101 to 125 of 253 GRC Jobs in the UK

broader enterprise technology goals. Cyber Security and IdAM Partner with Cyber Security stakeholders to design and implement secure authentication mechanisms (e.g., MFA, SSO). Drive the rollout of identity governance solutions and ensure integration with enterprise-wide access management systems. Ensure all programs comply with security best practices, regulatory requirements (e.g., GDPR), and internal security policies. Oversee change management and … CISM, AWS Security Specialty, or Certified Identity and Access Manager (CIAM). Agile (Scrum Master, SAFe) and cloud (AWS Cloud Practitioner) certifications. Experience in security assessments, threat modeling, or governance/risk/compliance (GRC) tooling. Pension company contribution = 3% Incentive scheme up to 10% of annual salary , based on company performance. Your wellbeing is paramount so you can get More ❯

Appropriate applicants will have: A strong sales track record against quotas, with a new business sales edge. Experience selling investment technology solutions. Although regtech/regulatory/compliance/GRC technology sales experience would of course be interesting to our client, it's by no means a pre-requisite as buy side technology sales track record and personal attributes are More ❯

operations. You've built or significantly scaled a compliance function and know what "good" looks like across tools, processes, and reporting Comfort with tooling-whether that's configuring a GRC system, querying a database, or collaborating on automated workflows Exceptional communication skills-you can explain complex regulatory topics clearly and influence stakeholders across functions A bias for action: you take More ❯

Experience leveraging partner ecosystems for co-selling (Channels/SIs) An innate ability to challenge the status quo and evangelize new approaches Bonus Skills: Familiarity with cybersecurity, cyber risk, GRC, or compliance platforms Background in early-stage or high-growth SaaS companies If you're passionate about cyber risk, thrive in a fast-paced environment, and want to be part More ❯

Once For All is a high-growth, cloud-based, SaaS subscription business. Our technology helps our customers to manage their supply chain governance, risk management and compliance. We work across public and private sector and have over 250k customers across the UK across 20 different sectors including construction, transport, retail, hospitality education, facility and property management, manufacturing, local and central More ❯

to reduce manual intervention and operational burden. Champion observability best practices (metrics, traces, logs) and error budget tracking. Promote DevOps culture and continuous feedback loops between engineering and operations. Governance, Risk & Compliance: Ensure operational processes comply with security, privacy, and regulatory requirements (e.g., SOC 2, ISO 27001). Manage operational risks, service continuity plans, and audit readiness. If you feel More ❯

and logging infrastructure, ensuring effective SIEM (Security Information and Event Management) operations. Support security audits for PCI, SOC2, ISO, and other compliance frameworks, gathering evidence and collaborating with Engineering, GRC and the broader Security Division. Proactively enhance security operations by developing and deploying new detections, security tooling and rigorously managing key security partners. Work on security investigations, incidents, and urgent More ❯

Are you looking for an exciting new opportunity? Join a trusted security and compliance partner offering comprehensive services including GRC consulting, CREST-accredited penetration testing, and an industry-leading vulnerability management service. As the number one Global Service Partner of Vanta, the company has a proven track record of helping hundreds of businesses from tech startups to global industry leaders More ❯

Innovation Team Type: Full time, Permanent Once For All is a high-growth, cloud-based SaaS company. Our platform helps 250k+ customers across the UK & Europe manage supply-chain governance, risk and compliance. We are embarking on a transformation - by placing intelligent, automated decision-making at the heart of our systems & processes. Role Summary We're looking for a Senior More ❯

and conversion. What We're Looking For: 3+ years of experience in business development/sales with experience selling cyber security services (e.g., SOC/Managed D&R, Pentesting, GRC consulting, security training etc.) Proven strong business development and lead generation skills. A confident communicator who enjoys building and maintaining relationships. Excellent English communication skills (both written and spoken). More ❯

and conversion. What We're Looking For: 3+ years of experience in business development/sales with experience selling cyber security services (e.g., SOC/Managed D&R, Pentesting, GRC consulting, security training etc.) Proven strong business development and lead generation skills. A confident communicator who enjoys building and maintaining relationships. Excellent English communication skills (both written and spoken). More ❯

and conversion. What We're Looking For: 3+ years of experience in business development/sales with experience selling cyber security services (e.g., SOC/Managed D&R, Pentesting, GRC consulting, security training etc.) Proven strong business development and lead generation skills. A confident communicator who enjoys building and maintaining relationships. Excellent English communication skills (both written and spoken). More ❯

and conversion. What We're Looking For: 3+ years of experience in business development/sales with experience selling cyber security services (e.g., SOC/Managed D&R, Pentesting, GRC consulting, security training etc.) Proven strong business development and lead generation skills. A confident communicator who enjoys building and maintaining relationships. Excellent English communication skills (both written and spoken). More ❯

and conversion. What We're Looking For: 3+ years of experience in business development/sales with experience selling cyber security services (e.g., SOC/Managed D&R, Pentesting, GRC consulting, security training etc.) Proven strong business development and lead generation skills. A confident communicator who enjoys building and maintaining relationships. Excellent English communication skills (both written and spoken). More ❯

for Senior Cyber Security Risk Analyst to join their dynamic team. This role is an exciting opportunity to be a part of really helping to define and shape what governance and risk assurance looks like for the organisation. This will include areas such as building out and developing their education and awareness programme as well as taking ownership over third … years in roles covering risk management, architecture, engineering, or vulnerability management. Relevant certifications and tools knowledge, such as CRISC, CISSP, CGEIT, and experience with platforms like UpGuard, AuditBoard, SAP GRC, and ServiceNow. For more details, please reach out to Mary Pearson on - . Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and More ❯

of our Insurance clients on a 12-month contract. Inside IR35 Hybrid Responsibilities: Analyze large datasets to identify trends, anomalies, and emerging risks across technology and cyber domains. Support governance and risk forums with timely and accurate reporting on key risk indicators (KRIs), control effectiveness, and remediation progress. Develop and maintain dashboards and reports to visualize technology and cyber risk … general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using Power BI, Tableau, or similar tools). Familiarity with GRC platforms and risk data management practices. Experience in a risk management, IT audit, or cyber security role within a financial services or regulated environment. Experience: Educated to degree level or More ❯

implementation of data classification methodologies to ensure appropriate protection based on sensitivity and importance. The role will be based in Reading and will report directly to the Head of Governance, Risk and Compliance, working to deliver the company's goals for a fit-for-purpose critical asset and classification framework. This is a role that requires independence, a proactive approach … risk management practices. Desirable Technical Skills & Qualifications: Industry Certifications: Certifications such as CISSP, CISM, or CISA. Key Relationships & Interactions: CISO direct reports: Security Operations Manager, Security Architecture Manager, Security Governance Manager, Cyber Security Programme Manager, Cyber Resilience Manager CIO and CIO Direct Reports: Operational Technology, Enterprise Architects, PMO and Programme Delivery, Business Change and Engagement Key Business Stakeholders Service Owners More ❯

effective Risk and Control Management, this role will play a crucial part in supporting the development and implementation of robust risk management practices. The organisation does not yet have Governance, Risk, and Compliance (GRC) tooling in place, so the analyst will need to work closely with various departments to ensure that technology controls are effectively designed and implemented to safeguard More ❯

About this role WRITER is seeking a GRC Specialist to shape and lead our governance, risk, and compliance strategy for the AI era. As we pioneer AI/AGI technologies, we face a fast-changing regulatory landscape alongside established compliance frameworks. This role calls for a compliance leader who can balance rigorous adherence to standards with the flexibility to support … way that accelerates-rather than hinders-our growth. You'll own the end-to-end compliance strategy for WRITER, covering everything from SOC2, ISO, and GDPR to emerging AI governance requirements, while partnering with technical and legal teams to ensure controls are implemented effectively. If you can translate complex regulatory obligations into practical, business-aligned programs, you'll have a … Collaboration What You Own (Responsible) Overall compliance program strategy and management AI regulatory compliance research and implementation Enterprise risk management framework Third-party risk management program Data privacy and governance programs Audit coordination and management What You Don't Own (Others Lead) Technical implementation of security controls (other security teams own) Operational security monitoring (Detection & Response owns) Identity and access More ❯

. Cyber Improvement Programme. Chief Information Security Office Function (CISO) The CISO Function consists of four teams, these are CISO Portfolio Office, Secure (by Design), Security Assurance, and Security Governance, Risk & Compliance (GRC). The post of Cyber Security Lead - Security Assurance has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition … by working with control owners and delivery teams to ensure findings are addressed and closed effectively. Providing assurance ratings based on the maturity and implementation of controls, feeding into governance, risk, and compliance (GRC) reporting. Supporting decision-making by presenting findings in a structured, prioritised manner aligned to business risk and impact. Ensuring compliance with regulatory and organisational standards, including More ❯

The GRC Analyst will play a pivotal role in ensuring effective governance, risk, and compliance practices within the organisation's technology department. This position requires a keen eye for detail and the ability to support risk management processes in a not-for-profit environment. Client Details An UK leading housing group with a significant focus on technology-driven initiatives. It … is committed to delivering impactful services and maintaining high standards of governance and compliance across its operations. Description Support the development and implementation of governance, risk, and compliance frameworks within the technology department. Monitor and assess risks, ensuring they are effectively identified, documented, and mitigated where necessary. Conduct regular audits and reviews to ensure compliance with organisational and regulatory standards. … stakeholders. Stay updated on relevant industry regulations and standards, ensuring the organisation remains compliant. Support the resolution of compliance-related incidents and recommend improvements to processes. Profile A successful GRC Analyst should have: Experience in governance, risk, and compliance within a technology-focused environment. Strong analytical and problem-solving skills with a detail-oriented mindset. Knowledge of relevant industry regulations More ❯

The GRC Analyst will play a pivotal role in ensuring effective governance, risk, and compliance practices within the organisation's technology department. This position requires a keen eye for detail and the ability to support risk management processes in a not-for-profit environment. Client Details An UK leading housing group with a significant focus on technology-driven initiatives. It … is committed to delivering impactful services and maintaining high standards of governance and compliance across its operations. Description Support the development and implementation of governance, risk, and compliance frameworks within the technology department. Monitor and assess risks, ensuring they are effectively identified, documented, and mitigated where necessary. Conduct regular audits and reviews to ensure compliance with organisational and regulatory standards. … stakeholders. Stay updated on relevant industry regulations and standards, ensuring the organisation remains compliant. Support the resolution of compliance-related incidents and recommend improvements to processes. Profile A successful GRC Analyst should have: Experience in governance, risk, and compliance within a technology-focused environment. Strong analytical and problem-solving skills with a detail-oriented mindset. Knowledge of relevant industry regulations More ❯

current operational technology and applications. This role will suit a sysadmin, or someone with equivalent practical experience in technology service and operations, who is looking to transition to a GRC career path; after a fruitful time at the coal face you are now ready for opportunities to stretch into a higher level business facing role - we will support, provide guidance … technology risk. Principal Accountabilities: - Risk Identification: Develop strategies, conduct horizon scanning, and collaborate across teams to identify and assess technology risks, including regulatory changes. - Risk Assessment: Ensure compliance with governance policies, conduct assessments and testing, monitor risk events, and support vendor risk evaluations. - Risk Controls Management: Implement risk and control management strategies, maintain governance frameworks, manage IT controls, and oversee … GRC platform services. - Risk Governance & Compliance: Administer governance procedures, optimise processes, ensure record-keeping, and support audits and certifications. - Reporting & Documentation: Prepare risk reports, maintain governance documentation, and develop innovative visualisations to communicate insights. - Management & Development: Foster learning across teams, promote compliance awareness, and advance personal expertise and team development. Required skills & experience: - Experience in technology operations and administration, ITSM More ❯

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform £70–80k base + 10% bonus Hybrid in London Training budget for certifications + conference attendance Strong emphasis on professional autonomy and ethical leadership A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of … required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans Mentorship ability … ready to step up, guide analysts, and model high-integrity InfoSec practice What you’ll be doing: GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays Security awareness & training: manage phishing simulations and content using Proofpoint Security architecture reviews: support More ❯

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform £70–80k base + 10% bonus Hybrid in London Training budget for certifications + conference attendance Strong emphasis on professional autonomy and ethical leadership A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of … required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans Mentorship ability … ready to step up, guide analysts, and model high-integrity InfoSec practice What you’ll be doing: GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays Security awareness & training: manage phishing simulations and content using Proofpoint Security architecture reviews: support More ❯