226 to 250 of 676 GRC Jobs in the UK

mindedSVP, Head of Security Ops, Risk & Controls to lead the structuredoversight, operational assurance, and continuous improvement of our SaaSplatform. This role will sit at the heart of our operational governance model, workingwith both new and existing clients, owning key pillars such as securityoperations, release governance, quality assurance, disaster recovery, auditcoordination, SLA conformance, and the definition of technical and operationalsecurity standards … across the SaaS business. Reporting to the CTO, SaaS, this role will partner closelywith Group-wide functions including GRC, Legal, Finance, QA, and Engineering toensure secure, resilient, and high-quality SaaS delivery. OPPORTUNITIES Operational Risk& Security Oversight Own the governance of operational security and threat readiness in partnership with the CISO. Define, maintain, and enforce security standards for the SaaS … are consistently implemented across product, platform, DevOps, and client delivery teams. Lead the development of risk-informed operational controls aligned to regulatory and enterprise risk frameworks. Release Management& Change Governance Govern the release and change management lifecycle to ensure structured risk reviews, approvals, traceability, and audit readiness. Partner with platform and engineering teams to embed control requirements into DevOps workflows More ❯

mindedSVP, Head of Security Ops, Risk & Controls to lead the structuredoversight, operational assurance, and continuous improvement of our SaaSplatform. This role will sit at the heart of our operational governance model, workingwith both new and existing clients, owning key pillars such as securityoperations, release governance, quality assurance, disaster recovery, auditcoordination, SLA conformance, and the definition of technical and operationalsecurity standards … across the SaaS business. Reporting to the CTO, SaaS, this role will partner closelywith Group-wide functions including GRC, Legal, Finance, QA, and Engineering toensure secure, resilient, and high-quality SaaS delivery. OPPORTUNITIES Operational Risk& Security Oversight Own the governance of operational security and threat readiness in partnership with the CISO. Define, maintain, and enforce security standards for the SaaS … are consistently implemented across product, platform, DevOps, and client delivery teams. Lead the development of risk-informed operational controls aligned to regulatory and enterprise risk frameworks. Release Management& Change Governance Govern the release and change management lifecycle to ensure structured risk reviews, approvals, traceability, and audit readiness. Partner with platform and engineering teams to embed control requirements into DevOps workflows More ❯

is focused primarily on eight mega process areas: Finance, Source to Pay (procurement and vendor mgmt.), Plan to Fulfill (manufacturing and distribution), Lead to Cash (order processing and payment), Governance, Engage to Consume (marketing), Idea to Market (R&D), and Recruit to Retire (HR). This transformation requires thought leadership, quality decision making, deep technical know-how, and an ability … is responsible for the delivery of the end-to-end lifecycle of the core SAP S/4Hana Security and Compliance scope, ensuring alignment with roles design, processes and governance principles. Do you thrive working in the project environment? Do you have a deep understanding of SAP products and technologies and previous experience coordinating SAP transformation projects? If so, join …/4HANA program and in driving a successful digital transformation, to make a significant positive impact What are we looking for? 10+ years in leading program for SAP Security, GRC and Identity access management. Have an IT background with at least experience of 3 x ERP/SAP Development, Implementation or Transformation projects from end to end. Professional certification such More ❯

Position Title: Head of Governance, Risk and Compliance (GRC), Info Sec – 12 Month FTC Client: BMS Group Location: London (City of London), United Kingdom Job Category: Other EU work permit required: Yes Job Views: 3 Posted: 16.06.2025 Expiry Date: 31.07.2025 Job Description: Summary of Position: This position reports directly to the global CISO and manages a small in-house team … maintaining and executing the cyber security strategy. Take overall responsibility for information security risk and compliance. Manage the BMS Information Security Control Framework. Develop and maintain the Information Security governance and oversight target operating model. Create policies and governance materials. Own the Information Security Risk management processes. Identify security threats and collaborate with technical teams on exposure. Provide security expertise More ❯

Position Title: Head of Governance, Risk and Compliance (GRC), Info Sec – 12 Month FTC Reports to: Global CISO Location: London Summary of Position: This position will report directly to the global CISO and also be responsible for managing a small in-house team who plan, schedule, monitor and report on activities relating to information/cyber security. The role will … the cyber security strategy Take overall responsibility of information security risk and compliance Assume responsibility for the BMS Information Security Control Framework Produce and maintain a the Information Security governance and oversight target operating model Produce policies and supporting governance material Take ownership for the Information Security Risk management processes Identify information security threats and work with technical teams to More ❯

Position Title: Head of Governance, Risk and Compliance (GRC), Info Sec – 12 Month FTC Reports to: Global CISO Location: London Summary of Position: This position will report directly to the global CISO and also be responsible for managing a small in-house team who plan, schedule, monitor and report on activities relating to information/cyber security. The role will … the cyber security strategy Take overall responsibility of information security risk and compliance Assume responsibility for the BMS Information Security Control Framework Produce and maintain a the Information Security governance and oversight target operating model Produce policies and supporting governance material Take ownership for the Information Security Risk management processes Identify information security threats and work with technical teams to More ❯

exclusive features. This range is provided by itecopeople. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range Governance, Risk and Compliance Manager. (GRC Manager) About the Role: The GRC Manager is a senior role within the Information Security team, responsible for maintaining and improving governance and risk frameworks … for IT Services. You will define risk and governance processes, including how process owners are identified and the activities to ensure that the process is governed effectively, to ensure that IT systems and information assets are adequately protected. You will be responsible for identifying, evaluating and reporting on governance and compliance risks and issues in a manner that meets the … clients regulatory and legal requirements. The GRC Manager works proactively with the various departments, business units and suppliers to implement practices that meet the clients defined policies and standards for information risk management, governance and compliance. About You: You will have a significant level of specialist expertise in IT Governance, Risk and Compliance, with proven responsibility for, and experience of More ❯

A leading financial services firm is looking for a Senior GRC Associate to help develop and maintain its IT Governance, Risk & Compliance framework. Key Responsibilities: Support IT risk assessments and control compliance activities Maintain risk registers and GRC documentation Assist with internal governance reviews and formal reporting Work with IT teams and third-party providers on GRC initiatives Requirements … 5+ years’ experience in IT GRC or Information Security Knowledge of ISO 27001, NIST, and (ideally) DORA Strong analytical, communication, and stakeholder engagement skills Experience with IT infrastructure risk and control assessments This is a great opportunity to join a well-established and forward-thinking team, where you'll be empowered to make a real impact on IT risk and … control governance across a global environment. Please DM me or apply if you're interested. More ❯

A leading financial services firm is looking for a Senior GRC Associate to help develop and maintain its IT Governance, Risk & Compliance framework. Key Responsibilities: Support IT risk assessments and control compliance activities Maintain risk registers and GRC documentation Assist with internal governance reviews and formal reporting Work with IT teams and third-party providers on GRC initiatives Requirements … 5+ years’ experience in IT GRC or Information Security Knowledge of ISO 27001, NIST, and (ideally) DORA Strong analytical, communication, and stakeholder engagement skills Experience with IT infrastructure risk and control assessments This is a great opportunity to join a well-established and forward-thinking team, where you'll be empowered to make a real impact on IT risk and … control governance across a global environment. Please DM me or apply if you're interested. More ❯

Location: Melksham, Hybrid Job Description: We are seeking a motivated and detail-oriented consultant to join our Governance, Risk, and Compliance (GRC) team. This hybrid role centres on Data Protection, with additional responsibilities in Cyber Security to support a holistic approach to information governance. You’ll play a key role in helping clients meet and maintain compliance with GDPR, ISO27001 … customers to review, negotiate, and finalise Data Processing Agreements (DPAs) and Business Associate Agreements (BAAs). Represent Customers on calls and in meetings with customer legal, compliance, and information governance teams to align on regulatory and contractual data protection requirements. Filling out request for proposals for customers, enabling them to win work using security and data protection as a selling … protection best practice and provide practical solutions for lawful, fair, and transparent data use. Policy & Document Support: Draft and maintain data protection policies, privacy notices, RoPAs, and other key governance artefacts. Vendor & Processor Management: Support due diligence of third-party processors and ensure contracts include appropriate data protection clauses. Training & Awareness: Help deliver privacy and cyber awareness training for client More ❯

Job Title: Senior IT Governance Analyst Location: Hybrid – 3 Days Onsite (Leeds or Manchester) Salary: £50,000 – £60,000 + Benefits About the Role: We're working with a growing organisation seeking an experienced Senior IT Governance Analyst to join their Information Security team. This is a key role responsible for overseeing IT governance processes, managing audit activity, and ensuring … risk controls are in place and effective. You'll work across the business to coordinate internal and external audits, support compliance efforts, and maintain a strong governance framework in line with recognised standards. Key Responsibilities: Lead the coordination of IT-related audits – internal and external, including audit readiness, stakeholder engagement, and managing action plans. Maintain and update IT risk assessments … internal controls, and associated governance documentation. Provide expert feedback to control owners, supporting remediation efforts and assessing mitigation strategies. Review control deficiencies and guide the development of effective, sustainable solutions. Partner with stakeholders across IT and the business to embed good governance and risk practices. Own and evolve the IT Risk Management Framework, working closely with the Enterprise Risk team. More ❯

London, England, United Kingdom . London, England, United Kingdom 1 day ago London, England, United Kingdom 3 months ago London, England, United Kingdom 2 months ago Head of Cyber Governance, Risk and Complience London, England, United Kingdom 1 week ago London, England, United Kingdom 1 week ago Senior Director of Governance, Risk, Compliance & Privacy London, England, United Kingdom 4 days … ago London, England, United Kingdom 1 week ago Head of Cyber Governance, Risk and Compliance Head of Governance, Risk and Compliance - Info Sec - 12 Month FTC Vice President, Operational Resilience Governance, MI & Change Lead London, England, United Kingdom 4 days ago Director of Risk Analytics - EMEA, Commercial Risk London, England, United Kingdom 2 weeks ago We’re unlocking community knowledge More ❯

Email Telephone Address Cover Note Upload CV Vacancy Description Incident Response & Continuity Planning: Participate in cyber incident exercises, business continuity, and disaster recovery planning to strengthen resilience. Security Awareness & Governance: Manage security awareness programs, phishing simulations, and contribute to cyber governance, GDPR compliance, and policy development. Audits & Compliance: Conduct internal/external audits, assess supplier security risks, and ensure adherence … hands-on training and active-learning models that increase retention rates by 75% so that cyber apprentices can prepare for real-world challenges. Support an organisation's formal security governance, regulatory and compliance (GRC) and interact with risk assessments and risk mitigations. Tools and technologies learned: Apprentices will learn to use Project Ares, Python, Microsoft Azure, Microsoft PowerShell, Linux, and More ❯

About Agoda Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more. More ❯

of a risk intelligence program that supports proactive risk management and continuous improvement. Independently collect, analyze and synthesize complex risk data to inform the risk assessment process. Employ Archer GRC and other data analytics tools to optimize risk management processes and improve data accuracy and reporting capabilities. Actively challenge existing norms and foster a risk-aware culture across all levels … and collaboratively across team and departmental boundaries. Some periodic travel, domestic and international, may be required. PREFERRED SKILLS, QUALIFICATIONS & EXPERIENCE In-depth knowledge and hands-on experience using Archer GRC preferred. #LI-MB1 #LI-HYBRID At MFS, we are dedicated to building a diverse, inclusive and authentic workplace. If you are excited about this role but your past experience doesn More ❯

Albany Beck is looking for an experienced Security Consultant with a strong background in Security Risk Management, GRC, Vulnerability Analysis, and Compliance to join a high-impact programme within a leading global investment bank. This is an exciting opportunity to play a key role in the design and implementation of security controls, frameworks, and processes to strengthen the bank’s … overall security posture. As a Security Consultant, you’ll be working in the client’s security team, contributing to critical workstreams that span governance, risk and compliance (GRC), vulnerability management, and security control design. You'll work closely with cross-functional stakeholders including technology, audit, and operations teams to ensure the organisation’s security strategy aligns with regulatory expectations and … best practices. Key Responsibilities: Conduct security risk assessments and develop risk treatment plans aligned with the bank’s risk appetite. Support the development, implementation, and continuous improvement of security governance frameworks and GRC processes. Design and enhance security controls across infrastructure, applications, and cloud environments. Lead or support vulnerability analysis activities, including risk-based prioritisation and remediation tracking. Ensure alignment More ❯

solutions that automate evidence gathering and real-time compliance monitoring across frameworks such as NIST 800-53, HITRUST, PCI-DSS, and FedRAMP. - Collaborate Across Teams: Partner with cloud engineering, GRC, and program teams to align internal tooling with evolving compliance needs and operational goals. Qualifications (Text Only) Required Qualifications: - Demonstrated experience deploying automation for security operations (SOAR platforms, script-based More ❯

hostile environments. Due to expansion and increased strategic focus, they are looking for an experienced Information Security Manager to take ownership of their ISO 27001-aligned ISMS, build out governance frameworks and lead security strategy across a global footprint. The role is based out of their Victoria office in London, with an expectation of being onsite 5 days per week … The interview process consists of 3 stages, including technical and stakeholder engagement rounds. Skills & Experience: Proven experience managing and implementing ISO 27001-compliant systems Strong background in information security governance and risk management Experience with Cyber Essentials/Cyber Essentials Plus accreditation processes Knowledge of UK GDPR (though this will be managed by somebody else) and broader frameworks like NIST … England, United Kingdom 2 days ago London, England, United Kingdom 1 month ago IT Data Protection Security Engineer - Senior Manager London, England, United Kingdom 2 weeks ago Manager, Security Governance Risk and Compliance (GRC) Program Manager, Regional Risk and Compliance London, England, United Kingdom 1 day ago IT Procurement Software and Security Category Manager Watford, England, United Kingdom 3 weeks More ❯

Global Head of Cybersecurity to lead the company's cyber security strategy and governance. You will play a critical role in shaping and implementing best practices in security architecture, governance, risk management, and compliance (GRC), while supporting IT teams in embedding security into all aspects of their work. Reporting to the CIO, you will lead a small team, provide strategic … to protect the organisation’s digital assets and systems. Risk Management & Compliance: Identify, assess, and mitigate cyber security risks, ensuring alignment with relevant laws, regulations, and industry standards. Security Governance: Define and implement cyber security governance frameworks, ensuring security considerations are integrated into business processes and IT operations. Security Architecture & Best Practices: Design and advocate for secure IT architectures, ensuring … an experienced cyber security professional with deep technical expertise and strategic leadership capabilities. The ideal candidate will have: Extensive experience in cyber security with a strong track record in governance, risk management, compliance, and security architecture. A Bachelor’s degree in Computer Science, Information Technology, or a related field (a Master’s degree is preferred). Equivalent professional experience will More ❯

third-party vendors and internal stakeholders to ensure smooth project execution Develop and maintain project documentation, risk logs, and reports for senior stakeholders Ensure projects adhere to regulatory and governance frameworks Skills and Experience Proven track record delivering cyber security or information security projects in large, complex organisations Strong understanding of cyber risk, threat management, and technical security controls Excellent … stakeholder management and communication skills Experience with governance, risk, and compliance frameworks (e.g., ISO 27001, NIST, GDPR) PRINCE2, PMP, or similar project management certification desirable Knowledge of cloud security (Azure/AWS) a plus Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications More ❯

third-party vendors and internal stakeholders to ensure smooth project execution Develop and maintain project documentation, risk logs, and reports for senior stakeholders Ensure projects adhere to regulatory and governance frameworks Skills and Experience Proven track record delivering cyber security or information security projects in large, complex organisations Strong understanding of cyber risk, threat management, and technical security controls Excellent … stakeholder management and communication skills Experience with governance, risk, and compliance frameworks (e.g., ISO 27001, NIST, GDPR) Knowledge of cloud security (Azure/AWS) a plus Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our More ❯

ongoing maintenance and uplift of the cybersecurity posture within the project. This spans systems, subsystems, products and external interfaces, and may include a mixture of operational cybersecurity functions and governance, risk and compliance (GRC) activities. Key responsibilities include: Perform systems security risk management activities, including identifying security threats, analysing the risk exposure and presenting treatment options to mitigate security risk. More ❯

and corresponding Schedule of Works Devise, facilitate and deliver training and awareness workshops Support the client in responding to individuals' rights requests Consistently inform and advise the client on governance, accountability and risk Keep up to date with changes in data protection law and regulations Actively contribute to building the overall knowledge base of the DPO Centre's team Career … The DPO Centre is a multi-national, leading provider of fractional Data Protection Officer (DPO) and privacy services. Since 2017, the company has delivered expert DPO, DPR, and AI governance services to over 1,000 clients globally from our offices in London, Amsterdam, Toronto, New York, Dublin, and our network of representation establishments across all 27 Member States. Further details … Kingdom 2 days ago South East, England, United Kingdom 4 weeks ago London, England, United Kingdom 1 week ago London, England, United Kingdom 1 week ago Executive Director of Governance & Compliance Dartford, England, United Kingdom 2 weeks ago Manager, Security Governance Risk and Compliance (GRC) We’re unlocking community knowledge in a new way. Experts add insights directly into each More ❯

legal and regulatory compliance, health and safety In order to succeed in this role, you will need to have: A recognised accountancy qualification Expert knowledge of charity finance, law and governance Effective leadership skills and experience of successfully leading multi-disciplinary teams such as IT, Health & Safety Facilities, Housekeeping and Catering Excellent communication and interpersonal skills with the ability to … reporting processes across all areas of the hospice. Develop and deliver model business cases withincorporate services and across the wider organisation. Oversee and be responsible for financial controls,risk management, and compliance with regulatory standards including (but notlimited to) VAT, Gift Aid, NI, corporation and income taxation. Ensure accurate and timely production of managementaccounts and statutory financial statements. Advise the … Finance and InvestmentSub-Committee. Corporate Services Lead, manage and develop high-performing corporateservices functions, including: - IT and digital transformation - Estates and facilities management (includingfacilities, catering and housekeeping) - Procurement and contract management - Governance & risk, policies, and compliance - Business continuity and Health & Safety Lead on capital projects and maintenance of Hospicebuildings and property to ensure legal and regulatory compliance, health andsafety. Governance More ❯

and develop your career. We offer full 360-degree services to our clients from initial consulting on a range of areas including Risk Assessments, Vulnerability Management, Accreditations (ISO27001, GDPR), GRC (Governance, Risk, Compliance), Security Architecture Design and Build (technical and Non-technical), Incident Response, Protective Monitoring Services, Penetration Testing and much more. We take clients through a journey to improve More ❯