226 to 250 of 284 GRC Jobs in the UK

Cyber Security and Cloud Resilience Analyst Hybrid working. 1-2 days per month in the office. Buzz words you should identify with: Cyber Security, GRC, AWS, DevOps, DevSecOps, Dockers, ISO27001, NIST, Cyber Essentials, CISSP, Technical Architecture Work for a Not-for-Profit compliance company working in the green sector. Responsible for: 1) Cyber Security governance and delivery across the company … and their suppliers. Covering: Governance, threat detection, reports, SIEM, DevSecOps 2) Cloud Architecture and Resilience. AWS estate and the platform applications. Assessment of risk and resilience. AWS cloud costs, technical debt, overview of architecture. This is not a technical hands-on position (other than maybe some config and creation of threat reports). However, you will need a technical background More ❯

to exceed customer expectations. People & Performance: Lead and mentor project team members (indirectly). Encourage high performance and a can-do culture. Support performance management through project-based objectives. Governance & Risk: Ensure compliance with regulatory and internal governance requirements. Proactively identify and mitigate risks. Promote awareness and adherence to company policies and operating models. Skills & Experience Required Proven project management … expertise across technical and business initiatives. Strong stakeholder management, leadership, and change management skills. Financial literacy and resource planning capabilities. Deep understanding of project governance, tools, systems, and methodologies. Advanced communication, negotiation, and analytical skills. Experience working with cross-functional teams and technical SMEs. Desirable: Experience with modular technical platform projects. Qualifications Degree or equivalent experience. Commitment to ongoing professional More ❯

+ 10% bonus Hybrid in Coventry with monthly travel to London Security certification support & career development built-in Help shape a high-stakes security program as a hands-on GRC Analyst supporting a global financial institution’s banking expansion. You’ll be central to their mission of scaling a modern InfoSec environment, balancing regulatory rigor, ethical standards and BAU resilience. … the top down. What you’ll bring: 3+ years in an InfoSec or IT security role within a regulated or financial firm Security certifications: SSCP, Security+, or equivalent Strong GRC foundation: Able to interpret risk frameworks and speak the language of ISO, SOC2, NIST, etc. Comfortable with security tooling and metrics-driven reporting Confident communicator: Translate acronyms into action, and … engage stakeholders with clarity and purpose Ethical mindset: understand when to escalate, when to challenge, and how to own your area What you’ll be doing: ISO27001 & SOC2 governance: day-to-day support of the ISMS, remediation tracking, risk reviews Third-party risk assessments: conduct supplier security reviews aligned to appetite and regulatory frameworks Security awareness training: drive phishing simulations More ❯

impact. Create a phased ESG framework that aligns with Helix’s core services, operational structure, and risk profile. Identify KPIs and reporting obligations across environmental performance, social value, and governance maturity. Partner with procurement, IT, HR, and client delivery functions to embed sustainable practices in operations and supply chain. Coordinate with senior leadership and external advisors to establish board-level … impact. Create a phased ESG framework that aligns with Helix’s core services, operational structure, and risk profile. Identify KPIs and reporting obligations across environmental performance, social value, and governance maturity. Partner with procurement, IT, HR, and client delivery functions to embed sustainable practices in operations and supply chain. Coordinate with senior leadership and external advisors to establish board-level … and stakeholder engagement skills. Highly organised with attention to detail. Desirable Certified Internal or Lead Auditor in ISO27001, 9001, 14001, or 45001. NEBOSH or IEMA qualifications. Experience in SaaS, GRC, property compliance, or similarly regulated sectors. Familiarity with compliance platforms (e.g. ISMS.online, Q-Pulse, etc.) Soft Skills Strong communication and problem-solving ability: a proactive, solution-focused approach to diagnosing More ❯

impact. Create a phased ESG framework that aligns with Helix’s core services, operational structure, and risk profile. Identify KPIs and reporting obligations across environmental performance, social value, and governance maturity. Partner with procurement, IT, HR, and client delivery functions to embed sustainable practices in operations and supply chain. Coordinate with senior leadership and external advisors to establish board-level … impact. Create a phased ESG framework that aligns with Helix’s core services, operational structure, and risk profile. Identify KPIs and reporting obligations across environmental performance, social value, and governance maturity. Partner with procurement, IT, HR, and client delivery functions to embed sustainable practices in operations and supply chain. Coordinate with senior leadership and external advisors to establish board-level … and stakeholder engagement skills. Highly organised with attention to detail. Desirable Certified Internal or Lead Auditor in ISO27001, 9001, 14001, or 45001. NEBOSH or IEMA qualifications. Experience in SaaS, GRC, property compliance, or similarly regulated sectors. Familiarity with compliance platforms (e.g. ISMS.online, Q-Pulse, etc.) Soft Skills Strong communication and problem-solving ability: a proactive, solution-focused approach to diagnosing More ❯

impact. Create a phased ESG framework that aligns with Helix’s core services, operational structure, and risk profile. Identify KPIs and reporting obligations across environmental performance, social value, and governance maturity. Partner with procurement, IT, HR, and client delivery functions to embed sustainable practices in operations and supply chain. Coordinate with senior leadership and external advisors to establish board-level … impact. Create a phased ESG framework that aligns with Helix’s core services, operational structure, and risk profile. Identify KPIs and reporting obligations across environmental performance, social value, and governance maturity. Partner with procurement, IT, HR, and client delivery functions to embed sustainable practices in operations and supply chain. Coordinate with senior leadership and external advisors to establish board-level … and stakeholder engagement skills. Highly organised with attention to detail. Desirable Certified Internal or Lead Auditor in ISO27001, 9001, 14001, or 45001. NEBOSH or IEMA qualifications. Experience in SaaS, GRC, property compliance, or similarly regulated sectors. Familiarity with compliance platforms (e.g. ISMS.online, Q-Pulse, etc.) Soft Skills Strong communication and problem-solving ability: a proactive, solution-focused approach to diagnosing More ❯

impact. Create a phased ESG framework that aligns with Helix’s core services, operational structure, and risk profile. Identify KPIs and reporting obligations across environmental performance, social value, and governance maturity. Partner with procurement, IT, HR, and client delivery functions to embed sustainable practices in operations and supply chain. Coordinate with senior leadership and external advisors to establish board-level … impact. Create a phased ESG framework that aligns with Helix’s core services, operational structure, and risk profile. Identify KPIs and reporting obligations across environmental performance, social value, and governance maturity. Partner with procurement, IT, HR, and client delivery functions to embed sustainable practices in operations and supply chain. Coordinate with senior leadership and external advisors to establish board-level … and stakeholder engagement skills. Highly organised with attention to detail. Desirable Certified Internal or Lead Auditor in ISO27001, 9001, 14001, or 45001. NEBOSH or IEMA qualifications. Experience in SaaS, GRC, property compliance, or similarly regulated sectors. Familiarity with compliance platforms (e.g. ISMS.online, Q-Pulse, etc.) Soft Skills Strong communication and problem-solving ability: a proactive, solution-focused approach to diagnosing More ❯

impact. Create a phased ESG framework that aligns with Helix’s core services, operational structure, and risk profile. Identify KPIs and reporting obligations across environmental performance, social value, and governance maturity. Partner with procurement, IT, HR, and client delivery functions to embed sustainable practices in operations and supply chain. Coordinate with senior leadership and external advisors to establish board-level … impact. Create a phased ESG framework that aligns with Helix’s core services, operational structure, and risk profile. Identify KPIs and reporting obligations across environmental performance, social value, and governance maturity. Partner with procurement, IT, HR, and client delivery functions to embed sustainable practices in operations and supply chain. Coordinate with senior leadership and external advisors to establish board-level … and stakeholder engagement skills. Highly organised with attention to detail. Desirable Certified Internal or Lead Auditor in ISO27001, 9001, 14001, or 45001. NEBOSH or IEMA qualifications. Experience in SaaS, GRC, property compliance, or similarly regulated sectors. Familiarity with compliance platforms (e.g. ISMS.online, Q-Pulse, etc.) Soft Skills Strong communication and problem-solving ability: a proactive, solution-focused approach to diagnosing More ❯

levels of scale. Businesses, from start-ups to enterprises to large government customers, run their operations and applications on AWS' highly secure infrastructure. AWS Security is looking for a GRC Specialist to contribute to the certification, accreditation, assurance, and authorisation activities across the security program. The successful candidate is a problem-solver, quick-study, with a broad understanding of the … regulatory landscape, cloud technologies, experience in security and compliance. Key job responsibilities Serve as the GRC Specialist for designated (physical and/or logical) components within the cloud capability, to perform assurance and authorization activities to ensure adherence to standards and protocols. Collaborate with internal teams and customers to establish baselines and level-set the security requirements, security controls, and … 7+ years experience working in areas related to security assurance, such as cybersecurity, auditing, security architecture, regulatory affairs or public sector agencies involved in cybersecurity management. Experience working with governance, risk and compliance programs that directly involve interaction with regulatory bodies. Proficient with government security frameworks, policies and standards (e.g. PSPF, ISM, DSPF. ASD Essential Eight) Experience working with cloud More ❯

Counsel, you'll be the go-to expert on contracts and contract management, data protection, and legal risk. You'll also have influence in shaping our broader legal strategy, governance standards, and risk frameworks including input into board-level discussions. You'll collaborate closely with Sales, Product, Support, Development, and the Executive team to ensure legal clarity, reduce friction in … variations, and supplier terms Embed GDPR and DPA best practices into commercial and operational workflows Support due diligence and contract review in any acquisition processes Contribute to legal strategy, governance best practice and risk management at leadership level Be known across the business as a responsive, clear and strategic partner Model SmartSurvey's values: Own It End-to-End, Make … base Advise teams on IP, licensing, public procurement and regulatory obligations Identify legal risks early and communicate them with clarity and solutions Help define and evolve company-wide legal governance, risk tolerance, and compliance frameworks Represent Legal perspectives in senior meetings and provide board-level input where required Skills & Experience Must-Haves Qualified solicitor in England with 5+ years PQE More ❯

with these teams to enhance the Group's overall security and technology risk posture. Reports to: Director - Security Architecture Key Relationships & Committees Senior Manager - Cyber TPRM Head of Cyber GRC (and team) Business Information Security Officers Security Domain Forum and other relevant Domain Fora Business Aligned Principal Security Architects Security Architecture Review Team CyberSecurity Engineering CyberSecurity Application Security Team Cloud … vision and direction. Align the question set/responses, compliance and scoring capabilities, function, outcomes and robustness of AppHealth with the requirements of Key Controls managed by the Cyber GRC function, and align with other Group requirements such as uplift programme spend Seek, prioritise and act appropriately upon feedback provided on AppHealth; maintain appropriate traceability and progress tracking Be the More ❯

Experience in cyber security such as but not limited to a consulting security engineer, a consulting security architect, a CISO, a security evangelist, a pre-sales security engineer, a Governance, Risk, and Compliance (GRC) analyst Inclusive mindset - being a global team you'll need the willingness to build trust with a diverse set of partners & clients. The ability to handle More ❯

ongoing maintenance and uplift of the cybersecurity posture within the project. This spans systems, subsystems, products and external interfaces, and may include a mixture of operational cybersecurity functions and governance, risk and compliance (GRC) activities. Key responsibilities include: Perform systems security risk management activities, including identifying security threats, analysing the risk exposure and presenting treatment options to mitigate security risk. More ❯

senior cyber and information security professional to lead on safeguarding critical healthcare technology platforms. This role is ideal for someone with strong expertise in compliance, risk management, and security governance—particularly within public sector or regulated environments—who’s has been working at CISO level, or is ready to step into a strategic leadership position. A global, forward-thinking organisation … culture through staff training and awareness initiatives. Regulatory Compliance : Support ongoing compliance with UK and EU data protection laws and regulations. Leadership : Provide strategic leadership and mentorship within the governance, risk, and compliance team. Essential Skills: Security Leadership : Senior-level experience in information security, ideally in a CISO or equivalent role within software or health tech. Healthcare Standards : Strong knowledge … Expertise in building and managing security risk frameworks using methodologies like OCTAVE or FAIR. Incident Response : Hands-on experience leading incident response, including regulatory reporting and crisis management. Policy & Governance : Skilled in developing and enforcing comprehensive security policies and governance structures. Regulatory Compliance : Strong grasp of GDPR, the Data Protection Act, and NIS Directive within a health tech context. How More ❯

senior cyber and information security professional to lead on safeguarding critical healthcare technology platforms. This role is ideal for someone with strong expertise in compliance, risk management, and security governance—particularly within public sector or regulated environments—who’s has been working at CISO level, or is ready to step into a strategic leadership position. A global, forward-thinking organisation … culture through staff training and awareness initiatives. Regulatory Compliance : Support ongoing compliance with UK and EU data protection laws and regulations. Leadership : Provide strategic leadership and mentorship within the governance, risk, and compliance team. Essential Skills: Security Leadership : Senior-level experience in information security, ideally in a CISO or equivalent role within software or health tech. Healthcare Standards : Strong knowledge … Expertise in building and managing security risk frameworks using methodologies like OCTAVE or FAIR. Incident Response : Hands-on experience leading incident response, including regulatory reporting and crisis management. Policy & Governance : Skilled in developing and enforcing comprehensive security policies and governance structures. Regulatory Compliance : Strong grasp of GDPR, the Data Protection Act, and NIS Directive within a health tech context. How More ❯

senior cyber and information security professional to lead on safeguarding critical healthcare technology platforms. This role is ideal for someone with strong expertise in compliance, risk management, and security governance—particularly within public sector or regulated environments—who’s has been working at CISO level, or is ready to step into a strategic leadership position. A global, forward-thinking organisation … culture through staff training and awareness initiatives. Regulatory Compliance : Support ongoing compliance with UK and EU data protection laws and regulations. Leadership : Provide strategic leadership and mentorship within the governance, risk, and compliance team. Essential Skills: Security Leadership : Senior-level experience in information security, ideally in a CISO or equivalent role within software or health tech. Healthcare Standards : Strong knowledge … Expertise in building and managing security risk frameworks using methodologies like OCTAVE or FAIR. Incident Response : Hands-on experience leading incident response, including regulatory reporting and crisis management. Policy & Governance : Skilled in developing and enforcing comprehensive security policies and governance structures. Regulatory Compliance : Strong grasp of GDPR, the Data Protection Act, and NIS Directive within a health tech context. How More ❯

across critical business systems Lead user groups and represent the organisation at regional and national collaboration meetings Drive system performance, functionality improvements, and service integration across departments Own change governance, risk escalation, and compliance processes Liaise with suppliers, delivery teams, and governance functions to align with operational and national strategies Oversee SLAs, KPIs, and continuous improvement across the core digital … support training, user adoption, and cultural alignment What You'll Bring: Proven experience managing large-scale ICT systems or services in a complex environment Strong stakeholder engagement and service governance capability Excellent understanding of management systems like RMS (Niche), Pronto, or similar Familiarity with service management frameworks (e.g., ITIL), GDPR/data protection, and cyber security Project management exposure (Agile More ❯

could impact Ops/Back Office functions. Develop and maintain dashboards and reporting tools to provide real-time risk information to senior management. Prepare and present risk reports for governance forums, such as risk committees, highlighting critical issues and potential impact on business continuity. Design and implement key risk controls in partnership with operational teams to manage identified risks within … . Strong understanding of operational processes, risk frameworks, and regulatory requirements. Excellent analytical skills, with experience in data analysis and reporting. Proficiency in risk management software and tools (e.g., GRC platforms). Exceptional communication and interpersonal skills, with the ability to influence and engage stakeholders at all levels. Experience in managing regulatory exams and relationships with examiners and auditors. Ability More ❯

well as to our customers. Classified Networks Deputy is a role which falls within the Security function and responsibilities range from project work, change control management, risk assessment, vulnerability governance, incident review, penetration testing and compliance activities. As part of the Information Security team, the successful candidate will enable best practice and adherence to compliance frameworks. Additionally, working in the … regard to security and risk. In liaison with Company SME's and/or Contractors to ensure all vulnerabilities of new products and services are properly addressed using appropriate GRC techniques. Classified Network Auditing and Compliance reviews including penetration testing. Vulnerability management (patching, COTS & OS) assessments together with remediation instruction. Promote the Information Security requirements and regimes within the Company More ❯

aligned with business goals, ensuring effective integration of controls across networks, applications, cloud environments, and enterprise systems. Reporting to the Cyber Resilience Manager, you'll work across technical and governance functions to ensure ongoing protection against an evolving threat landscape, while supporting incident response, architecture design, compliance, and risk management. Key Responsibilities Design and maintain enterprise-wide security architectures aligned … to business objectives and compliance requirements Implement security controls across infrastructure, applications, and cloud platforms Conduct risk assessments and collaborate with GRC teams to manage identified risks Integrate security measures into the software development lifecycle (SDLC) and broader IT processes Engage with architects, IT teams, and external suppliers to embed security into system design Develop and maintain technical incident response More ❯

will be responsible to identify, documenting, and standardising operational processes across multiple Enterprise Security teams. You will be working closely with stakeholders in areas such as Cyber Defense Operations, GRC, Security Architecture and Security Technology Operations. Tell me more, tell me more... Our client is currently looking for a new recruit in joining their Enterprise Security Team please read on … process design , or automation consulting , ideally in enterprise environments. Good background in process mapping methodologies (e.g. BPMN, swimlane diagrams). Experience with ServiceNow and its associated modules (ITSM, SecOps, GRC). Familiarity with cybersecurity domains , including SOC operations, incident response, change and problem management, and risk/compliance processes. Ability to work with both technical and business partners to extract More ❯

will be responsible to identify, documenting, and standardising operational processes across multiple Enterprise Security teams. You will be working closely with stakeholders in areas such as Cyber Defense Operations, GRC, Security Architecture and Security Technology Operations. Tell me more, tell me more... Our client is currently looking for a new recruit in joining their Enterprise Security Team please read on … process design , or automation consulting , ideally in enterprise environments. Good background in process mapping methodologies (e.g. BPMN, swimlane diagrams). Experience with ServiceNow and its associated modules (ITSM, SecOps, GRC). Familiarity with cybersecurity domains , including SOC operations, incident response, change and problem management, and risk/compliance processes. Ability to work with both technical and business partners to extract More ❯

will be responsible to identify, documenting, and standardising operational processes across multiple Enterprise Security teams. You will be working closely with stakeholders in areas such as Cyber Defense Operations, GRC, Security Architecture and Security Technology Operations. Tell me more, tell me more... Our client is currently looking for a new recruit in joining their Enterprise Security Team please read on … process design , or automation consulting , ideally in enterprise environments. Good background in process mapping methodologies (e.g. BPMN, swimlane diagrams). Experience with ServiceNow and its associated modules (ITSM, SecOps, GRC). Familiarity with cybersecurity domains , including SOC operations, incident response, change and problem management, and risk/compliance processes. Ability to work with both technical and business partners to extract More ❯

is remote-first, with occasional travel to client sites where needed. THE OPPORTUNITY: ✔ Play a key role in high-assurance, cyber advisory projects ✔ Support defence clients with strategy, architecture, GRC, and more ✔ Remote-first with flexible working, strong progression path ✔ Full benefits inc. private healthcare, bonus + unlimited training resources ✔ SC Clearance required CORE SKILLS & EXPERIENCE: • Strong knowledge of MOD … Cyber/GRC practices – e.g. RMADS, Secure by Design • Experience working with Defence Primes or directly with MOD clients • Security assessments, risk frameworks, and technical assurance • Cyber vulnerability investigation and reporting • Cloud security knowledge, including architecture & compliance • Any IAM/Zero Trust/OT Security experience – highly desirable TO BE CONSIDERED: Send your CV to luke.parry@searchability.com for an informal More ❯

research reports. Understanding of priorities of the chief risk officer including enterprise risk management, integrated risk management, third-party risk management, ESG risk and reputational risk. Deep understanding of Governance, Risk, and Compliance (GRC) software and other risk focused technologies. Additional benefits we offer... Competitive salary (with annual review) Performance-driven quarterly bonus scheme Pension with enhanced employer contribution Generous More ❯