51 to 75 of 114 GRC Jobs in the UK

and Europe. Based in London, with occasional travel to other operational sites, you will help shape and mature the organisation's security governance, risk management practices, and compliance frameworks. You will work across both IT and OT domains, with specific focus on human risk management, supply chain security, policy development … tools with user-level behaviours (e.g., DLP, social engineering indicators, high-risk activity). Analyse and interpret threat intelligence to support security policies and governance updates. Contribute to the education, awareness, and training programme, including delivering stakeholder briefings. Review metrics to strengthen phishing resilience and behavioural security controls. Provide risk ...

practitioner who thrives on doing —not just advising. This is a delivery-focused role, perfect for someone who enjoys: Crafting and updating policies Driving governance, risk, and compliance Embedding secure-by-design practices Boosting security awareness and culture Being the go-to security expert within the business You'll work … independently, without line management duties, owning day-to-day information security operations. Our IT teams handle the tooling—your mission is governance, risk, compliance, and enabling secure delivery. What You'll Be Doing Own and manage all information security incidents & organisational risks Maintain and evolve our Information Security Management System ...

protecting client data, intellectual property, and business operations while enabling secure innovation. Through four key pillars Digital Trust, Technical Assurance, Security Operations, and Governance, Risk and Compliance (GRC) the team delivers comprehensive security solutions that align with our firms strategic objectives as well as client and regulatory requirements. Our integrated … workable, mature and optimized function and service. This role requires extensive experience across all Identity and Access Management core disciples including identity management, identity governance and administration, privileged access, and conditional access and in particular, machine identities. It also requires deep technical skills in the DevSecOps. This role will support ...

experienced Information Security Specialist to join one of our clients based in Leatherhead on a permanent basis. You will help strengthen their governance, risk and compliance (GRC) capability and help to continually improve their ISO 27001 Information Security Management System (ISMS) taking them through to certification. You'll apply hands … monthly Key Risk Indicator (KRI) reporting to the IT Security Manager. Essential certifications & knowledge ISO 27001 Lead Implementer or Lead Auditor (mandatory). Strong GRC background with proven delivery of ISO 27001-compliant ISMS. Experience with UK government security requirements and procurement processes. Understanding of construction-industry security risks and ...

provide technical leadership to the team & work closely with client enterprise architecture team and client ServiceNow Teams. We are seeking a ServiceNow IRM/GRC Architect with strong exposure to GenAI and Agentic AI capabilities to design and deliver intelligent risk, compliance, and governance solutions on the ServiceNow platform. … Level Solution Design Document. Defines and communicates, at an architectural and design level, technical solutions aligned with business problems and systems architecture. Ensures technical governance process and policies are being adhered to. Provides architectural controls to ensure the correct technical solutions are used when delivering business solutions. Creates and maintains ...

compliance-based checklist to a dynamic, risk-based operation. We are looking for a Senior Policy Administrator to lead the modernization of our governance framework.This is not a clerical role. You will not just be formatting Word documents. You will be a strategic partner to our Security Architecture and Engineering … enforceable standards. You will serve as the bridge between "What the Framework says" (NIST/TPN) and "What the Architecture does." Key Responsibilities 1. Governance Framework Architecture Build the Engine: Design and maintain the comprehensive hierarchy of Information Security documents ( Policy \to Standard \to Procedure \to Guideline ). Ensure ...

HANA Security and GRC Consultant Rate: £485-£575 per day | Inside IR35 Location: Remote - UK SC Cleared or Eligible Required We are seeking an experienced SAP HANA Security and GRC Consultant to provide hands-on support, design, and implementation of SAP Identity Access Governance (IAG) solutions. The successful candidate will … Ensure all security implementations align with regulatory requirements and internal standards. Candidate Requirements Minimum 5 years of hands-on experience in SAP Security and Governance, Risk, and Compliance (GRC) solutions. Proven experience with SAP Identity Access Governance (IAG) implementation, configuration, and administration. Strong understanding of SAP authorisation concepts, roles, profiles ...

Please find below the updated job description for the Governance & Risk Management Consultant role: Need Active SC Clearance Role Summary We are looking for a Governance & Risk Management Consultant (15+ years experience) with strong expertise in compliance mapping, vulnerability risk management, and risk escalation. The role focuses on aligning platforms … Controls Framework mapping (NIST, ISO 27001, NHS DSP Toolkit, NCSC CAF) Strong exposure to vulnerability risk management across hybrid and cloud estates (AWS, Azure) Governance oversight of vulnerability burn-down across platforms, applications, servers, and systems Compliance reporting aligned to hardening standards (permissive accounts, IaC, etc.) Risk and issue assessment ...

aligned to zero trust principles Improve the existing identity estate (PAM, hygiene, authentication) Manage global stakeholders, cross-functional teams, and vendors Ensure governance, risk management, and compliance with security standards Drive change and transition services into BAU Skills & Experience: Proven experience delivering IAM/identity security programmes Strong background ...

NIST 3rd party risk assessments Information Security technology & controls Information Security GRC Analyst - Liverpool Hybrid (2-3 days onsite) Our Financial Services client has an exciting vacancy within their Information Security Team for an experienced and a highly motivated Information Security GRC Analyst. This is a brand new opportunity … organisation. This role offers the chance to work in a growing & collaborative team as well as a chance for excellent progression & to develop both GRC and technical security skills within a supportive environment. Responsibilities - Work with all parties across the business to identify and assess risk and ensure mitigations ...

risks, ensuring emerging risks are flagged. Ensure compliance with regulatory requirements. Monitor industry trends and best practices. Collaborate with the Head of Security GRC and teams to manage incidents and propose corrective actions. Provide risk management training and develop a risk-aware culture. Support the development of security risk policies … appropriate business experience, along with active CRISC or 27005 Risk Manager certification You should have aminimum of 5 years or demonstrated experience in a governance, risk, or compliance role within an information security context Stronganalytical and problem-solving abilities, excellent written and verbal communication skills, and proficiency in risk management ...

GRC Analyst - Data Protection & GDPR Compliance Fixed Term Contract, 12 months - 45k - 50k Location: Hybrid - Birmingham Your new company: I am looking to recruit a GRC Analyst, focusing on Data Protection and GDPR, to join a leader in the hospitality space, with the role focusing on GRC activities, with … follow up actions. You will need: Strong understanding of GDPR, the UK Data Protection Act, and privacy and security control requirements. Experience working in GRC, information security, data protection, supplier assurance, or a related compliance role. Ability to interpret and assess technical and organisational controls. Strong analytical skills with excellent ...

changes and stay ahead of the competition. Grant Thornton’s Financial Services Business Risk Services (FS BRS) team provides market-leading risk, control and governance services to the financial services industry, working with clients from the insurance, banking and investment management industries and beyond. Our key offerings are internal audit … cleansing, and ability to analyse large datasets. Design and build dashboards, tables and visualisations and produce MI Understanding of audit, risk, internal controls, or governance principles. Experience working on GRC platforms, particularly ServiceNow (GRC/IRM module) is desirable Strong analytical depth and technical capability. Excellent communication skills and ...

Howdens are looking for a Governance and Compliance Lead to take ownership of the stability and strategic direction of the organisations Governance and Compliance applications. Acting as the primary point of accountability, the Governance and Compliance Lead bridges business needs and technology delivery, overseeing application life cycle management and continuous … Raunds, Northamptonshire you will work onsite 4 days per week with one from home. What you will be doing - Lead, coach and develop the Governance and Compliance team, clarifying priorities, roles and performance expectations. Build a culture of accountability, collaboration and continuous improvement. Manage workload planning, skills development and resource ...

experience in leading direction and strategy, helping immature organisations create workable, actionable roadmaps for their Cyber and Infosec Strategy? We're hiring a Strategtic GRC/Risk/Cyber Consultant with experience ideally in LONGER projects to join a fast-growing, high-calibre UK-based security consultancy. This … consulting experience , ideally in less framework-heavy environments, where creativity and dynamism get the job done. Experience navigating delivering LONGER V-Ciso style engagements , GRC, risk frameworks, and regulatory compliance (Maybe you've been internal, or a CISO at some stage?) A background in Cyber, Cloud or Networking is useful ...

Head of Governance & Compliance Central London (Hybrid – 2 days in office) Up to £82,000 + benefits Housing Association | Permanent About the role This is a standout opportunity to join a respected Housing Association in a pivotal leadership role, reporting directly to the Executive Director of Finance and operating … Senior Management Team level. As Head of Governance & Compliance, you'll act as the organisation's regulatory focal point, ensuring strong governance, robust compliance frameworks and effective engagement with the Regulator of Social Housing. You'll also take on the formal responsibilities of Company Secretary, working closely with the Chief ...

GRC Analyst - Third Party Risk Management Fixed Term Contract, 12 months - 45k - 50k Location: Hybrid - Birmingham Your new company: I am looking to recruit a GRC Analyst, focusing on Third Party Risk Management, to join a leader in the hospitality space, with the role focusing on GRC activities, with … and relevant stakeholders. You will need: Strong understanding of GDPR, the UK Data Protection Act, and privacy and security control requirements. Experience working in GRC, information security, data protection, supplier assurance, or a related compliance role. Ability to interpret and assess technical and organisational controls. Strong analytical skills with excellent ...

risk assessments across the vendor lifecycle Support supply chain risk management and onboarding processes Work closely with Procurement, Security & Compliance, and Sales teams Utilise GRC tools to track, monitor, and report on risk and remediation Provide clear recommendations to stakeholders on risk mitigation You’ll work closely with cross-functional … effectively, and aligned to regulatory and security standards. What we’re looking for Experience in third-party risk or supplier risk management Familiarity with GRC tools and risk assessment frameworks Understanding of cyber security, information security, and data protection (e.g. GDPR) Knowledge of industry standards and compliance requirements Strong stakeholder ...

Enterprise Architect (Strategic Oversight & Governance) Location - Erskine, Newcastle, Farnborough or London Candidates are required to be eligible for clearance The AI Enterprise Architect defines the target-state AI architecture and multi-year roadmap to enable scalable, secure, and governed AI adoption across the enterprise. This senior role provides strategic leadership … vendor and platform guidance, and architectural governance across AI initiatives, ensuring alignment with business strategy, enterprise standards, and regulatory requirements. Key Responsibilities: Enterprise AI Architecture & Roadmap: Define and maintain the AI reference architecture and implementation roadmap, covering LLM platforms, data pipelines, knowledge graphs, APIs, microservices, and event-driven architectures across ...

best practice. This is a newly created position in a rapidly growing business. A brilliant opportunity! The following skills/experience are essential: Strong GRC background Governance, Risk and Compliance background Experience in conducting risk assessments PCI DSS, ISO 27001, NIS 2 and the UK telecom Security Act Good understanding … skills Salary: Up to £95,000 + bonus + package Location: London (good work from home options available) If you are interested in this GRC Lead position and meeting the above requirements please apply immediately. ...

Microsoft Defender, Intune, and Purview Promote cyber awareness and best practice across the organisation Collaborate with the Information Security Manager and Compliance Team on GRC activity Stay ahead of emerging threats, vulnerabilities, and industry trends Identify opportunities to improve security tooling, processes, and controls Skills & Experience Needed Microsoft 365 Defender …/Security Portal (endpoint and identity protection) Microsoft Purview (data governance and compliance, including Compliance Portal) Proven hands-on experience remediating vulnerabilities and applying patches in a live environment A strong understanding of cybersecurity principles and threat landscapes Experience with endpoint, network, and identity security within Microsoft ecosystems. Strong troubleshooting ...

Microsoft Defender, Intune, and Purview Promote cyber awareness and best practice across the organisation Collaborate with the Information Security Manager and Compliance Team on GRC activity Stay ahead of emerging threats, vulnerabilities, and industry trends Identify opportunities to improve security tooling, processes, and controls Skills & Experience Needed Microsoft 365 Defender …/Security Portal (endpoint and identity protection) Microsoft Purview (data governance and compliance, including Compliance Portal) Proven hands-on experience remediating vulnerabilities and applying patches in a live environment A strong understanding of cybersecurity principles and threat landscapes Experience with endpoint, network, and identity security within Microsoft ecosystems. Strong troubleshooting ...

Microsoft Defender, Intune, and Purview Promote cyber awareness and best practice across the organisation Collaborate with the Information Security Manager and Compliance Team on GRC activity Stay ahead of emerging threats, vulnerabilities, and industry trends Identify opportunities to improve security tooling, processes, and controls Skills & Experience Needed Microsoft 365 Defender …/Security Portal (endpoint and identity protection) Microsoft Purview (data governance and compliance, including Compliance Portal) Proven hands-on experience remediating vulnerabilities and applying patches in a live environment A strong understanding of cybersecurity principles and threat landscapes Experience with endpoint, network, and identity security within Microsoft ecosystems. Strong troubleshooting ...

Microsoft Defender, Intune, and Purview Promote cyber awareness and best practice across the organisation Collaborate with the Information Security Manager and Compliance Team on GRC activity Stay ahead of emerging threats, vulnerabilities, and industry trends Identify opportunities to improve security tooling, processes, and controls Skills & Experience Needed Microsoft 365 Defender …/Security Portal (endpoint and identity protection) Microsoft Purview (data governance and compliance, including Compliance Portal) Proven hands-on experience remediating vulnerabilities and applying patches in a live environment A strong understanding of cybersecurity principles and threat landscapes Experience with endpoint, network, and identity security within Microsoft ecosystems. Strong troubleshooting ...

across a broad range of cyber security services. Key responsibilities include:* Coordinate internal cyber resources to ensure timely and effective service delivery* Provide oversight, governance, and strategic guidance for clients engaged through resource augmentation or vCISO-style engagements* Identify and communicate security risks, gaps, and opportunities for improvement* Support … security roadmaps and maturity uplift initiatives* Contribute to standardisation, service quality, and continuous improvement across Managed ServicesEssential:* Strong understanding of cyber security principles across GRC and technical domains* Knowledge of frameworks such as NIST CSF, ISO/IEC 27001/27002, CIS Controls, and Cyber Essentials* Understanding of risk management ...