineer. Primary Responsibilities Assist in the development, implementation, and maintenance of GRC policies and procedures aligned with the company's business goals and legal requirements. Support with the implementation of the Risk Management Framework policy and ensure ongoing actions are undertaken as … identification of potential compliance and security risks. Monitor and report on compliance with internal policies and external regulations. Ensure regular reviews are performed to assist with refining company's GRC policies, leveraging technology and industry best practices to drive efficiency. Support the preparation and execution of internal and external audits and DDQs. Collaborate with various departments to ensure compliance requirements More ❯

security compliance and assurance programmes. * Ensure alignment with ISO 27001, NIST, and other relevant security frameworks. * Collaborate with the SOC to monitor, detect, and respond to cyber threats. * Manage governance, risk, and compliance (GRC) activities, including risk assessments and mitigation strategies. * Promote a security-first culture through internal training and mentoring. * Communicate cyber risks, strategies, and progress effectively to stakeholders. … and external audits and regulatory inspections. Essential Skills & Experience: * Proven experience in cyber security operations and incident management. * Strong knowledge of ISO 27001, NIST, and related frameworks. * Experience with GRC processes and tools. * Familiarity with SOC operations and threat detection technologies. * Excellent understanding of the cyber threat landscape and mitigation strategies. * Demonstrated ability to train teams and promote security awareness. … and we will always consult you before submitting it to any client. Keywords: Cyber Security Lead, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GSLC, CCP, GIS, GRC, SOC, Risk Management, Threat Intelligence, Defence, Stakeholder Engagement, SC Clearance, Cyber Compliance, Security Governance, Security Awareness, West Midlands, Cyber Risk, Cyber Strategy, Adecco More ❯

Governance Risk and Compliance Lead (GRC) - Cyber We're partnering with a leading global financial services firm to appoint a Governance, Risk, and Compliance (GRC) Lead into their high-performing Information Security function. GRC Lead - Cybersecurity (Financial Services) London Competitive Package This is an exciting opportunity to join a fast-paced, globally recognised institution with a mature cyber programme and … significant investment in its security posture. As a trusted search partner, we're looking for an experienced and strategic GRC professional who can bring deep subject matter expertise across third-party risk, regulatory compliance, audit readiness, and awareness training. You'll play a pivotal role in helping the firm navigate the evolving threat landscape while maintaining compliance with complex global … regulations. The Opportunity Sitting within a dynamic global InfoSec team, you'll be responsible for: Leading third-party risk assessments and driving continuous improvement of vendor governance processes. Owning client due diligence responses, ensuring the business meets external compliance and assurance requirements. Developing and delivering enterprise-wide awareness training, phishing simulations, and educational campaigns. Advising technical teams and stakeholders on More ❯

Improvement: Identify opportunities to enhance risk management, compliance, and control processes. Recommend and implement improvements to strengthen the organisation's environment. Project Work: Contribute to project activities to ensure GRC requirements are understood and addressed. Roles and Responsibilities: Support the Global Risk & Compliance Senior Manager in delivering governance, compliance, and risk activities, including: Supporting security, audit, and compliance activities Ensuring … Requirements: Key skills and experience include: Excellent communication skills, capable of conveying compliance and risk concepts to both technical and non-technical audiences Significant experience in control management for governance, compliance, IT audits, IS assurance, and risk management CISA, CISM, or equivalent certification preferred BSc or equivalent in an IT-related field preferred Ability to communicate effectively with technical teams … to gather information and requirements Understanding of regulatory requirements (e.g., GDPR, Data Protection Act) and industry-specific regulations Experience implementing compliance and control frameworks Proficiency in IT governance and quality standards Knowledge of security management frameworks like ISO/IEC 27001, ITIL, COBIT, NIST standards Strong stakeholder management skills High integrity and professionalism in handling confidential matters Familiarity with risk More ❯

energy and the security of private equity backing. It's an inspiring time to join the team! Looking for a self-starting highly motivated and detail-orientated Information Security Governance, Risk, and Compliance (GRC) Analyst to support the design, implementation, and ongoing improvement of our information security governance and risk management framework. This role is essential in ensuring the organisation … internal compliance communications Job Requirements Previous progressive experience in information security risk management, risk management, or compliance Strong understanding of information security frameworks (e.g., ISO 27001, NIST) Experience with GRC tools/platforms Excellent organisational, communication, and documentation skills Ability to work independently and cross-functionally in a fast-paced environment Industry certifications such as CISA, CRISC, CISSP, CISMis preferred More ❯

services, and assets, ensuring compliance with industry standards (e.g., CIS, NIST, ISO 27001, SOC 1/2) and internal security policies across all platforms and environments. Lead the security governance mechanism for capturing and managing security baseline adherence to rectify any policy exceptions and dispensations (deviations or gaps) against the security policy standards and controls and align security risks. Oversee … Artificial Intelligence, post quantum computing and cyber risk quantification. Considerable experience in cybersecurity, with notable experience in a senior or managerial role focused on security policy, standards, controls testing, governance, and compliance. Mastery experience of how security controls are implemented, their effectiveness, and alignment with security policy, standards and NIST best practice guidelines. Strong ability to consult with control owners … information clearly and effectively. Presenting data insights to non-technical stakeholders Strong understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Experience with GRC tools and best practices. RSA Archer is preferred. Proficiency in security frameworks (e.g., NIST CSF, ISO 27001, SOC1,2). Expert knowledge of security assurance practices such as audit, risk More ❯

a SOC environment. - Familiarity with risk management frameworks?(e.g. ISO 27005, NIST RMF). - Excellent communication and reporting skills. - Relevant certifications (e.g. CISSP, CISM, CRISC, CEH). - Experience with GRC tools and risk registers. - Knowledge of regulatory requirements and data protection laws. This is a full time role on a temporary basis. If you are interested in the role please More ❯

in the process. We want you to find your spark. Because that’s what drives you to be better, be more and ultimately, be more fulfilled. Role- Regional Lead – Governance, Risk and Compliance & Business Resiliency Location- UK, Edinburg Job Type- Full Onsite (5 days a week) Full time Employment - Permanent KEY RESPONSIBILITIES & JOB DESCRIPTION: Responsible for Business development of HCL … Governance, Risk and Compliance services and Business Resiliency services in UK & Europe region. This job carries the booking targets and revenues to be achieved. • Responsible for P&L and Client relationship management • GRC opportunity farming in existing client accounts as well as working with regional sales for developing new accounts. • Responsible for client acquisition and CSAT for all GRC delivery … CIS, ISO27K • Executing advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA, Data Privacy, NHS, FFIEC etc. • Program and project manage GRC delivery engagements • Participate in strategic risk management and regulatory compliances transition and transformation engagements. • Develop knowledge base, re-usable components for GRC advisory services. • Responsible for development and enhancements of More ❯

security compliance and assurance programmes. Ensure alignment with ISO 27001, NIST, and other relevant security frameworks. Collaborate with the SOC to monitor, detect, and respond to cyber threats. Manage governance, risk, and compliance (GRC) activities, including risk assessments and mitigation strategies. Promote a security-first culture through internal training and mentoring. Communicate cyber risks, strategies, and progress effectively to stakeholders. … and external audits and regulatory inspections. Essential Skills & Experience: Proven experience in cyber security operations and incident management. Strong knowledge of ISO 27001, NIST, and related frameworks. Experience with GRC processes and tools. Familiarity with SOC operations and threat detection technologies. Excellent understanding of the cyber threat landscape and mitigation strategies. Demonstrated ability to train teams and promote security awareness. More ❯

and 3rd lines of defence on all matters relating to cyber security, information assurance, cyber risk, data privacy including regulatory and compliance considerations Lead the development and enhancement of governance, risk and compliance aligned to policy, standards an industry good practice Ensure that continuous assessment, identification, analysis and reporting of useful metrics to enable informed risk based decisions to be … that documentation relating to process and technical security controls are maintained What experience you'll bring: Minimum of 5 years' experience in a multi-tiered IT enterprise environment/Governance, Risk and Compliance role Minimum of 5 years' experience in a Governance, Risk and Compliance role A track record of delivering security solutions for large-scale infrastructure, transformation or integration More ❯

drive discussions with key stakeholders and suppliers to provide insights. Experience of third party assurance activities, either for supplier or customer assurance. Extensive knowledge of IT risk management within GRC function, preferably processes, concepts, terminology and control frameworks e.g. ISACA, COBIT, ITIL. Certified in CISA or relevant certifications with one of the following: CISM, CISSP, equivalent experience. Strong knowledge of More ❯