1 to 25 of 89 Remote GRC Jobs in the UK

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

implementation of data classification methodologies to ensure appropriate protection based on sensitivity and importance. The role will be based in Reading and will report directly to the Head of Governance, Risk and Compliance, working to deliver the company's goals for a fit-for-purpose critical asset and classification framework. This is a role that requires independence, a proactive approach … risk management practices. Desirable Technical Skills & Qualifications: Industry Certifications: Certifications such as CISSP, CISM, or CISA. Key Relationships & Interactions: CISO direct reports: Security Operations Manager, Security Architecture Manager, Security Governance Manager, Cyber Security Programme Manager, Cyber Resilience Manager CIO and CIO Direct Reports: Operational Technology, Enterprise Architects, PMO and Programme Delivery, Business Change and Engagement Key Business Stakeholders Service Owners More ❯

a SOC environment. - Familiarity with risk management frameworks?(e.g. ISO 27005, NIST RMF). - Excellent communication and reporting skills. - Relevant certifications (e.g. CISSP, CISM, CRISC, CEH). - Experience with GRC tools and risk registers. - Knowledge of regulatory requirements and data protection laws. This is a full time role on a temporary basis. If you are interested in the role please More ❯

We’re working with a leading organisation in the entertainment industry who are seeking an experienced Governance, Risk and Compliance (GRC) Manager to join their Group division. This is a fantastic opportunity for a proactive and strategic individual to shape and maintain a strong compliance culture across a dynamic and fast-growing business operating across the UK and Europe. Location … + 25 days holiday + bank holidays + Up to 5% bonus Full-time, Permanent In this newly-created role, you’ll lead the execution of the Group GRC programme, align risk and compliance efforts with wider business goals, and ensure robust governance across information security and operational practices. Key Responsibilities: Develop and implement a comprehensive GRC framework across the … and standards Ensure compliance with GDPR, CIS18, PCI DSS, and ISO27001 Lead on third-party audits and provide documentation and evidence Support cybersecurity programmes and incident response planning Provide GRC advisory to senior leadership and cross-functional teams Promote a culture of risk awareness through training and communication Monitor changes in regulation and adapt the GRC framework accordingly Ideal Candidate More ❯

Governance, Risk & Compliance (GRC) Lead Location: Fully Remote - UK Wide Department: Technology – IT Security and Service Management Contract Type: Permanent Salary: £55,000 - £65,000 About the Role We are seeking a highly experienced and motivated GRC Lead to join our Cyber Security team. This role is critical in shaping and delivering our information assurance strategy, ensuring that cyber security … such as DSPT , CAF , and DORA . You will also play a key role in stakeholder engagement, presenting confidently to senior leadership and translating complex technical requirements into actionable governance strategies. With a significant project pipeline launching in 2026, this is a unique opportunity to influence the future of cyber security governance in a regulated environment. Key Responsibilities Own and … leadership teams. Ensure timely and accurate submission of compliance documentation, including NHS audits and DSPT submissions. Skills & Experience Minimum 5 years’ experience in information security , with a focus on governance, risk, and compliance. Proven ability to lead teams and manage complex programmes in regulated environments. Strong understanding of cyber security frameworks and regulations (DSPT, ISO 27001, CAF, GDPR, DORA). More ❯

Governance, Risk & Compliance (GRC) Lead Location: Fully Remote - UK Wide Department: Technology - IT Security and Service Management Contract Type: Permanent Salary: £55,000 - £65,000 About the Role We are seeking a highly experienced and motivated GRC Lead to join our Cyber Security team. This role is critical in shaping and delivering our information assurance strategy, ensuring that cyber security … such as DSPT , CAF , and DORA . You will also play a key role in stakeholder engagement, presenting confidently to senior leadership and translating complex technical requirements into actionable governance strategies. With a significant project pipeline launching in 2026, this is a unique opportunity to influence the future of cyber security governance in a regulated environment. Key Responsibilities Own and … leadership teams. Ensure timely and accurate submission of compliance documentation, including NHS audits and DSPT submissions. Skills & Experience Minimum 5 years' experience in information security , with a focus on governance, risk, and compliance. Proven ability to lead teams and manage complex programmes in regulated environments. Strong understanding of cyber security frameworks and regulations (DSPT, ISO 27001, CAF, GDPR, DORA). More ❯

d love to hear from you. About You We'd love to hear from you if you can demonstrate expertise in at least one of the following areas : Security governance, risk and compliance (GRC), aligned with HMG cybersecurity and information assurance policies, standards, and guidance with experience in consultancy or supplier roles. Securing OT (Operational Technologies) with knowledge and understanding More ❯

Head of Cyber Governance, Risk and Compliance (GRC) Media Join to apply for the Head of Cyber Governance, Risk and Compliance (GRC) Media role at 3Dnet Head of Cyber Governance, Risk and Compliance (GRC) Media Join to apply for the Head of Cyber Governance, Risk and Compliance (GRC) Media role at 3Dnet Leading exciting International Media Giant, with a reputation … for innovation and excellence They urgently require a talented, dynamic, relationship building Head of Cyber Governance, Risk and Compliance (GRC) to play a pivotal role help them shape and move to the next stage of their evolution To be considered you will have demonstrable experience in:: Developing, implementing, and maintaining the organisation's cyber governance, risk management, and compliance strategies … GRC) and frameworks across enterprise scale organisations Ensure compliance with all relevant laws, regulations, and standards related to information and cyber security. Lead regular risk assessments and audits to identify potential security threats and vulnerabilities. Running and maintaining the IT Risk Management Framework. Daily liaison with the Legal, HR and Privacy teams. Running the Third Party and Vendor Cyber Risk More ❯

Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment with … wellness and employee assistance programmes, gymflex, buy and sell annual leave, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external More ❯

Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment with … wellness and employee assistance programmes, gymflex, buy and sell annual leave, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external More ❯

of the Information Security Graduate: Assist with incidents and requests that are assigned to Information Security within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO/IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally More ❯

of the Information Security Graduate: Assist with incidents and requests that are assigned to Information Security within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO/IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally More ❯

of the Information Security Graduate: Assist with incidents and requests that are assigned to Information Security within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO/IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally More ❯

Information Security Analyst - 6-Month FTC Governance, Risk and Compliance Location: London/Hybrid Contract Type: Fixed Term (6 months) Salary: Competitive A global professional services firm is seeking a proactive Information Security Analyst to support the delivery of robust security and privacy policies across its global operation. This role is ideal for someone with hands-on experience in information More ❯

deliver on engagements, managing multiple internal and external stakeholders. Projects will vary and may include internal audits, implementation or review of internal and financial control frameworks, enterprise risk management, governance risk and control (GRC), Sarbanes-Oxley (SoX) implementations or reviews, risk and control automation, and performance improvement. Support the execution and daily deliverables of a portfolio of client projects, ensuring More ❯

skills, both verbal and written, with the ability to initiate and lead conversations with senior stakeholders Ability to prioritise and manage a varying workload Experience - Desirable Experience with using GRC solutions as part of a risk management programme. Understanding of cyber security best practices including knowledge of the general cyber threat landscape and common security controls architecture. Due to the More ❯

critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport, or smart cities is highly More ❯

critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport, or smart cities is highly More ❯

critical infrastructure . Strong understanding of cyber-physical systems , OT environments , and connected infrastructure . Experience applying assurance frameworks and technical standards (e.g. NIST, ISO27001, CAF). Background in governance, risk, and compliance (GRC) functions. Excellent communication and stakeholder engagement skills. Agile, analytical, and solutions-focused mindset. Experience in sectors such as energy, water, transport, or smart cities is highly More ❯

in this role. ISO/IEC 27001 Lead Auditor or Lead Implementer certification. Familiarity with GDPR, NIS2, ISO/IEC 42001or other data protection and security regulations. Experience with GRC platforms or compliance automation tools. Cyber Essentials PLUS hands-on assessment or audit experience. Certifications such as CISSP, CISM, or CISA would be advantageous. The Location: Bristol (hybrid working) The More ❯

in this role. ISO/IEC 27001 Lead Auditor or Lead Implementer certification. Familiarity with GDPR, NIS2, ISO/IEC 42001or other data protection and security regulations. Experience with GRC platforms or compliance automation tools. Cyber Essentials PLUS hands-on assessment or audit experience. Certifications such as CISSP, CISM, or CISA would be advantageous. The Location: Bristol (hybrid working) The More ❯

CEH, GIAC Desirable to understand risk driven architecture such as Sherwood/SABSA/SANS Highly desirable to have exposure to DevSecOps functions. For clarification: This role is NOT GRC, neither is it a SOC role, rather it is more suited to a Security Engineer who has progress to a broader role engaging on multiple concurrent projects, influencing initial idealisation More ❯