51 to 75 of 136 GRC Jobs in the UK

practitioner who thrives on doing —not just advising. This is a delivery-focused role, perfect for someone who enjoys: Crafting and updating policies Driving governance, risk, and compliance Embedding secure-by-design practices Boosting security awareness and culture Being the go-to security expert within the business You'll work … independently, without line management duties, owning day-to-day information security operations. Our IT teams handle the tooling—your mission is governance, risk, compliance, and enabling secure delivery. What You'll Be Doing Own and manage all information security incidents & organisational risks Maintain and evolve our Information Security Management System ...

Application Analysts and Application Support Analysts, building a culture of collaboration, curiosity and continuous improvement. Job description: Main job responsibilities: Leading the strategy, governance and delivery of enterprise applications, ensuring systems are fit for purpose, secure and aligned to business priorities. Owning the enterprise applications architecture, ensuring interoperability, integration and … code/no-code platforms, APIs and cloud-based solutions. Ensuring secure, compliant and accessible application designs aligned with data protection, cyber security and governance frameworks. Leading, coaching and developing Application Analysts and Application Support Analysts, building a high-performing, customer-focused team. Embedding a culture of continuous improvement, accountability ...

and lead the organisation's information security function. This role is responsible for defining and executing the information security strategy, ensuring robust governance, risk, and compliance practices, and protecting the organisation's information assets within a regulated environment. Key Responsibilities Lead and manage the organisation's cyber and information security … across a medium to large enterprise environment Develop, implement, and continuously improve the information security strategy, roadmap, and supporting programs Establish and maintain strong Governance, Risk, and Compliance (GRC) frameworks aligned to business objectives Oversee information security risk management, including risk identification, assessment, treatment, and reporting Manage ISO27001 compliance, including ...

and lead the organisation's information security function. This role is responsible for defining and executing the information security strategy, ensuring robust governance, risk, and compliance practices, and protecting the organisation's information assets within a regulated environment. Key Responsibilities Lead and manage the organisation's cyber and information security … across a medium to large enterprise environment Develop, implement, and continuously improve the information security strategy, roadmap, and supporting programs Establish and maintain strong Governance, Risk, and Compliance (GRC) frameworks aligned to business objectives Oversee information security risk management, including risk identification, assessment, treatment, and reporting Manage ISO27001 compliance, including ...

summary Were looking for an experienced Information Governance Manager to lead IG, Cyber Security, Digital Clinical Safety, and Quality Management across a complex, multisite healthcare organisation. This is a key leadership role driving strategy, compliance, change, and operational excellence. As our Information Governance Manager, you will shape and deliver … governance strategy, deputise for the Group Head, and ensure compliance with UK, NHS, and international standards. You will lead transformational improvement across IG, Cyber, Digital Clinical Safety and ISOaligned Quality Management, working closely with senior leaders, technical teams, and clinical stakeholders. This is a full-time permanent role, working remotely. ...

Inside IR35) Start date: ASAP. Overview We are seeking a skilled, proactive, and analytical Cyber Risk Analyst to support the Governance, Risk and Compliance (GRC) function of my client. You will be responsible for identifying, assessing, and helping to mitigate Cyber, Information Security, and OT security risks across the organisation. … recognised Cyber Risk management frameworks and methodologies such as: ISO 27005 Or other structured cyber risk quantification approaches Strong understanding of Information Security principles, Governance, and Risk Management practices. Proven experience maintaining compliance documentation aligned to industry standards, regulations, and legislative requirements, including but not limited to: NIS Directive - Cyber ...

Security Architect with 10+ years of experience to drive the security strategy for major global clients. You will bridge the gap between high-level governance (ISO27001, GRC) and technical cloud implementation. Key Responsibilities: Design & Strategy: Define security architectures, infrastructure cost models, and roadmaps. Technical Leadership: Oversee requirements for Firewalls, SIEM ...

enjoys driving practical improvements and embedding risk management into day-to-day operations. Key Responsibilities You will: Contribute to the operation, enhancement, and governance of the security risk management framework, ensuring alignment with business goals, regulatory needs, and recognised industry practices. Conduct detailed security risk assessments and support the creation … will have: Hands-on experience in security risk management within a dynamic, high-growth, or highly regulated environment. A background designing, maintaining, or enhancing governance processes and procedures, ideally related to security or technology risk. Strong experience performing risk assessments across cloud environments and modern technology stacks. Good understanding ...

Security Operations (SOC) function. This is a hands-on, operational role focused on improving detection, response, and incident readiness - not a compliance or GRC-led position. You'll manage a small SOC team, own the relationship with a Managed Detection & Response (MDR) provider, and drive continuous improvement across security operations … Operational, detection-and-response-led security environment What This Role Is Not Not GDPR-, ISO-, or risk-framework-led Not a pure compliance or GRC role Not policy- or audit-heavy This role is about real-world security operations and outcomes . Experience & Skills Proven experience managing or leading Security ...

protecting client data, intellectual property, and business operations while enabling secure innovation. Through four key pillars Digital Trust, Technical Assurance, Security Operations, and Governance, Risk and Compliance (GRC) the team delivers comprehensive security solutions that align with our firms strategic objectives as well as client and regulatory requirements. Our integrated … workable, mature and optimized function and service. This role requires extensive experience across all Identity and Access Management core disciples including identity management, identity governance and administration, privileged access, and conditional access and in particular, machine identities. It also requires deep technical skills in the DevSecOps. This role will support ...

CoreStream GRC - Delivery Lead/Project Manager/Consultant Hybrid role in Central London (1 day/week office-based, 50% during probation) Salary: Competitive, depending on experience About CoreStream GRC At CoreStream GRC, we provide organizations with technology to efficiently manage risk, compliance, and audit activities through a risk … create a customized solution that promotes proactive decision-making, collaborative internal audits, and accountability. Most importantly, it provides significant time and cost savings. CoreStream GRC’s client base includes public sector ministries, governments, and FTSE and Fortune 100 companies across North America, EMEA, and APAC in diverse industry sectors. Role ...

potential business impact. Present findings to senior stakeholders, including the CISO. Collaborate with internal teams to gather contextual information needed for assessments. Support broader Governance, Risk & Compliance (GRC) objectives where required. Contribute expertise relating to threat modelling, exploitation techniques, and security best practices. Apply industry-recognised standards and frameworks (e.g. ...

Senior/Principal GRC Cybersecurity Consultant - Permanent - Hybrid (UK) We're looking for a Senior/Principal GRC Cybersecurity Consultant to support organisations with their most complex cyber, information security, and operational resilience challenges. You'll work closely with boards, CISOs, and senior leadership teams, helping them strengthen their security … party risk frameworks (NIST, ISO, CAF, etc). Required Skills & Experience 5+ years' experience in cyber security consulting or advisory roles. Strong background in GRC, cyber risk, and resilience programmes. Experience working with frameworks such as NIST, ISO 27001, CAF, MITRE, ISF or similar. Proven ability to engage and influence ...

GDPR/Data Privacy CCAR, Stress Testing, Model Risk (as applicable) Support initiatives related to: Credit Risk, Market Risk, Operational Risk Risk Controls & Governance Regulatory Reporting and Risk Data Aggregation Stakeholder Management Act as the primary point of contact for business stakeholders and risk SMEs Facilitate requirement workshops and stakeholder … Scrum methodologies Ability to translate complex regulatory requirements into actionable product features Strong analytical, documentation, and communication skills Preferred Experience working with risk platforms, GRC tools, or regulatory reporting systems Familiarity with data-driven risk solutions , dashboards, and analytics SAFe Product Owner/Product Manager certification CSPO or equivalent Agile ...

help our clients build digital trust in their organisations. This includes IT internal audit, IT risk management, independent programme assurance, clinical systems assurance, GRC tooling and Tech Transformation (AI, Strategy etc). We are proud of helping our clients to innovate and navigate regulatory and governance challenges along ...

security risk management across the wider technology function. The Role * Reviewing and assuring cyber security controls to ensure effectiveness, coverage and evidence * Maintaining and improving cyber governance, risk and reporting frameworks * Supporting cyber risk assessments, issue tracking and remediation activities * Reviewing and updating security policies, standards, procedures and playbooks * Supporting … and assurance activities * Assisting with incident management governance, including root cause analysis and control improvements * Working with technology teams to embed effective security risk management and compliance Skills & Experience * Experience in cyber security governance, risk or assurance, ideally within a regulated environment * Proven background in testing and assuring security controls ...

information and cyber security across the organisation Manage and optimise third‐party security relationships , including suppliers, MSPs, and assurance partners Oversee security governance, risk management, and compliance activities Provide leadership and direction to a small internal team , supported by external vendors Engage with senior stakeholders to translate security risk into ...

information and cyber security across the organisation Manage and optimise third-party security relationships , including suppliers, MSPs, and assurance partners Oversee security governance, risk management, and compliance activities Provide leadership and direction to a small internal team , supported by external vendors Engage with senior stakeholders to translate security risk into ...

responsibilities include: Monitoring systems, networks and alerts for security threats and vulnerabilities Investigating, documenting and responding to security incidents Supporting cyber security governance, risk management and compliance activities Producing clear security reports, metrics and management information Working with third-party suppliers and internal stakeholders Promoting cyber security awareness across ...

Extensive ServiceNow IRM experience: Proven experience in designing and implementing ServiceNow IRM solutions, including a strong understanding of the platform's capabilities and functionalities. GRC knowledge: Deep understanding of Governance, Risk, and Compliance (GRC) principles and best practices. Technical skills: Proficiency in ServiceNow platform development, including scripting, workflows, and integrations. … presentation, and stakeholder management skills. Solution architecture experience: Experience in designing and implementing complex solutions, including defining architecture roadmaps. Certifications: ServiceNow certifications like CIS-GRC or CIS-VRM are often preferred. For more information on how we process your personal data, please refer to HCLTech’ s Candidate Data Privacy Notice. ...

best practice. This is a newly created position in a rapidly growing business. A brilliant opportunity! The following skills/experience are essential: Strong GRC background Governance, Risk and Compliance background Experience in conducting risk assessments PCI DSS, ISO 27001, NIS 2 and the UK telecom Security Act Good understanding … skills Salary: Up to £95,000 + bonus + package Location: London (good work from home options available) If you are interested in this Governance Risk and Compliance Lead position and meeting the above requirements please apply immediately. ...

Title: Cyber Governance Consultant – Permanent Location: Hybrid (Client sites, Company offices, and Home – note: cannot be fully remote) About the Role: We are looking for a Cyber Governance Consultant ( 2 - 4 years experience) to help clients design and implement cyber guidelines and governance frameworks tailored to their specific needs. … Experience: Experience designing or implementing secure solutions based on regulatory frameworks such as ISO, NIS, NIST, TISAX, DORA, NCSC CAF, or IEC62443. Background in GRC consulting or cybersecurity governance. Ability to balance security, compliance, usability, agility, and cost considerations. Experience creating business cases, roadmaps, or strategic recommendations for regulatory compliance. ...

role bridges business needs with technology solutions, particularly ServiceNow, to streamline risk management processes and reporting. Key Responsibilities: Act as the primary liaison between GRC stakeholders and technology teams, translating business requirements into actionable solutions. Monitor and manage the flow of projects originating from RCE programmes, ensuring sustainability and alignment … with GRC objectives. Support ServiceNow implementation and integration, including pulling APIs from external systems into ServiceNow for enterprise risk management. Track and report on key metrics, project status, and deliverables; maintain dashboards and “burn down” reports to provide visibility across initiatives. Facilitate workshops, status meetings, and documentation of business requirements ...

Anticipate future needs, develop a prioritised roadmap of change, and ensure all technology investments deliver a clear return on investment and strategic value. Ensure Governance & Security: Maintain absolute compliance with all legal, regulatory (including GDPR), policy, and cyber security requirements, safeguarding company and client data. Principal Accountabilities & Responsibilities Strategic Leadership … progression and ensure the team is trained and equipped to meet evolving demands. Instil a service-oriented, business-partner mindset within the IT function. Governance, Risk & Compliance - Maintain and ensure effective implementation of all legal, policy, GDPR, Health & Safety, and cyber security requirements. Own the cyber security strategy and posture ...

regulations including anti-money laundering (AML), financial crimes and illicit financing (KYC), sanctions, and environmental, social and governance (ESG). Understanding of governance, risk and compliance (GRC), business intelligence research, conflict and illicit finance analysis, banking sector risk management and compliance, or other national security-related matters. Experience uncovering … and have experience as a Business Development Manager focusing on expanding new business sales and be regarded as a Subject Matter Expert in the GRC space. To the right person, this will be the perfect kind of challenge. Our mission is compelling, our product is powerful and we’re growing ...