51 to 75 of 275 GRC Jobs in the UK

Senior GRC Specialist City of London/Hybrid £Competitive + strong bonus and benefits GRC Frameworks, ISO 27001, NIST, DORA Senior IT GRC Specialist is required by prestigious financial services organisation in the heart of the City. In this collaborative role, you will support the development and enhancement of IT Governance, Risk, and Compliance frameworks, working closely with senior stakeholders … internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business. Key Responsibilities: Governance: Contributing to the implementation and continuous development of IT GRC frameworks. Assisting in the review and maintenance of IT GRC documentation. Assist in the implementation and communication of IT risk and control management frameworks. Conduct governance reviews in line … with agreed schedules and document outcomes. Maintain documentation for IT risk and control management processes. Support the preparation and delivery of formal IT GRC reporting. Risk: Identifying, assessing, and documenting IT risks. Supporting IT risk management activities, including the execution of technical IT risk assessments. Supporting risk owners to define remediation plans and monitor progress on remediation activities. Manage day More ❯

various tools and activities. Manage and improve Three's Security Exception process. Work effectively with Enterprise risk and compliance functions to escalate enterprise-level Technology and Security risks. Operate GRC tools for Risk Management to record, track, and monitor risks and controls. Support ongoing education and awareness activities related to Security policies, Risk management frameworks, and governance across the company. More ❯

analysing and recommending changes to processes/systems within BUs, across multiple departments and the division as a whole. Responsibilities Contributing to the development, implementation and maintenance of internal governance frameworks, including policies, standards and procedures Maintaining compliance with relevant laws, regulations and industry standards (e.g. GDPR), through collaboration with risk owners in Legal, HR and other relevant departments Monitoring More ❯

analysing and recommending changes to processes/systems within BUs, across multiple departments and the division as a whole. Responsibilities Contributing to the development, implementation and maintenance of internal governance frameworks, including policies, standards and procedures Maintaining compliance with relevant laws, regulations and industry standards (e.g. GDPR), through collaboration with risk owners in Legal, HR and other relevant departments Monitoring More ❯

We are looking for a proactive Information Security Risk Analyst to join our dynamic Information Security Team. In this role, you will play a crucial part in strengthening our governance, risk, and compliance initiatives related to information security. Your efforts will help ensure our organisation meets regulatory standards, effectively manages security risks, and maintains a robust security posture to safeguard … team. Here’s a taste of what you will be doing as a Risk Analyst at Nottingham Building Society: - Framework Development: Develop and maintain the organisation’s information security governance, risk, and compliance framework. Risk Assessments: Conduct risk assessments to identify vulnerabilities, focusing on protecting customer data and financial systems. Regulatory Compliance: Ensure compliance with regulations and standards like GDPR … information security needs for financial institutions and building societies. Security Controls and Risk Management: Strong understanding of security controls, risk management practices, and compliance requirements in the financial sector. GRC Software Experience: Experience with platforms like Archer, ServiceNow, LogicGate, and OneTrust is a plus. Analytical Skills: Excellent ability to assess security risks and suggest actionable remediation plans. Communication Skills : Strong More ❯

We are looking for a proactive Information Security Risk Analyst to join our dynamic Information Security Team. In this role, you will play a crucial part in strengthening our governance, risk, and compliance initiatives related to information security. Your efforts will help ensure our organisation meets regulatory standards, effectively manages security risks, and maintains a robust security posture to safeguard … team. Here’s a taste of what you will be doing as a Risk Analyst at Nottingham Building Society: - Framework Development: Develop and maintain the organisation’s information security governance, risk, and compliance framework. Risk Assessments: Conduct risk assessments to identify vulnerabilities, focusing on protecting customer data and financial systems. Regulatory Compliance: Ensure compliance with regulations and standards like GDPR … information security needs for financial institutions and building societies. Security Controls and Risk Management: Strong understanding of security controls, risk management practices, and compliance requirements in the financial sector. GRC Software Experience: Experience with platforms like Archer, ServiceNow, LogicGate, and OneTrust is a plus. Analytical Skills: Excellent ability to assess security risks and suggest actionable remediation plans. Communication Skills : Strong More ❯

or advisory work in support of a highly technical environment. 3+ years of experience in performing and/or participating in technical assessments of complex IT architecture • Experience with Governance, Risk, and Compliance tools and technology. Hands-on experience working successfully in a very fast-paced, rapidly evolving, results-oriented environment • Experience in working directly with auditors/regulators in More ❯

skills, both verbal and written, with the ability to initiate and lead conversations with senior stakeholders Ability to prioritise and manage a varying workload Experience - Desirable Experience with using GRC solutions as part of a risk management programme. Understanding of cyber security best practices including knowledge of the general cyber threat landscape and common security controls architecture. Due to the More ❯

practices. Participate in rolling out global security initiatives including DLP, Network Segmentation, Secure Server Access Help oversee the development and implementation of the firm's information security program and governance framework Coordinate the response to security incidents and breaches and ensure timely reporting and remediation Liaise with external regulators, auditors, and vendors on security matters and compliance requirements Required Background … and interpersonal communication skills Ability to influence across all organizational levels, particularly senior management Ability to negotiate, influence, and collaborate to build successful relationships Knowledge and understanding of data governance challenges as it relates to Data Loss Prevention Experience with Governance, Risk, and Compliance (GRC) A BS/BA degree or higher in information technology Agile experience Fundamental knowledge of More ❯

practices. Participate in rolling out global security initiatives including DLP, Network Segmentation, Secure Server Access Help oversee the development and implementation of the firm's information security program and governance framework Coordinate the response to security incidents and breaches and ensure timely reporting and remediation Liaise with external regulators, auditors, and vendors on security matters and compliance requirements Required Background … and interpersonal communication skills Ability to influence across all organizational levels, particularly senior management Ability to negotiate, influence, and collaborate to build successful relationships Knowledge and understanding of data governance challenges as it relates to Data Loss Prevention Experience with Governance, Risk, and Compliance (GRC) A BS/BA degree or higher in information technology Agile experience Fundamental knowledge of More ❯

to continuously improve capability, enhance & integrate service offerings, and build the Professional Services team Skills/Must have: 5 years in a client-facing information/cyber security/GRC role Professional certifications including but not limited to CISSP, CCSP, CISM, CRISC, CISA, CDPSE. Experience in auditing and implementing security standards such as ISO 27001/2, NIST CSF, and More ❯

Position Summary As a Security Consultant, you will be responsible for delivering customer projects across a range of GRC services in line with your current capabilities, and future capabilities after suitable training/mentoring. You will be responsible for providing professional service delivery including but not limited to; consultancy services and audit/assessment services against multiple security compliance frameworks …/standards, and delivery of other GRC consultancy services as required to service our customers’ needs. This role will require additional activities as part of your job responsibilities to support the delivery of services which will include, but not limited to; customer scoping calls and scoping activities, quality assurance activities, customer project admin/planning, service development activities, internal collaboration … needs of our customers. Objectives and Key Results The Security Consultant is part of the Cyber Practice. The key objectives and results will be to:• Successful delivery of customer GRC projects across the range of the Cyber Practice GRC services, in line with both employee capabilities and business needs• Pursue customer satisfaction by delivering projects to a high standard, meeting More ❯

We’re looking for a Governance, Risk and Compliance (GRC) Analyst to join our Cyber Security and Risk team here at N Brown GroupThe Governance, Risk and Compliance team is responsible for the development and rollout of our security policies and procedures; for building an awareness programme to promote a strong security culture across the organisation; identifying and tracking risks … line risk to develop suitable controls and metrics to ensure the Digital Operations department is operating within risk appetite, and track remediation tasks when it is not. As a Governance, Risk and Compliance (GRC) Analyst you will work across all these areas of the team’s responsibilities and help to identify ways to improve simplicity and efficiency. Although this isn … t a technical role, you will be expected to have sufficient technical expertise to understand technology risks and controls to mitigate them What will you do as a Governance, Risk and Compliance (GRC) Analyst at N Brown? Support the risk management process by identifying and evaluating threats, and work with risk owners to understand the business impact and help develop More ❯

Increase your chances of reaching the interview stage by reading the complete job description and applying promptly. Join our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firm's robust risk strategy. As a Tech Risk & Controls Senior Associate in Cybersecurity and Technology Controls, you will contribute to the successful management … of technology-aligned aspects of Governance, Risk, and Compliance in line with the firm's standards. Leverage your broad knowledge in risk management principles and practices to assess and monitor risks and implement effective controls. Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm's risk posture. Through … frameworks, including Swift, CHAPS, and other industry standards. Job responsibilities Support efficient and effective execution of assessments, ensuring alignment with organizational objectives, risk appetite, and regulatory compliance. Support the governance of issues raised from our assessments, tracking concerns, and resolution of findings, and ensure timely and effective closure of identified control deficiencies. Assess and monitor technology risks, ensuring compliance with More ❯

We're looking for a Technical Specialist to support the development and automation of our evolving technology risk management processes and IT governance framework. In this global position, you'll be part of the Technology Governance, Risk and Compliance (GRC) team, working closely with colleagues across Technology, Cybersecurity, Business Controls, and Compliance. Client Details This client is a trading firm … based in London. Description We're looking for a Technical Specialist to support the development and automation of our evolving technology risk management processes and IT governance framework. In this global position, you'll sit in the Technology Governance, Risk and Compliance team, working closely with colleagues across Technology, Cybersecurity, Business Controls, and Compliance. You'll help coordinate the many … moving parts that ensure our systems and processes remain efficient, secure, and compliant with regulatory and industry standards. Key Responsibilities Design, implement, and improve technology governance processes across areas such as IT service management, disaster recovery, and business continuity Automate compliance monitoring and reporting using scripting tools (e.g., Bash, PowerShell, Python, or SQL) Build dashboards and metrics that provide insight More ❯

NIST and RSA Archer platforms. Preferred Qualifications: Bachelor’s degree in Information Security, Cybersecurity, or related field. Professional certifications such as CISSP, CISA, CRISC, or CISM. Familiarity with other governance, risk, and compliance (GRC) tools. More ❯

NIST and RSA Archer platforms. Preferred Qualifications: Bachelor’s degree in Information Security, Cybersecurity, or related field. Professional certifications such as CISSP, CISA, CRISC, or CISM. Familiarity with other governance, risk, and compliance (GRC) tools. More ❯

in this role. ISO/IEC 27001 Lead Auditor or Lead Implementer certification. Familiarity with GDPR, NIS2, ISO/IEC 42001or other data protection and security regulations. Experience with GRC platforms or compliance automation tools. Cyber Essentials PLUS hands-on assessment or audit experience. Certifications such as CISSP, CISM, or CISA would be advantageous. The Location: Bristol (hybrid working) The More ❯

in this role. ISO/IEC 27001 Lead Auditor or Lead Implementer certification. Familiarity with GDPR, NIS2, ISO/IEC 42001or other data protection and security regulations. Experience with GRC platforms or compliance automation tools. Cyber Essentials PLUS hands-on assessment or audit experience. Certifications such as CISSP, CISM, or CISA would be advantageous. The Location: Bristol (hybrid working) The More ❯

in this role. ISO/IEC 27001 Lead Auditor or Lead Implementer certification. Familiarity with GDPR, NIS2, ISO/IEC 42001or other data protection and security regulations. Experience with GRC platforms or compliance automation tools. Cyber Essentials PLUS hands-on assessment or audit experience. Certifications such as CISSP, CISM, or CISA would be advantageous. The Location: Bristol (hybrid working) The More ❯

in this role. ISO/IEC 27001 Lead Auditor or Lead Implementer certification. Familiarity with GDPR, NIS2, ISO/IEC 42001or other data protection and security regulations. Experience with GRC platforms or compliance automation tools. Cyber Essentials PLUS hands-on assessment or audit experience. Certifications such as CISSP, CISM, or CISA would be advantageous. The Location: Bristol (hybrid working) The More ❯

in this role. ISO/IEC 27001 Lead Auditor or Lead Implementer certification. Familiarity with GDPR, NIS2, ISO/IEC 42001or other data protection and security regulations. Experience with GRC platforms or compliance automation tools. Cyber Essentials PLUS hands-on assessment or audit experience. Certifications such as CISSP, CISM, or CISA would be advantageous. The Location: Bristol (hybrid working) The More ❯

such as ISO 27005, NIST RMF , or similar. Available to start immediately or within short notice . Bonus Points For: Certifications: CISSP, CISM, CRISC, CEH or equivalent. Experience using GRC tools and managing risk registers. Understanding of UK GDPR and data protection best practices. Interested? Apply now or message me directly to discuss. More ❯

organisation's key advisor on cyber risk and assurance, influencing executive leadership and over 9,000 users - working collaboratively across internal teams and over 100 partners and suppliers. Oversee governance, risk, compliance, and security operations including incident response, threat intelligence, vulnerability management, and penetration testing. Direct the selection, deployment, and maintenance of appropriate security technologies and processes to protect ECCs … to £40 million. Lead a team of approximately 15, including six direct reports, fostering a culture of professionalism, learning, and service excellence. Experience Needed: Deep expertise in cyber security governance, compliance, and risk management within complex organisations. Strong strategic leadership experience across large scale organisations, with the ability to influence and communicate effectively at senior and political levels. A track More ❯

Please Note: The deadline for applying is 23.59 the day before the job posting end date. Job Title: Cyber Resilience & Metrics Manager Location: Kingston/Port Sunlight Office Work-Level: 2B Unilever is one of the world's leading consumer More ❯