1 to 25 of 834 GRC Jobs in the UK

at contributing to different phases of the Cyber security consulting lifecycle. You will be intensely involved in; being a highly skilled Cybersecurity practitioner in a primary skills associated to GRC, as well as secondary skill -Technical e.g. IDAM, Engineer, Network, IOT/OT security to join our team. The successful candidate will play a critical role in the Practice in … support to clients and their security roadmap, business G&OS and at times compliance requirements through Assessments, Design reviews and Upgrades. This role requires a deep understanding of GRC cybersecurity, with secondary skills in a Domain area of cyber security ISMS, whilst working with cross-functional teams to enhance the security posture of clients Cyber Security strategy at both an More ❯

Social network you want to login/join with: GRC - Cyber Assurance and Risk Lead, London col-narrow-left Client: NTT DATA Location: London, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Reference: ce9f3718c6c4 Job Views: 24 Posted: 17.06.2025 Expiry Date: 01.08.2025 col-wide Job Description: Job Description The team you'll be working … practice (including Secure by Design aligned to UK Government principles) and regulatory requirements (including GovAssure and NCSC Cyber Assurance Framework). What you'll be doing: Develop and execute GRC strategies that align with business objectives and inform appropriate supporting business processes Drive pragmatic and creative solutions to GRC challenges, applying agile methodologies to adapt to new regulations, compliance requirements … and business change Advise on and foster continuous improvement and effectiveness of GRC processes, driving improved management information to better allow appropriate prioritisation and risk based decisions Lead initiatives that build a culture of accountability and responsibility across engagements Enhance governance processes and advise on how best to evidence alignment with regulatory requirements (such as NCSC CAF) and industry good More ❯

Social network you want to login/join with: The GRC Consultant (Cyber Assurance/Security Operations Manager)is primarily responsible for ensuring the security controls (people, process, technology) are in place and operating as designed. The primary aim is the design, development, test and evaluation of information security throughout its lifecycle. This is to ensure the business purpose of … and 3rd lines of defence on all matters relating to cyber security, information assurance, cyber risk, data privacy including regulatory and compliance considerations Lead the development and enhancement of governance, risk and compliance aligned to policy, standards an industry good practice Ensure that continuous assessment, identification, analysis and reporting of useful metrics to enable informed risk based decisions to be … checks during the supplier onboarding and contract lifecycle to ensure coherent approach to risk management Coordinate audit, ITHC and risk assurance activities to evidence compliance with established regulatory and governance requirements including governance of any Remediation Action Plan (RAP) to ensure timely mitigation of identified risks/vulnerabilities Maintains strong working relationships with individuals and groups involved in managing information More ❯

Senior Information Security GRC Analyst Senior Information Security GRC Analyst Locations: London, United Kingdom; Manassas, United States Posted on: 4 Days Ago ABOUT US We're the world's leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value - across borders, through cities and overseas. No other organisation can address the scale … Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions. Are you passionate about security Governance, Risk and Compliance (GRC)? Do you thrive in a dynamic environment where your experience and your security expertise can shape the future of our organization? We are looking for a … GRC Specialist like you to join our growing Information Security Governance team. In this role, you will: Develop and implement robust GRC frameworks to ensure compliance with increasingly stringent industry regulations and standards. Lead the reporting and presentation of our GRC activities to internal and external stakeholders, ensuring transparency and accountability. Collaborate with cross-functional security teams to maintain and More ❯

a fast-scaling, high-impact organisation in the heart of London. This is a strategic, foundational hire —you will be responsible for designing and building out a brand-new Governance, Risk, and Compliance (GRC) function from the ground up. As the company continues to grow, the need for a comprehensive and mature cybersecurity posture has never been greater. You will … own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and internal governance controls. Security Strategy: Develop and … on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption, and deployment of security tools and technologies that support the company’s security strategy. Security Culture More ❯

a fast-scaling, high-impact organisation in the heart of London. This is a strategic, foundational hire —you will be responsible for designing and building out a brand-new Governance, Risk, and Compliance (GRC) function from the ground up. As the company continues to grow, the need for a comprehensive and mature cybersecurity posture has never been greater. You will … own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and internal governance controls. Security Strategy: Develop and … on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption, and deployment of security tools and technologies that support the company’s security strategy. Security Culture More ❯

a fast-scaling, high-impact organisation in the heart of London. This is a strategic, foundational hire —you will be responsible for designing and building out a brand-new Governance, Risk, and Compliance (GRC) function from the ground up. As the company continues to grow, the need for a comprehensive and mature cybersecurity posture has never been greater. You will … own the security vision and strategy while rolling up your sleeves to implement, scale, and continually improve our approach to GRC, risk management, threat mitigation, and compliance frameworks. Key Responsibilities Design and implement a scalable GRC framework tailored to the business, addressing risk management, compliance standards (ISO 27001, NIST, SOC 2, etc.), and internal governance controls. Security Strategy: Develop and … on cybersecurity at the board and executive level. Communicate risk posture, security investments, and incident updates clearly and confidently. Team Building: Build and lead a high-performing security and GRC team. Provide leadership, mentoring, and continuous development. Security Architecture & Technology: Guide the evaluation, adoption, and deployment of security tools and technologies that support the company’s security strategy. Security Culture More ❯

activities Remediation workstreams and roadmaps Policy & process implementation Information Security Maturity Audits/CMMI Certification or alignment with recognised industry standards Compliance with applicable regulations & legislation Building and implementing governance & risk management processes Design implementation and testing of security tooling BC/DR & Incident response capability building and testing Production of threat intelligence reports and research Supply Chain Risk Management … as Health and Safety procedures as outlined by the Companies Health and Safety Policy. Essential Skills/Attributes: 3+ years in a client-facing information/cyber security/GRC role or 5+ years in a directly related field/role (such as cyber/intelligence/security in UK Armed Forces, Law Enforcement, UK Intelligence Community, UK Government Departments … Degree in Cyber Security, Computer Science, or related subject; or genuine equivalent experience working in cyber-security, GRC, security audit etc Professional certifications (currently held) including but not limited to CISSP, CCSP, CISM, CRISC, CISA Qualifications/experience in auditing against/implementing multiple security standards and frameworks, such as ISO 27001/2, NIST CSF, ISF CMMI, CIS, UK More ❯

following fields of expertise: 7+ years' varied experience in information security, data protection, and security architecture roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, UK CNI/OT/IIOT compliance. Hands-on experience building credibility with More ❯

your skills, knowledge, and experience throughout your career, then that is what you will get, and more. TheSr. Associate, Information Security position will be an integral member of the Governance, Risk & Compliance team. This rolewill be responsible for organizing and managing evidence for external audits. Work in Chief Information Security Officer (CISO) office under Director, Information Security Governance, Risk and … timelines, and manage complex, cross discipline projects. global view of their business and think in terms of immediate problem solving but also automating, expanding, and scaling solutions broadly. Responsibilities: Governance: Participate in development of IT & Security policies, standards, and controls. Develop and implement procedures and processes in area of ownership. Participate in annual control attestation. Measure and report on security … security questionnaires and managing client audits. Experience in managing third-party audits and internal audit processes. Familiarity with compliance frameworks such as NIST, ISO 27001, and others. Experience using GRC tools and technologies in support of the assessment/audit process (OneTrust, Security Scorecard, Bitsight, etc.). Demonstrated advanced verbal and written communication skills. Excellent project management and organizational skills More ❯

The team you'll be working with: Security Consultant (GRC) NTT DATA is one of the world's largest global security service providers, partnering with some of the most recognized security technology brands. We're looking for passionate, curious, and motivated individuals to join our team. What you'll be doing: Using your background in Governance, Risk & Compliance, you will … help our clients: Governance: directs, oversees, designs, implements or operates within the set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage cyber and information security at an enterprise level. Supporting an organisation's immediate and future regulatory, legal, risk, environmental and operational requirements and ensuring compliance with those requirements. Policy and Procedure Management: directs, develops or … internal teams, external partners, and regulatory authorities. Providing remediation guidance and prepare management reports to track remediation activities. Continuous Improvement: Identify opportunities for process enhancements, driving initiatives to bolster governance framework and security posture. Assess and test the effectiveness of security controls, and document the compliance levels to identify risks and control gaps. What experience you'll bring: What experience More ❯

Join to apply for the Senior Cyber Security Consultant (GRC) role at FSP 1 week ago Be among the first 25 applicants Join to apply for the Senior Cyber Security Consultant (GRC) role at FSP We have an exciting opportunity for a Senior Security Consultant to join our growing Governance, Risk and Compliance (GRC) team. In this role, you will … apply your expertise in information security to provide strategic guidance to clients on GRC activities, as well as on achieving their cyber and information security objectives. You will take the lead in managing technical consulting engagements and contribute to the successful delivery of complex security programs. Responsibilities Apply a strong knowledge of the cyber threats, hazards, risks, controls, and mitigations … on the appropriate selection of suppliers and implementation of procured services. Be proficient in the use of Microsoft Purview for data labelling, data loss prevention, data lifecycle management, data governance, compliance management, and risk mitigation, with the ability to implement information protection strategies. Create reports on risk and compliance for Senior stakeholders, including risk mitigation strategies and improvement plans. Contribute More ❯

NIST, ISO 27001, CIS20) and regulatory requirements relevant to the financial sector Broad technical knowledge spanning desktops, mobile devices, networking, operating systems, and cloud services. Proficiency with risk analytics, GRC tools, and security assessment methodologies. Exceptional analytical, communication, and report-writing skills, with the ability to translate complex technical issues into clear, actionable recommendations for both technical and non-technical More ❯

support new, digitally enabled business models. Supporting organisations in developing actionable transformation programmes for the organisations, and navigating cyber transformation to support new, digitally enabled business models. Designing effective governance roles and operational frameworks to assess and define prioritised, risk-based roadmaps to increase cyber maturity, prepare for and support regulatory compliance, and allow cyber to play a key role … M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security (or equivalent) or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Consulting Skills: Experience building relationships with clients and developing an internal network of subject matter experts. Experience of business development, responding to More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

both internally and externally as a trusted SME Security incident management and response, security changes, problem and risk management, security risk and threat assessments Delivery of security awareness training Governance/oversight of any other security services within scope (including but not limited to: SOC services, vulnerability and patch management, threat intelligence, digital forensics, GRC) Security reporting (including elements of More ❯

following fields of expertise: 7+ years' varied experience in information security, data protection, and security architecture roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, UK CNI/OT/IIOT compliance. Hands-on experience building credibility with More ❯

either our London or Tampa office. Position Summary: The Information Security Risk Manager will play a critical role in, and will be responsible for, driving risk strategy, overseeing risk governance, managing senior-level reporting, and leading key information security risk initiatives across the Alvarez and Marsal This role will be focused on the managing and maintaining the Global Security Office … Information Security Risk Register, its supporting processes, governance and reporting requirements. The successful candidate requires a strong understanding of ISO 27001 security controls, exposure to the GRC Tool and can effectively assess and communicate technical security requirements to teams across the firm. Key Responsibilities: Risk Management Leadership and Oversight: Working to A&M Policy and industry standards and lead the … security frameworks. Provide oversight and work closely with risk owners manage the development, implement treatment plans to address identified risks, ensuring alignment with senior leadership expectations and business objectives. GRC Tool Management: Own, manage and continuously develop A&M GRC platform to provide a structured, scalable risk register and reporting capabilities to support A&M wide requirements, and support ISO More ❯

verbal communication abilities, with a focus on clear reporting and stakeholder engagement. Possession of industry-recognised certifications such as CISSP, CISM, CRISC, or CEH would be preferred. Familiarity with Governance, Risk, and Compliance (GRC) platforms and maintaining structured risk registers. Understanding of applicable regulations and data protection legislation, including GDPR and other industry-specific mandates. What you'll get in More ❯

verbal communication abilities, with a focus on clear reporting and stakeholder engagement. Possession of industry-recognised certifications such as CISSP, CISM, CRISC, or CEH would be preferred. Familiarity with Governance, Risk, and Compliance (GRC) platforms and maintaining structured risk registers. Understanding of applicable regulations and data protection legislation, including GDPR and other industry-specific mandates. What you'll get in More ❯

CISM and/or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer/Auditor certification is essential. Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO 27001 compliant management system. Extensive experience of information security management and/or security awareness. In-depth expert More ❯

compliance and assurance programs.* Ensure alignment with ISO 27001, NIST, and other relevant security frameworks.* Collaborate with the Security Operations team to monitor, detect, and respond to threats.* Manage governance, risk, and compliance (GRC) activities, including risk assessments and mitigation strategies.* Train and mentor internal teams on security awareness and best practices.* Engage with stakeholders across the business to communicate … audits and regulatory inspections as required.Essential Skills & Experience:* Proven experience in incident management and cyber security operations.* Strong knowledge of ISO 27001, NIST, and other security frameworks.* Experience with governance, risk, and compliance (GRC) processes.* Familiarity with Security Operations Centres (SOC) and threat detection tools.* Excellent understanding of the cyber threat landscape and mitigation strategies.* Demonstrated ability to train teams … confidence and we would always speak to you before discussing your CV with any potential employer.Keywords:Cyber Security Manager, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GRC, Security Operations, SOC, Risk Management, Threat Landscape, Defence, Stakeholder Engagement, Security Frameworks, SC Clearance, British National, Cyber Compliance, Security Governance, Security Training, Wiltshire, Cyber Risk, Cyber Strategy, Adecco More ❯