26 to 50 of 275 GRC Jobs in the UK

We’re working with a leading organisation in the entertainment industry who are seeking an experienced Governance, Risk and Compliance (GRC) Manager to join their Group division. This is a fantastic opportunity for a proactive and strategic individual to shape and maintain a strong compliance culture across a dynamic and fast-growing business operating across the UK and Europe. Location … + 25 days holiday + bank holidays + Up to 5% bonus Full-time, Permanent In this newly-created role, you’ll lead the execution of the Group GRC programme, align risk and compliance efforts with wider business goals, and ensure robust governance across information security and operational practices. Key Responsibilities: Develop and implement a comprehensive GRC framework across the … and standards Ensure compliance with GDPR, CIS18, PCI DSS, and ISO27001 Lead on third-party audits and provide documentation and evidence Support cybersecurity programmes and incident response planning Provide GRC advisory to senior leadership and cross-functional teams Promote a culture of risk awareness through training and communication Monitor changes in regulation and adapt the GRC framework accordingly Ideal Candidate More ❯

technology compliance, and other industry best practices. Own and manage the implementation of risk management tools and automation of processes using industry-leading platforms, including those that support AI governance when relevant. Lead or contribute to digital risk maturity assessments and process improvement initiatives. Develop and maintain documentation, reports, and dashboards for risk tracking and compliance monitoring, emphasizing digital risks. … methodologies, and compliance requirements. Ability to interpret regulatory requirements and translate them into actionable business strategies for IT risks and opportunities. Proficiency in risk management tools and platforms (e.g. GRC platforms), ideally with experience in implementing and/or optimizing these solutions. Experience in leading risk assessments and developing and implementing risk mitigation strategies. Strong analytical and problem-solving skills … and presentation skills for executive reporting, stakeholder engagement, and internal team leadership. To qualify for the role you should have 5+ years of experience in digital risk management, IT governance, cybersecurity, or related fields; experience in AI would be an additional advantage. Professional certifications such as CISA, CISSP, or equivalent (preferred but not mandatory). Expertise in risk management tools More ❯

services, and assets, ensuring compliance with industry standards (e.g., CIS, NIST, ISO 27001, SOC 1/2) and internal security policies across all platforms and environments. Lead the security governance mechanism for capturing and managing security baseline adherence to rectify any policy exceptions and dispensations (deviations or gaps) against the security policy standards and controls and align security risks. Oversee … Artificial Intelligence, post quantum computing and cyber risk quantification. Considerable experience in cybersecurity, with notable experience in a senior or managerial role focused on security policy, standards, controls testing, governance, and compliance. Mastery experience of how security controls are implemented, their effectiveness, and alignment with security policy, standards and NIST best practice guidelines. Strong ability to consult with control owners … information clearly and effectively. Presenting data insights to non-technical stakeholders. Strong understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Experience with GRC tools and best practices. RSA Archer is preferred. Proficiency in security frameworks (e.g., NIST CSF, ISO 27001, SOC1,2). Expert knowledge of security assurance practices such as audit, risk More ❯

impact in Cyber Security, this role is for you! Responsibilities: Ensure protection of information assets and technologies Participate in security audits like ISO27001, ISO27701, ISO20000, NIST-CSF, and IASME Governance Conduct and document internal audits for our clients Deliver security awareness training, including public speaking engagements Manage Third-Party Risk Management (TPRM) including vendor security reviews Assist the Sales Team … with scoping engagements and delivering valuable services to clients Skills/Must have: Extensive experience in Information Security Governance, Risk, and Compliance (GRC) Experience contributing to an Information Security Management System (ISMS) certified to ISO27001 standards Knowledge of the Cyber Essentials Plus Scheme, GDPR, and Data Protection Act (2018) Strong communication skills and the ability to build relationships with internal More ❯

Role Description The Information Security Analyst plays a key role in supporting Allianz UK's Information Security initiatives, with a focus on executing the Governance, Risk, and Compliance (GRC) activities and implementing the NIST Cyber Security Framework (CSF) across the organisation. The NIST analyst will involve in day-to-day GRC operations, such as designing and implementing security controls, interpreting … non-compliance issues and information security risks. As an Information Security Analyst at Allianz UK, you will be pivotal in advancing the company's Information Security initiatives by executing Governance, Risk, and Compliance (GRC) activities and implementing the NIST Cyber Security Framework (CSF) organization-wide. Your role will involve daily GRC operations, including designing and implementing security controls, interpreting requirements … catalogue, policies, and procedures aligned with the NIST Cyber Security Framework (CSF). Collaborating with the wider organization to integrate control testing and risk management activities into the existing governance framework. Assisting cross-functional teams and business units in integrating security measures into business operations. Supporting compliance activities with the Group Information Security Framework, Cyber Essentials, and PCI DSS attestation. More ❯

of experience in cybersecurity, specializing in cyber assurance, third-party risk management, and regulatory compliance audits. Proven track record of leading cyber assurance engagements and guiding clients through risk management and compliance processes based on industry frameworks (e.g., NIST, ISO 27001). Expertise in managing third-party audits and ensuring regulatory compliance across audit lifecycles. In-depth understanding of regulatory … Science, Engineering, or a related field. Relevant certifications such as CREST, OSCP, CISSP, CISM, CISA, ISO 27001 Lead Auditor, SANS, or other recognized credentials in cybersecurity, third-party risk management, and compliance auditing. Skills: Strong commercial acumen, with proven ability to generate new business in cyber assurance and regulatory compliance services. Exceptional communication, presentation, and analytical skills with the ability … Head of Credit Risk Management Services London, England, United Kingdom 1 day ago Director of Risk & Compliance (law firm) London, England, United Kingdom 2 months ago Head of Cyber Governance, Risk and Complience London, England, United Kingdom 4 days ago London, England, United Kingdom 3 weeks ago Head of Governance, Risk and Compliance - Info Sec - 12 Month FTC Director Financial More ❯

of experience in cybersecurity, specializing in cyber assurance, third-party risk management, and regulatory compliance audits. Proven track record of leading cyber assurance engagements and guiding clients through risk management and compliance processes based on industry frameworks (e.g., NIST, ISO 27001). Expertise in managing third-party audits and ensuring regulatory compliance across audit lifecycles. In-depth understanding of regulatory … Science, Engineering, or a related field. Relevant certifications such as CREST, OSCP, CISSP, CISM, CISA, ISO 27001 Lead Auditor, SANS, or other recognized credentials in cybersecurity, third-party risk management, and compliance auditing. Skills: Strong commercial acumen, with proven ability to generate new business in cyber assurance and regulatory compliance services. Exceptional communication, presentation, and analytical skills with the ability … Head of Credit Risk Management Services London, England, United Kingdom 1 day ago Director of Risk & Compliance (law firm) London, England, United Kingdom 2 months ago Head of Cyber Governance, Risk and Complience London, England, United Kingdom 4 days ago London, England, United Kingdom 3 weeks ago Head of Governance, Risk and Compliance - Info Sec - 12 Month FTCDirector Financial Crime More ❯

d love to hear from you. About You We'd love to hear from you if you can demonstrate expertise in at least one of the following areas : Security governance, risk and compliance (GRC), aligned with HMG cybersecurity and information assurance policies, standards, and guidance with experience in consultancy or supplier roles. Securing OT (Operational Technologies) with knowledge and understanding More ❯

packaging solutions, paper products and recycling services in more than 30 different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and … risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T GRC scope, delegated and assigned by the Head of I&T GRC. Key Accountabilities Engage with More ❯

Vice President, Security Governance, Risk and Assurance About CLS: CLS is the trusted party at the centre of the global FX ecosystem. Utilized by thousands of counterparties, CLS makes FX safer, smoother and more cost effective. Trillions of dollars' worth of currency flows through our systems each day. Created by the market for the market, our unrivalled global settlement infrastructure … and shape a supportive and inclusive working environment in which everyone is encouraged to be open and forward-thinking. Job information: Functional title - VP, IT Security Risk Department - Security Governance and Risk Management Corporate level - Vice President Report to - Director of Security Location - London, onsite 2 days per week About the role The individual will be part of the security … function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is robust, compliant against the security policy, standards and controls. The position will require close collaboration with technical, operational, compliance and audit teams to create a secure and compliant technology environment. What you will be doing: Maintain security policy, standards, procedures and frameworks. Ensure More ❯

Vice President, Security Governance, Risk and Assurance About CLS: The full job description covers all associated skills, previous experience, and any qualifications that applicants are expected to have. CLS is the trusted party at the centre of the global FX ecosystem. Utilized by thousands of counterparties, CLS makes FX safer, smoother and more cost effective. Trillions of dollars' worth of … and shape a supportive and inclusive working environment in which everyone is encouraged to be open and forward-thinking. Job information: Functional title - VP, IT Security Risk Department - Security Governance and Risk Management Corporate level - Vice President Report to - Director of Security Location - London, onsite 2 days per week About the role The individual will be part of the security … function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is robust, compliant against the security policy, standards and controls. The position will require close collaboration with technical, operational, compliance and audit teams to create a secure and compliant technology environment. What you will be doing: Maintain security policy, standards, procedures and frameworks. Ensure More ❯

Senior IT GRC Analyst City of London/Hybrid £Competitive + strong bonus and benefits GRC Frameworks, ISO 27001, NIST A prestigious financial services organisation in the heart of the City of London is seeking a Senior IT GRC Analyst to join its dynamic team. In this collaborative role, you will support the development and enhancement of IT Governance, Risk … and Compliance (GRC) frameworks, working closely with senior stakeholders, internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key Responsibilities: Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk … and control management frameworks. Conduct governance reviews in line with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the preparation and delivery of formal IT GRC reporting. Risk: Identifying, assessing, and documenting IT risks. Supporting IT risk management activities, including the execution of technical IT risk assessments. Supporting risk owners to define remediation More ❯

oversight, conducting reviews across all environments, services, and assets to ensure compliance with industry standards (e.g., CIS, NIST, ISO 27001, SOC 1/2) and internal policies. Lead security governance to manage adherence to security policies, rectify exceptions, and align security risks. Oversee remediation review lifecycle, testing evidence, and producing reports on risk trends. Collaborate on vulnerability and patch management … preferred. Certifications such as CRISC, CISM, CISA, or similar. Experience with AI, post-quantum computing, and cyber risk quantification advantageous. Extensive cybersecurity experience, especially in security policy, standards, controls, governance, and compliance. Deep understanding of security controls, their effectiveness, and alignment with policies and best practices. Ability to consult on security remediation and evidence provision. Proficiency in security data analysis … and reporting. Excellent communication skills for technical and non-technical audiences. Knowledge of security risk management principles and taxonomy. Experience with GRC tools, preferably RSA Archer. Familiarity with security frameworks like NIST CSF, ISO 27001, SOC1/2. Understanding of security assurance practices, audits, and lifecycle management. Ability to lead teams through change and adapt to evolving threats. High integrity More ❯

Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment with … wellness and employee assistance programmes, gymflex, buy and sell annual leave, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external More ❯

Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment with … wellness and employee assistance programmes, gymflex, buy and sell annual leave, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external More ❯

PSD2 SCA, CSSF) and global standards (PCI DSS, SWIFT CSP). This role requires technical knowledge, strategic thinking, and expertise in managing third-party risk , outsourcing compliance , and identity governance to safeguard operational resilience. What you will be doing: Regulatory & Technical Compliance: Support compliance with GDPR and complementary regulations like DORA (Digital Operational Resilience Act) , ensuring alignment in areas such … as incident reporting and data protection. Translate requirements from PSD2 SCA , PCI DSS , and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procerdures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. … PAM). Conduct periodic user access reviews to ensure compliance with least privilege principles and regulatory requirements. Security awareness management experience. What we are looking for: 5+ years in GRC roles ; financial services or banking. Understanding of GDPR , DORA , PCI DSS, and outsourcing/third-party risk requirements. Hands-on experience with ISO 27001 implementation and third-party risk tools More ❯

PSD2 SCA, CSSF) and global standards (PCI DSS, SWIFT CSP). This role requires technical knowledge, strategic thinking, and expertise in managing third-party risk , outsourcing compliance , and identity governance to safeguard operational resilience. What you will be doing: Regulatory & Technical Compliance: Support compliance with GDPR and complementary regulations like DORA (Digital Operational Resilience Act) , ensuring alignment in areas such … as incident reporting and data protection. Translate requirements from PSD2 SCA , PCI DSS , and SWIFT CSP into technical security controls. Maintain IT security governance frameworks (ISO 27001, NIST CSF, CIS Controls). Manage and maintain Security Policies and procerdures Third-Party Risk & Outsourcing Management: Design and implement third-party risk management programs to assess vendors, cloud providers, and outsourced services. … PAM). Conduct periodic user access reviews to ensure compliance with least privilege principles and regulatory requirements. Security awareness management experience. What we are looking for: 5+ years in GRC roles ; financial services or banking. Understanding of GDPR , DORA , PCI DSS, and outsourcing/third-party risk requirements. Hands-on experience with ISO 27001 implementation and third-party risk tools More ❯

Job information: Functional Title - IT Security Specialist Department – Security Governance and Risk Management Corporate level – Associate Vice President Report to – Director of Security Location - London, onsite 2 days per week About the role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is robust, compliant … stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. RSA Archer is preferred. Financial and/or Banking industry experience preferred. Professional qualifications/certifications Ideally qualified in MSc Information Security, CICA, CRISC, CISM and More ❯

Job information: Functional Title - IT Security Specialist Department – Security Governance and Risk Management Corporate level – Associate Vice President Report to – Director of Security Location - London, onsite 2 days per week About the role: The individual will be part of the security function that is responsible for security governance, risk and assurance, to ensure the organisations security posture is robust, compliant … stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. RSA Archer is preferred. Financial and/or Banking industry experience preferred. Professional qualifications/certifications Ideally qualified in MSc Information Security, CICA, CRISC, CISM and More ❯

stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. RSA Archer is preferred (alternatives considered). Professional Certifications: Ideally qualified in MSc Information Security, CICA, CRISC, CISM and/or Data analysis beneficial but not More ❯

stakeholders Base level understanding of security risk management and taxonomy principles, to reduce risk to an acceptable level. Knowledge of vulnerability management and incident management practices. Ability to learn GRC tools and best practices. RSA Archer is preferred (alternatives considered). Professional Certifications: Ideally qualified in MSc Information Security, CICA, CRISC, CISM and/or Data analysis beneficial but not More ❯

Head of Cyber Governance, Risk and Compliance (GRC) Media Leading exciting International Media Giant, with a reputation for innovation and excellence They urgently require a talented, dynamic, relationship building Head of Cyber Governance, Risk and Compliance (GRC) to play a pivotal role help them shape and move to the next stage of their evolution To be considered you will have … demonstrable experience in:: Developing, implementing, and maintaining the organisation's cyber governance, risk management, and compliance strategies (GRC) and frameworks across enterprise scale organisations Ensure compliance with all relevant laws, regulations, and standards related to information and cyber security. Lead regular risk assessments and audits to identify potential security threats and vulnerabilities. Running and maintaining the IT Risk Management Framework. More ❯

Head of Cyber Governance, Risk and Compliance (GRC) Media Leading exciting International Media Giant, with a reputation for innovation and excellence They urgently require a talented, dynamic, relationship building Head of Cyber Governance, Risk and Compliance (GRC) to play a pivotal role help them shape and move to the next stage of their evolution To be considered you will have … demonstrable experience in:: Developing, implementing, and maintaining the organisation's cyber governance, risk management, and compliance strategies (GRC) and frameworks across enterprise scale organisations Ensure compliance with all relevant laws, regulations, and standards related to information and cyber security. Lead regular risk assessments and audits to identify potential security threats and vulnerabilities. Running and maintaining the IT Risk Management Framework. More ❯

about CyberArk , visit our CyberArk blogs or follow us on X , LinkedIn or Facebook . Job Description About the Role: We are seeking a highly motivated and detail-oriented GRC Compliance Expert to join our Governance, Risk, and Compliance team. This role is pivotal in supporting customer security assessments during RFx processes, driving compliance initiatives including DORA , NIS2 , and other … regulatory frameworks, and assisting with broader GRC activities across the organization. The ideal candidate is a self-starter with strong communication skills, who thrives in a fast-paced environment and is passionate about cybersecurity, regulatory compliance, and risk management. Please note that this is a hybrid role located in our office in London. We ask to come to the office … to compliance initiatives such as DORA , NIS2 , and other applicable standards and frameworks (e.g., ISO 27001, SOC 2, GDPR). Assist in the development, maintenance, and improvement of internal GRC processes, policies, and documentation. Collaborate with cross-functional teams (Security, Legal, IT, Product, etc.) to gather information and ensure compliance obligations are met. Participate in risk assessments, control testing, and More ❯

Senior GRC Specialist City of London/Hybrid £Competitive + strong bonus and benefits GRC Frameworks, ISO 27001, NIST, DORA Senior IT GRC Specialist is required by prestigious financial services organisation in the heart of the City. In this collaborative role, you will support the development and enhancement of IT Governance, Risk, and Compliance frameworks, working closely with senior stakeholders … internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key Responsibilities: Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk and control management frameworks. Conduct governance reviews in line … with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the preparation and delivery of formal IT GRC reporting. Risk: Identifying, assessing, and documenting IT risks. Supporting IT risk management activities, including the execution of technical IT risk assessments. Supporting risk owners to define remediation plans and monitor progress on remediation activities. Manage day More ❯