101 to 125 of 190 GRC Jobs in the UK

Location : Remote/London Duration : 9 Months Rate : £550p/d Outside IR35 Overview : We are currently seeking an experienced and skilled GRC Consultant to support a leading business. The successful candidate will be responsible for designing and implementing control frameworks, as well as ensuring compliance with ISO and NIST … Support in the continuous improvement of risk and compliance processes. Provide training and awareness sessions to staff as needed. Requirements : Proven experience as a GRC Consultant or in a similar risk and compliance role. Strong knowledge of ISO, NIST, and other relevant frameworks and standards. Experience in designing and implementing More ❯

proactive Information Security Risk Analyst to join our dynamic Information Security Team. In this role, you will play a crucial part in strengthening our governance, risk, and compliance initiatives related to information security. Your efforts will help ensure our organisation meets regulatory standards, effectively manages security risks, and maintains a … of what you will be doing as a Risk Analyst at Nottingham Building Society: - Framework Development: Develop and maintain the organisation’s information security governance, risk, and compliance framework. Risk Assessments: Conduct risk assessments to identify vulnerabilities, focusing on protecting customer data and financial systems. Regulatory Compliance: Ensure compliance with … institutions and building societies. Security Controls and Risk Management: Strong understanding of security controls, risk management practices, and compliance requirements in the financial sector. GRC Software Experience: Experience with platforms like Archer, ServiceNow, LogicGate, and OneTrust is a plus. Analytical Skills: Excellent ability to assess security risks and suggest actionable More ❯

and customer-centric Compliance Customer Success Manager (CSM) to serve as a primary resource for our customers navigating the complexities of cybersecurity and AI governance frameworks. This role is pivotal in ensuring our customers receive accurate, clear, and timely answers to their questions regarding NIST (CSF, 800-53, etc.), SOC2 … Understanding: Understand the customer's business context and how their compliance questions relate to their use of our products/services or their broader GRC strategy Information Dissemination: Clearly articulate complex compliance concepts to both technical and non-technical customer stakeholders Relationship Building: Build trust and rapport with customers through … overall customer retention and satisfaction by providing exceptional compliance-focused support What you'll need Proven experience (typically 3-5+ years) in a GRC, cybersecurity consulting, internal audit, compliance management, or technical support role with a strong focus on specific frameworks Deep, demonstrable understanding and practical knowledge of NIST More ❯

InfoSec Engineering Team within the Security Department to Define Requirements of the Tools & Onboard New Functionality. You will also work with colleagues in the Governance & Compliance Functions to ensure appropriate usage of Data. As a Senior SOC Analyst you will use Leading, Enterprise-Led Tools & take Responsibility for Tuning & Maintaining … Lead SOC Analyst/Principle SOC Analyst/Senior SOC Analyst/Information Security Analyst/Information Security Engineer/Security Operations Analyst/GRC Analyst/SOC Engineer At SECURE, we value Attitude & Aptitude over Certifications. If you possess the drive and relevant experience to deliver tangible results aligned More ❯

GRC vCISO Senior Consultant - UK Remote - Up to £110,000 + Good Benefits Are you a confident, capable V-Ciso/GRC consultant ready to influence strategic security change? Looking for your next senior step in a supportive, agile consulting team? This could be the role for you. We're … hiring a GRC/vCISO Consultant to join a fast-growing, high-calibre UK-based security consultancy. This is a remote-first role , open to experienced professionals based in the UK. You'll work closely with SME and retail-sector clients, acting as a trusted advisor across longer-term engagements … shaping security strategy, influencing stakeholders, and driving real change. The Role: Lead and deliver complex GRC engagements, operating at both a strategic and tactical level Build trust with clients, challenge assumptions diplomatically, and influence senior stakeholders Provide guidance across security frameworks and standards such as ISO27001, NIST CSF, PCI-DSS More ❯

The Senior Risk Analytics Manager will be responsible for the development and delivery of the Enterprise Risk Management Framework (ERMF)/Governance, Risk & Compliance (GRC) tools roadmap to enhance capability and implement advanced analytics initiatives, whilst overseeing the production of high-quality risk reporting to senior committees. Key Accountabilities Oversee … development and execution of an ERMF/GRC tools roadmap, ensuring continuous maturity of the GRC program, including development of advanced analytics initiatives. Ensure seamless integration of analytics tools with existing ERMF/GRC platforms, maximising data utilization and reporting capabilities. Utilise analytical skills to collect, analyse, and interpret large … identification of critical insights, trends, and potential disruptions/exposures. Stay abreast of industry trends, best practices, and requirements regarding use of IRM/GRC tools and data (including AI) to enhance risk and resilience capabilities. Optimize GRC software platforms to streamline control mapping, risk assessment, and reporting functionalities, enhancing More ❯

of risks, ensuring emerging risks are flagged. Ensure compliance with regulatory requirements. Monitor industry trends and best practices. Collaborate with the Head of Security GRC and teams to manage incidents and propose corrective actions. Provide risk management training and develop a risk-aware culture. Support the development of security risk … business experience, along with active CRISC or 27005 Risk Manager certification. You should have a minimum of 5 years or demonstrated experience in a governance, risk, or compliance role within an information security context. Strong analytical and problem-solving abilities, excellent written and verbal communication skills, and proficiency in risk More ❯

Work collaboratively with business owners within the various business entities to correctly identify strengths, weaknesses, vulnerabilities, and opportunities for improvement. Formulate clear recommendations, drive governance strategies, and influence business stakeholders and technology stakeholders at all levels. Drive continuous improvement in the adoption and exploitation of good information security practice across … the business. Drive security innovation that enables new retail capabilities while working with IT GRC for maintaining appropriate risk controls. Facilitate communication between enterprise security teams and retail business units. Delivery of security services Triage, review and manage new project and security requests to provide a quality, repeatable security assessment. More ❯

cybersecurity frameworks such as CIS18 and ISO27001. You'll design and implement security controls, policies and procedures to meet compliance requirements. Manage our data governance program: You'll manage and mature our data governance program to ensure compliance with GDPR data security and privacy requirements. You will partner with stakeholders … approach to enable the business to effectively prioritise initiatives based on risk exposure. About You (Who you are) As a key member of our GRC team, you will have: At least 3 years of experience in technology risk management, cybersecurity or privacy. Experience identifying, assessing and reporting on cybersecurity risks … managing and maturing two or more of the following risk and compliance domains: Customer trust Third party risk management Security awareness Data management and governance Risk reporting Excellent written and verbal communication skills, particularly in communicating technology risks to technical and non-technical audiences. The ability to build and maintain More ❯

ServiceNow Engineer - GRC Inside IR35 - Onsite We are looking for an experienced Senior ServiceNow Engineer to join our clients ServiceNow Team. This role reports to the ServiceNow Platform Manager and will act as a Subject Matter Expert (SME) for the ServiceNow product suite, with a particular focus on Governance, Risk … and Compliance (GRC) modules- IRM, BCM, and TPRM. This is a pivotal position responsible not only for the technical management and development of the platform, but also for ensuring the operational excellence, governance, and quality of service delivery across the organization. Key Responsibilities: Serve as the SME for the full … ServiceNow product set, responsible for its development, operational delivery, and alignment with governance and policy standards. Lead the day-to-day technical management of the ServiceNow platform with specific expertise in GRC (IRM, BCM, TPRM). Translate business requirements into scalable, best-practice ServiceNow technical solutions, with a focus on More ❯

Assistant Manager, Enterprise Risk & Policy Governance Are you passionate about the chance to bring your experience to a world- class company that is market-leading for both content and technology? If yes, we are looking for you! Join our team! In this exciting opportunity as Assistant Manager, Enterprise Risk & Policy … Governance, you will play a pivotal role in maintaining and enhancing TR's global enterprise risk management framework, policies and practices, and policy governance program. As a key member of our Risk & Compliance team, you will have the responsibility to drive risk culture and ensure effective risk management practices are … embedded across the organization. About the Role In this opportunity as an Assistant Manager, Enterprise Risk & Policy & Governance , you will: Contribute to the development, implementation, and continuous improvement of all components of TR's Enterprise Risk Management (ERM) Framework, including risk governance, risk management methodologies, risk reporting and risk culture. More ❯

Senior ServiceNow Engineer - GRC/IRM/BCM/TPRM Location: London (Fully Onsite) 6 Month Contract (+ Renewals or Temp to Perm) £681.03pd ( Inside IR35) Are you an expert in ServiceNow with a strong track record of implementing and supporting GRC modules, including Integrated Risk Management (IRM), Business Continuity … risk and compliance capabilities across a global financial services environment. As a Senior ServiceNow Engineer, you will be a subject matter expert for the GRC modules within the ServiceNow platform, focusing on the development, operational delivery, and continuous improvement of GRC modules. Reporting to the ServiceNow Platform Manager, you will … collaborate closely with other senior engineers to extend and optimise the use of IRM, ensuring robust governance, automation, and integration aligned with industry best practices. Key Responsibilities Lead the technical management and development of the ServiceNow suite, with a primary focus on GRC, IRM, BCM, and TPRM modules. Translate business More ❯

Security Office (CSO). You will work closely with senior stakeholders and cross-functional product teams to embed and enhance GSK's cloud security governance and capabilities, accelerating delivery of our business objectives, cloud migration and digital transformation initiative. You will need to be comfortable working in a fast-paced … agile environment and have experience working with multiple security and governance groups, central IT, developer and system integrator teams, based across multiple geographies and in different organisations. This role offers the opportunity to use a wide range of skills to deliver an enterprise cloud security program supporting modern architecture patterns … expertise with a collaborative approach to ensure optimal stakeholder alignment with our cloud security strategy. Key Responsibilities: - Build and maintain cloud and container security governance frameworks for multi-cloud environment including Microsoft Azure, GCP and Kubernetes. - Define and align cloud and container security standards, frameworks and policies with overall business More ❯

the public, ensuring the sustainable use of nuclear technology for years to come. The group CISO team is made up of three areas, namely: Governance, Risk and Compliance Operational Technology (OT) Cyber and Cyber Assurance Threat Defence This role is a candidate to join the Cyber Assurance Team, reporting to … policies to identify design gaps, and recommend improvements to security controls. Focus on application security for both on-premises and cloud environments. Work with GRC teams, security architects, and wider business teams to produce risk assessments, discuss and agree appropriate mitigations and controls, and document the outcomes into a formal More ❯

Senior Analyst, Technology and Cyber Security GRC Apply locations London, United Kingdom time type Full time posted on Posted Yesterday job requisition id R Key responsibilities Support the first line Technology & Cyber Issue, Audit and Regulatory compliance function and ensure all compliance matters are quality driven and centrally supported with … standard methodology. Support the governance of technology & cyber related Self-Identified Issues as well as Internal Audit and External audit actions undertaken. Perform quality reviews of all Technology and Cyber Security related Audit Observations and Self-Identified Issues to ensure accuracy and appropriate severity and ownership assignment. Oversee the implementation … re-use and with reporting. Maintain a centralised repository of Customer RFI responses for re-use and with reporting. Support the work of wider GRC teams where required and in areas of interest and expertise. Work with partners to ensure conformance with Regulatory, Company and Industry standards. Supporting the production More ❯

to design solutions, maintain and report on the residual risks within technology and application estate and third-party supply chains; Maintain and evolve technology governance framework and controls reference library, by using industry standards and collaborating with other Technology Services teams as well as stakeholders including Information Security, Data Governance … management, version control, quality assurance monitoring and reporting, as well as coordinating multiple teams to create and improve controls and develop standard patterns; Risk governance and compliance: Ensure accurate record keeping of all governance decisions, and create and maintain procedures to oversee and track policy and strategy exceptions and risk … certifications and the resolution of any audit findings. Reporting & documentation: Prepare and present regular reports on technology risk Maintain accurate documentation for Technology Services Governance procedures, project updates and client interactions for audit readiness and knowledge transfer; Research, experiment and develop new technology risk visualisations to enhance communication and quick More ❯

to design solutions, maintain and report on the residual risks within technology and application estate and third-party supply chains; Maintain and evolve technology governance framework and controls reference library, by using industry standards and collaborating with other Technology Services teams as well as stakeholders including Information Security, Data Governance … management, version control, quality assurance monitoring and reporting, as well as coordinating multiple teams to create and improve controls and develop standard patterns; Risk governance and compliance: Ensure accurate record keeping of all governance decisions, and create and maintain procedures to oversee and track policy and strategy exceptions and risk … certifications and the resolution of any audit findings. Reporting & documentation: Prepare and present regular reports on technology risk Maintain accurate documentation for Technology Services Governance procedures, project updates and client interactions for audit readiness and knowledge transfer; Research, experiment and develop new technology risk visualisations to enhance communication and quick More ❯

regulated industries to securely adopt cloud services while meeting national cybersecurity requirements and regulations. This key position requires specialized experience in cybersecurity governance, risk management, and compliance frameworks, with particular emphasis on enabling regulated customers to meet their security and compliance requirements in the cloud. The position will have high More ❯

Collaborating with various departments to deliver data-driven insights and support performance improvements Conducting profitability and pricing analysis as required Supporting effective governance, risk management, and compliance through accurate reporting Contributing to continuous improvements in data processes and analysis techniques What You'll Bring Minimum 2 years' experience in data More ❯

global frameworks. Act as a trusted advisor for IT & Ops stakeholders-identifying risks and building mitigation plans. Contribute to risk education, awareness campaigns, and governance training. Support leadership with impactful insights and data-driven reporting. Key Skills Needed Strong experience in IT & Operations Governance, Risk or Compliance. Substantial knowledge of More ❯

and detail-oriented Information Security professional with a passion for protecting business-critical systems and influencing secure technology practices? Do you thrive in a governance-focused role, advising on risk, compliance, and cyber best practices across a modern IT landscape? Our Global Technology Services (GTS) Risk & Security team is looking … passion for continuous learning and improvement Knowledge or experience of working within an Information Security, Risk or Compliance function Familiarity with cyber security principles, governance frameworks, and risk management practices Understanding of cloud environments, particularly Microsoft Azure, and their associated security considerations A relevant degree (e.g. Computer Science or similar More ❯

and detail-oriented Information Security professional with a passion for protecting business-critical systems and influencing secure technology practices? Do you thrive in a governance-focused role, advising on risk, compliance, and cyber best practices across a modern IT landscape? Our Global Technology Services (GTS) Risk & Security team is looking … passion for continuous learning and improvement Knowledge or experience of working within an Information Security, Risk or Compliance function Familiarity with cyber security principles, governance frameworks, and risk management practices Understanding of cloud environments, particularly Microsoft Azure, and their associated security considerations A relevant degree (e.g. Computer Science or similar More ❯

A leading insurance firm is looking to hire a contract Product Owner to support the implementation of a globally aligned enterprise governance, risk and compliance tool. KEY REQUIREMENTS: Have extensive experience in acting as a Product owner/delivery lead within a team focusing on Technology SAAS related projects/… programs of work. Have extensive experience in acting as a Product Owner with a focus on Regulatory and Risk Management initiatives. Experience with data governance, integrity, lineage & management. Considerable relevant industry or functional experience in Insurance, including in Specialty, Commercial. Experience shaping global operating models/frameworks and ensuring their … Analysts. Good analytical and problem-solving skills. Extensive experience of management of third-party suppliers and development teams. Experience with EGRC and associated processes, governance etc. Exposure to IBM OpenPages is desirable. More ❯

high quality cloud security services for our SaaS banking clients, collaborating with colleagues across Cloud Operations, SaaS Engineering, Cloud Architecture, Product, Services, Sales, Legal, Governance, Risk, and Compliance, Information Security and our Cyber Defense Centre. You will be responsible for increasing the maturity of both the regional and global cloud … overall leadership and development of the Global Cloud Security Strategy and Roadmap, working towards global consistency aligned to our global security standards including tooling, governance, policies and processes. You will represent the security organisation at the Cloud Boards, updating senior stakeholders/executives on strategy, workstreams, projects and client updates. More ❯

will achieve your mission as our Security Engineer by: Working with the Head of Engineering to develop the security strategy and ensure appropriate security governance is in place Operating and improving/implementing security infrastructure including SIEM, WAFs, Firewalls and EDR/AV Working with engineering teams to ensure best … appropriate IAM structures are in place, and review, triage and remediate (or coordinate remediation of) cloud infrastructure threats and findings Work closely with on Governance, Risk and Compliance to maintain certifications (e.g. ISO 27001), and identify opportunities for automation - improving efficiency and coverage. You may be right for this role More ❯