126 to 150 of 284 GRC Jobs in the UK

looking for an Information Security Analyst to join their team. This is an excellent opportunity to play a key role in advancing the company's security posture by delivering Governance, Risk, and Compliance (GRC) initiatives and embedding the NIST Cyber Security Framework (CSF) across the business. Key skills/responsibilities: Deliver day-to-day GRC activities, including designing and implementing … reviews and updates to ensure controls remain effective against evolving threats Essential skills: Minimum 2 year's experience in information security, with a solid understanding of security control and governance frameworks Experience in developing security controls catalogue in a financial services environment (highly desirable) Proven experience in delivering security projects within a federated organisation Desirable skills: Knowledge of NIST CSF More ❯

This includes ensuring necessary evidence is available and that audit findings or improvement areas are integrated into business-as-usual processes to mitigate associated risks. Acting as secretariat for Governance Committees, compiling relevant information and metrics, and contributing to the preparation of governance reports and documentation. Promoting a strong security culture by delivering ongoing training and awareness programs focused on … current and emerging threats. Core Experience, Qualifications, and Skills This role is ideal for an individual with a strong background particularly experienced in leading all facets of Governance, Risk, and Compliance (GRC). The ideal candidate will have: A solid understanding of Information Security principles, including relevant concepts, standards, frameworks, and technologies Good knowledge of UK Data Protection legislation and … its underlying principles Experience in managing security governance and compliance obligations (e.g., DPA, PCI-DSS, ISO 27001) The ability to work independently with minimal supervision, as well as effectively contribute to larger, more complex project teams Strong communication skills, with the ability to explain technical, complex, or sensitive issues and risks to a diverse audience and align them with broader More ❯

This includes ensuring necessary evidence is available and that audit findings or improvement areas are integrated into business-as-usual processes to mitigate associated risks. Acting as secretariat for Governance Committees, compiling relevant information and metrics, and contributing to the preparation of governance reports and documentation. Promoting a strong security culture by delivering ongoing training and awareness programs focused on … current and emerging threats. Core Experience, Qualifications, and Skills This role is ideal for an individual with a strong background particularly experienced in leading all facets of Governance, Risk, and Compliance (GRC). The ideal candidate will have: A solid understanding of Information Security principles, including relevant concepts, standards, frameworks, and technologies Good knowledge of UK Data Protection legislation and … its underlying principles Experience in managing security governance and compliance obligations (e.g., DPA, PCI-DSS, ISO 27001) The ability to work independently with minimal supervision, as well as effectively contribute to larger, more complex project teams Strong communication skills, with the ability to explain technical, complex, or sensitive issues and risks to a diverse audience and align them with broader More ❯

This includes ensuring necessary evidence is available and that audit findings or improvement areas are integrated into business-as-usual processes to mitigate associated risks. Acting as secretariat for Governance Committees, compiling relevant information and metrics, and contributing to the preparation of governance reports and documentation. Promoting a strong security culture by delivering ongoing training and awareness programs focused on … current and emerging threats. Core Experience, Qualifications, and Skills This role is ideal for an individual with a strong background particularly experienced in leading all facets of Governance, Risk, and Compliance (GRC). The ideal candidate will have: A solid understanding of Information Security principles, including relevant concepts, standards, frameworks, and technologies Good knowledge of UK Data Protection legislation and … its underlying principles Experience in managing security governance and compliance obligations (e.g., DPA, PCI-DSS, ISO 27001) The ability to work independently with minimal supervision, as well as effectively contribute to larger, more complex project teams Strong communication skills, with the ability to explain technical, complex, or sensitive issues and risks to a diverse audience and align them with broader More ❯

Salary: £45,000 - £60,000 + Benefits Are you an experienced Security Consultant looking for your next challenge? We are seeking passionate cyber security professionals with strong expertise in governance, risk and compliance (GRC), who can deliver complex projects and build trusted client relationships. As a Security Consultant , you will work on a variety of Defence and Public Sector assignments … experience in security assurance, accreditation, secure by design, and risk management, alongside recognised qualifications such as CISSP, CISM, or ISO 27001 Lead Implementer. Ideally you will be familiar with GRC practices in similar environments also. In return, you'll enjoy a competitive salary, remote working, training budget, private healthcare, bonus scheme, and a culture that values collaboration, growth, and well … being. Take the next step in your career as a GRC Specialist/Security Consultant - apply today. People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management More ❯

About this role WRITER is seeking a GRC Specialist to shape and lead our governance, risk, and compliance strategy for the AI era. As we pioneer AI/AGI technologies, we face a fast-changing regulatory landscape alongside established compliance frameworks. This role calls for a compliance leader who can balance rigorous adherence to standards with the flexibility to support … way that accelerates-rather than hinders-our growth. You'll own the end-to-end compliance strategy for WRITER, covering everything from SOC2, ISO, and GDPR to emerging AI governance requirements, while partnering with technical and legal teams to ensure controls are implemented effectively. If you can translate complex regulatory obligations into practical, business-aligned programs, you'll have a … Collaboration What You Own (Responsible) Overall compliance program strategy and management AI regulatory compliance research and implementation Enterprise risk management framework Third-party risk management program Data privacy and governance programs Audit coordination and management What You Don't Own (Others Lead) Technical implementation of security controls (other security teams own) Operational security monitoring (Detection & Response owns) Identity and access More ❯

a comprehensive range of professional services and managed services both onsite and remotely. The Cyber Practice consists of highly skilled professionals delivering a myriad of offensive security testing and governance, risk, and compliance (GRC) services in support of Claranet’s vision. Taking a customer first approach, Claranet’s Cyber Practice prides itself in providing world-class services designed to meet … the specific and individual needs of all customers, across all industries. Position Summary As a Security Consultant, you will be responsible for delivering customer projects across a range of GRC services in line with your current capabilities, and future capabilities after suitable training/mentoring. You will be responsible for providing professional service delivery including but not limited to; consultancy … services and audit/assessment services against multiple security compliance frameworks/standards, and delivery of other GRC consultancy services as required to service our customers’ needs. This role will require additional activities as part of your job responsibilities to support the delivery of services which will include, but not limited to; customer scoping calls and scoping activities, quality assurance More ❯

The GRC Analyst will play a pivotal role in ensuring effective governance, risk, and compliance practices within the organisation's technology department. This position requires a keen eye for detail and the ability to support risk management processes in a not-for-profit environment. Client Details An UK leading housing group with a significant focus on technology-driven initiatives. It … is committed to delivering impactful services and maintaining high standards of governance and compliance across its operations. Description Support the development and implementation of governance, risk, and compliance frameworks within the technology department. Monitor and assess risks, ensuring they are effectively identified, documented, and mitigated where necessary. Conduct regular audits and reviews to ensure compliance with organisational and regulatory standards. … stakeholders. Stay updated on relevant industry regulations and standards, ensuring the organisation remains compliant. Support the resolution of compliance-related incidents and recommend improvements to processes. Profile A successful GRC Analyst should have: Experience in governance, risk, and compliance within a technology-focused environment. Strong analytical and problem-solving skills with a detail-oriented mindset. Knowledge of relevant industry regulations More ❯

The GRC Analyst will play a pivotal role in ensuring effective governance, risk, and compliance practices within the organisation's technology department. This position requires a keen eye for detail and the ability to support risk management processes in a not-for-profit environment. Client Details An UK leading housing group with a significant focus on technology-driven initiatives. It … is committed to delivering impactful services and maintaining high standards of governance and compliance across its operations. Description Support the development and implementation of governance, risk, and compliance frameworks within the technology department. Monitor and assess risks, ensuring they are effectively identified, documented, and mitigated where necessary. Conduct regular audits and reviews to ensure compliance with organisational and regulatory standards. … stakeholders. Stay updated on relevant industry regulations and standards, ensuring the organisation remains compliant. Support the resolution of compliance-related incidents and recommend improvements to processes. Profile A successful GRC Analyst should have: Experience in governance, risk, and compliance within a technology-focused environment. Strong analytical and problem-solving skills with a detail-oriented mindset. Knowledge of relevant industry regulations More ❯

and communication activities • Working closely with Technology project teams to realise the end to end delivery of technology changes that are required to realise the business goal • Ensuring all governance, risk management, controls and compliance requirements are considered, planned for an adhered to safeguard the customer experience • Driving the delivery of pragmatic business and operational design solutions which maximise benefits More ❯

Success or similar roles within enterprise software, preferably in security or systems integration. Proven experience managing strategic and enterprise-level customers with measurable success. Strong understanding of network security, governance, audit, risk, and compliance practices. Customer-first mindset, highly proactive, and comfortable with client-facing engagements (calls/visits). Excellent consulting, project management, and data-driven decision-making skills. More ❯

the business. You will also act as a key partner to the CEO and Board, contributing to strategic planning, value creation, and investor engagement. The role includes oversight of governance, risk, compliance, and support for future fundraising or M&A activity. The Ideal Candidate: Qualified Accountant (ACA/ACCA/ACMA). Experienced CFO or Finance Director in a PE More ❯

Lead) Employee identity systems (Enterprise/Corporate owns) Infrastructure identity (Cloud/Infrastructure owns) AI security research (AI Security owns) Infrastructure security tools (Cloud/Infrastructure owns) Compliance requirements (GRC owns) Key Partnerships With AI Security : They research threats; you build customer protections With Detection & Response : They detect attacks; you build preventive systems With Cloud/Infrastructure : They provide infrastructure More ❯

of our Insurance clients on a 6-month contract. Inside IR35 Hybrid Responsibilities: Analyze large datasets to identify trends, anomalies, and emerging risks across technology and cyber domains. Support governance and risk forums with timely and accurate reporting on key risk indicators (KRIs), control effectiveness, and remediation progress. Develop and maintain dashboards and reports to visualize technology and cyber risk … general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using Power BI, Tableau, or similar tools). Familiarity with GRC platforms and risk data management practices. Experience in a risk management, IT audit, or cyber security role within a financial services or regulated environment. Qualifications: Educated to degree level or More ❯

Doing Advise senior stakeholders on cyber security strategy to support digital and operational transformation Lead the design and delivery of cyber transformation programmes across complex organisations Develop and implement governance and operating models to improve cyber maturity and regulatory readiness Assess enterprise risk and define strategic roadmaps to embed security across business operations Solve critical cyber challenges across diverse industries … and client environments What You'll Bring Strong experience in cyber strategy, risk management, governance, architecture, and regulatory compliance Familiarity with frameworks and standards such as NIST CSF, ISO27001, NCSC CAF, GDPR, and NIS2 Industry-recognised certifications (e.g. CISSP, CISM, CISA, M.Inst.ISP, or equivalent) Practical experience in GRC, threat and vulnerability management, or operational resilience Proven delivery across complex programmes More ❯

Information Assurance that are keen to help us continue to grow and develop. You are a client facing security professional, with substantial experience within security and can deliver complex GRC projects, whilst developing and maintaining client relationships at a senior level. You will have a broad range of expertise across Information Security and be able to articulate and deliver different … to be prepared to deliver to wider public and private sector clients where required. At the Consultant level, you will be working with clients to deliver a range of GRC projects that could range from a single risk assessment to the development of a full ISMS to assuring clients gain accreditation in accordance with the appropriate standards on highly complex … programmes of work. Delivery of client engagements to support governance, risk and compliance against a range of cyber security regulations, frameworks and standards, including ISO 27001, NIST Regulations, CAF and secure by design. Staying on top of the latest developments within Cyber Security & Information Assurance by attending training and conferences. Working with the leadership and sales team to respond to More ❯

MCS Group is seeking a Cyber Security Governance and Reporting Lead to join their client, a thriving and well-established organisation with headquarters in Dublin. This position is a 12 month Fixed Term Contract into permanency as is standard in the organisation. With multiple projects in the pipeline and a growing team, this is a fantastic opportunity for an experienced … Governance professional to join a successful team in a newly created position. This role is responsible for ensuring the effective implementation and reporting of cybersecurity policies, frameworks, and regulatory requirements. The individual will lead on cybersecurity reporting, embed governance across the organisation, and ensure compliance with internal policies and applicable legislation. The successful candidate will be afforded public sector benefits … Management, Cybersecurity, Business Information Systems, or a related field. Relevant certifications such as CISM, CISA, CISSP, or CRISC are advantageous. At least 5 years' experience in cybersecurity governance, risk management, and compliance within heavily regulated industries. Proven ability to consolidate and generate reports from multiple data sources. Strong understanding of cybersecurity regulations, frameworks, and industry best practices. Hands-on experience More ❯

deliver on engagements, managing multiple internal and external stakeholders. Projects will vary and may include internal audits, implementation or review of internal and financial control frameworks, enterprise risk management, governance risk and control (GRC), Sarbanes-Oxley (SoX) implementations or reviews, risk and control automation, and performance improvement. Support the execution and daily deliverables of a portfolio of client projects, ensuring More ❯

gap analysis, remediation, certification readiness, and continual improvement. You'll collaborate with senior stakeholders across industries to deliver strategic advisory and hands-on implementation of information security governance, risk management, and compliance Key Responsibilities Lead ISO 27001 implementation projects from initial assessment through to certification Conduct gap analysis tailored to private sector risk profiles and commercial priorities Facilitate risk assessments More ❯

Operating at the intersection of business strategy, technology architecture, and cyber security, the Senior Cyber Solutions Architect drives the strategy in relation to the integration of security governance, risk management, and compliance frameworks (ISO, NIST, Essential Eight) to protect platforms, data, and services. With deep expertise in secure solution architecture, cloud-native technologies, and Descopes practices, the role drives value More ❯

. Cyber Improvement Programme. Chief Information Security Office Function (CISO) The CISO Function consists of four teams, these are CISO Portfolio Office, Secure (by Design), Security Assurance, and Security Governance, Risk & Compliance (GRC). The post of Cyber Security Lead - Security Assurance has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. In recognition … by working with control owners and delivery teams to ensure findings are addressed and closed effectively. Providing assurance ratings based on the maturity and implementation of controls, feeding into governance, risk, and compliance (GRC) reporting. Supporting decision-making by presenting findings in a structured, prioritised manner aligned to business risk and impact. Ensuring compliance with regulatory and organisational standards, including More ❯

60k + excellent benefits Type: Permanent An excellent opportunity to join a renowned Microsoft Managed Security Service Provider (MSSP) as a Cyber Security Consultant with a strong emphasis on Governance, Risk & Compliance (GRC). The role involves working with enterprise clients to navigate complex regulatory requirements, enhance their security posture, and align with industry standards using the Microsoft security ecosystem. … Responsibilities: Delivering GRC consultancy across varied client environments Conducting risk assessments, compliance audits, and control gap analyses Advising on security frameworks including ISO 27001, NIST, and GDPR Supporting implementation and optimisation of Microsoft Security solutions such as Defender, Sentinel, and Purview Translating compliance requirements into actionable security controls Building and maintaining strong client relationships through strategic guidance and clear communication … Experience required: Proven experience in cyber security consultancy with a GRC focus Strong understanding of security frameworks and regulatory obligations Familiarity with the Microsoft Security stack (Defender, Sentinel, Entra, etc.) Excellent communication and stakeholder engagement skills CISSP certification (or working towards) considered highly desirable Capable of working independently and collaboratively within a high-performing team This role offers the chance More ❯

at the forefront of safeguarding critical national healthcare services and ensuring patient safety through robust cyber resilience. The Cyber Security Lead role is a key part of the Cyber Governance, Risk and Compliance , operating within the Chief Information Security Office (CISO) Function . This team is responsible for providing leadership with accurate information regarding cyber and information security risks in … be aware that RRP is non-contractual and subject to review Main duties of the job As a Cyber Security Lead , your responsibilities include: Deputise for the Head of GRC, leading the GRC team and managing outputs as required. Embed and mature an organisational security operating model to support risk-driven, evidence-based decision making. Oversee the security policy lifecycle … with stakeholders to maintain risk within tolerance. Design, implement, and monitor key controls to reduce risk, provide assurance, and meet compliance obligations. Provide effective security metrics and reporting to governance boards, senior leaders, and audit functions. Conduct research and analysis using diverse data sources to inform security best practices and decisions. Promote 'security by design' across directorates, strategies, and business More ❯

the market, and how to respond. At the same time, regulations are tightening. From data protection requirements to the Online Safety Act, organisations face growing pressure to demonstrate strong governance and accountability. For sectors like finance, healthcare, energy and the public sector, this is especially urgent. Digital transformation is also playing a role. As cloud adoption accelerates and hybrid working … teams and forensic analysts. Supply chain risk is under the spotlight Breaches linked to third-party providers have exposed vulnerabilities beyond company walls. In response, organisations are investing in governance, risk and compliance roles to help manage vendor relationships and strengthen oversight. AI is creating both opportunities and risks Artificial intelligence is helping defenders automate responses and improve detection. But … Typical salary: £40,000 to £60,000 Cloud Security Engineer - Experts in building and securing infrastructure in AWS, Azure or Google Cloud. Typical salary: £70,000 to £100,000 GRC Specialist - Professionals who align security with risk, compliance and governance frameworks. Typical salary: £60,000 to £90,000 IAM Lead - Focused on identity and access management, a vital area as More ❯

various tools and activities. Manage and improve Three's Security Exception process. Work effectively with Enterprise risk and compliance functions to escalate enterprise-level Technology and Security risks. Operate GRC tools for Risk Management to record, track, and monitor risks and controls. Support ongoing education and awareness activities related to Security policies, Risk management frameworks, and governance across the company. More ❯