26 to 50 of 292 GRC Jobs in the UK

Excellent communication skills, with the ability to convey security complexities to audiences of various technical abilities (e.g. senior stakeholders, development teams). Desirable: End-to-end security involvement, including governance, risk and compliance, operational security, supply chain security and secure user management. Active participation in knowledge sharing activities, both within the team and at a wider capability level and externally More ❯

support new, digitally enabled business models. Supporting organisations in developing actionable transformation programmes for the organisations, and navigating cyber transformation to support new, digitally enabled business models. Designing effective governance roles and operational frameworks to assess and define prioritised, risk-based roadmaps to increase cyber maturity, prepare for and support regulatory compliance, and allow cyber to play a key role … such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

to join our dynamic international team. As a Senior Security Consultant, you will play a crucial role in advising our clients at C-level on security strategy, governance, risk management, and compliance to enhance their cybersecurity maturity. You will work closely with clients to identify risks, conduct workshops, implement effective strategies, and ensure compliance with industry regulations and best practices. More ❯

of emerging cyber threats. Working closely with stakeholders across IT, security, and compliance, you'll strengthen the business's overall security posture. What You'll Bring: Extensive experience in governance, risk, and compliance within cyber security Proven leadership skills, with experience guiding teams in dynamic, complex environments Deep understanding of risk management frameworks and cyber security best practices Strong analytical More ❯

Are you looking for an exciting new opportunity? Join a London based, product-agnostic consultancy specialising in information security governance, risk, and compliance management for clients across Europe. With a deep-rooted passion for cyber risk, the team excels at developing measurable controls that align with an organisation's risk appetite, capacity, and tolerance for breaches. Known for crafting innovative More ❯

and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯

and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯

and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯

and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯

and Head of Function. Engage regularly with IT, Security, and Business stakeholders to align risk reporting with organizational objectives. What We’re Looking For: RSA Archer expertise or other GRC tooling Proven experience with NIST or other regulatory-aligned frameworks. Deep understanding of Cyber Risk Management principles. Exceptionally organized, with strong attention to detail and ability to manage multiple priorities. More ❯

team of high quality advisors that are able to work effectively with technical teams and business leaders around the globe. Gather feedback on policies and standards from implementation teams, GRC and cyber operations to improve and optimize the policies and standards. Act as a point of escalation for any infosec or policy issues, and undertaking risk assessments before approving any More ❯

Please visit our careers site to find out more about working at Ki Job Details: Technology Governance Analyst Full details of the job. Vacancy Name: Technology Governance Analyst Employment Type: Permanent Location: London Role Details How insurance is underwritten here hasn't changed in 300 years - until now. At Ki, we are genuinely solving problems that haven't been solved … a risk taxonomy and reference library. Incident & Event Management - Review, analyse, and document internal/external risk events; support risk assessments, control testing, and vendor assurance processes. Risk Controls & Governance - Develop and maintain governance frameworks, policies, and IT controls; manage compliance procedures and support the GRC platform. Technology Service Governance - Operate service interfaces, track governance decisions, analyse performance metrics, and … facilitate audits/certifications. Reporting & Documentation - Prepare reports on technology risk and governance performance; maintain accurate documentation and explore new risk visualisations. Collaboration & Learning - Drive awareness campaigns, support compliance training, research advancements in technology risk, and contribute to team development. Required skills & experience: Experience in Enterprise technology services, support or administration including ITIL and asset management Understanding of various types More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

GRC Manager Up to £78,000 + bonus South Wales/Hybrid I'm looking for a GRC Manager to oversee the identification, evaluation and management of risks from a cyber security perspective for a client based in South Wales. The ideal candidate will have experience of leading a GRC team and a firm grasp of experience of commonplace infosec … and regulations * Reporting risk findings and actions to the Risk Management Manager * Supporting incident response planning with risk insights * Continuously improving risk assessment methodologies What I'm Looking For: * GRC leadership experience * Strong understanding of security frameworks (e.g., NIST, ISO 27001). * Proven experience completing internal and external cyber risk assessments * CNI experience would be very useful What's in More ❯

GRC Manager Up to 78,000 + bonus South Wales/Hybrid I'm looking for a GRC Manager to oversee the identification, evaluation and management of risks from a cyber security perspective for a client based in South Wales. The ideal candidate will have experience of leading a GRC team and a firm grasp of experience of commonplace infosec … and regulations Reporting risk findings and actions to the Risk Management Manager Supporting incident response planning with risk insights Continuously improving risk assessment methodologies What I'm Looking For: GRC leadership experience Strong understanding of security frameworks (e.g., NIST, ISO 27001). Proven experience completing internal and external cyber risk assessments CNI experience would be very useful What's in More ❯

Role: Senior GRC & Compliance Manager Location: London, UK Duration: Permanent JOB DESCRIPTION: Role Name: Senior GRC & Compliance Manager (Business GRC role for SAP S/4HANA transformation programme) Requesting experienced Senior Governance, Risk & Compliance (GRC) professional with a proven track record in SAP S/4HANA and regulatory compliance within pharmaceutical and financial environments. This role will lead governance oversight … ensuring SAP Finance & Non-Finance systems meet strict regulatory, corporate, and quality standards. You as GRC Manager will work closely with senior stakeholders, finance, IT, and quality teams to deliver compliance excellence across large-scale SAP programmes. Key Responsibilities Lead governance, risk, and compliance for SAP Finance & Non-Finance systems. Ensure adherence to SOX, GxP, GDPR and related regulatory requirements. … Oversee implementation and maintenance of IT Quality Management Systems (QMS). Provide governance oversight during SAP S/4HANA implementations, upgrades, and integrations. Review and validate SAP design/configuration to meet financial governance standards. Collaborate with cross-functional teams to ensure alignment with corporate and regulatory frameworks. Must-Have Skills 10+ years GRC experience in senior roles. Proven experience More ❯

audiences of various technical abilities (e.g. senior stakeholders, development teams). DESIRABLE Experience of Identity management and authentication/authorisation products and patterns. End-to-end security involvement, including governance, risk and compliance, operational security, supply chain security and secure user management. Penetration testing qualifications (e.g. OSCP, CREST, TIGER or equivalent) Experience leading security engineers and other junior members of More ❯

audiences of various technical abilities (e.g. senior stakeholders, development teams). DESIRABLE Experience of Identity management and authentication/authorisation products and patterns. End-to-end security involvement, including governance, risk and compliance, operational security, supply chain security and secure user management. Penetration testing qualifications (e.g. OSCP, CREST, TIGER or equivalent). Experience leading security engineers and other junior members More ❯

new security technologies to support compliance efforts. Enhance Team & Program Capacity: Learn from senior team members and external experts, developing a strong foundational understanding of product security, regulatory compliance (GRC principles), and incident response. Assist in the coordination of the 'security champions' program by preparing materials, tracking engagement, and supporting training initiatives. Basic Qualifications We are looking for an enthusiastic More ❯

new security technologies to support compliance efforts. Enhance Team & Program Capacity: Learn from senior team members and external experts, developing a strong foundational understanding of product security, regulatory compliance (GRC principles), and incident response. Assist in the coordination of the "security champions" program by preparing materials, tracking engagement, and supporting training initiatives. Basic Qualifications We are looking for an enthusiastic More ❯

optimize EDR/XDR toolsets and MDR services to meet incident response needs. Stakeholder & Compliance Translate technical threats into clear business risks and mitigation actions for management. Collaborate with GRC to ensure compliance with regulations and frameworks (e.g. NCSC CAF, ONR SyAPs, ISO27001). Support major security incidents and exercises with forensic and technical expertise. Who you are We're More ❯