1 to 25 of 100 GRC Jobs in the UK excluding London

GRC Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a GRC Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you will be … responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the GRC Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST …/ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the GRC Analyst: Maintain and improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and More ❯

Oliver James is proud to be partnering with a globally renowned reinsurance company in their search for a Cyber Security Governance, Risk & Compliance (GRC) and Third-Party Risk Management (TPRM) Specialist. This role will play a crucial part in strengthening the organisation's security posture, focusing heavily on vendor risk, regulatory readiness, and cyber governance. Overview Oliver James is proud … to be partnering with a globally renowned reinsurance company in their search for a Cyber Security Governance, Risk & Compliance (GRC) and Third-Party Risk Management (TPRM) Specialist. This role will play a crucial part in strengthening the organisation's security posture, focusing heavily on vendor risk, regulatory readiness, and cyber governance. Based in the City of London with a flexible … and validate vendor security documentation (e.g., SOC 2, ISO 27001), evaluate control effectiveness, and coordinate remediation efforts for identified gaps. Ensure relevant business stakeholders are informed of potential risks. Governance, Risk & Compliance (GRC): Actively contribute to broader GRC initiatives, including: Managing GRC platforms and tools (e.g., control catalogues, issue tracking, policy management). Designing and deploying security awareness programs (e.g. More ❯

packaging solutions, paper products and recycling services in more than 30 different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and … risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T GRC scope, delegated and assigned by the Head of I&T GRC. Key Accountabilities Engage with More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years’ experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years’ experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate More ❯

the tender process. This is a hybrid working role, with a requirement to be in our Warwick a few times per month. What you'll do: Assist on all Governance, Risk and Compliance activities across Network Services Business Unit. Provide specialist security expertise for multiple internal projects across the Network Services business area. Provide guidance in secure software development throughout More ❯

presentations and engaging effectively with senior stakeholders. Specialization in one or more of the following areas: Identity and Access Management Data Privacy and Protection Security Architecture Operational Technology Security Governance, Risk, and Compliance Ideally, You'll Also Have: Security-related qualifications such as CISSP, CISM, CISMP, ISO27001 lead implementer or auditor, MBCI, or IAPP. Experience operating within an NCSC Assured More ❯

Through our end-to-end range of cyber and cloud capabilities, CyberCX empowers our customers to securely accelerate opportunities in the digital economy. Our services include: consulting and advisory, governance, risk and compliance, incident response, penetration testing and assurance, network and infrastructure solutions, cloud security and solutions, identity and access management, managed security services and cyber security training. More ❯

matters most. Connect to your opportunity As an Associate Director, you will lead and oversee a variety of SAP controls design and transformation work including the use of SAP GRC solutions across a portfolio of diversified clients in different industries where you will be required to lead and collaborate effectively. The ideal candidate will have extensive experience with SAP automated … business controls, General IT Controls and a strong understanding of SAP GRC solutions with a particular focus on SAP GRC Process Control, Risk Management and Audit Management. An understanding of SAP Risk and Assurance Management (RAM) would also be beneficial. The candidate should be able to demonstrate experience leading teams through end-to-end SAP controls transformation programmes and GRC … environment. A strong understanding of business controls, from design, deployment, and operation through to testing and assurance. Designing and building innovative solutions to maximise the value derived from SAP GRC Products through automation and monitoring, including Continuous Controls Monitoring (CCM) over configured and transactional controls in S/4HANA and the deployment of system-driven workflows to streamline risk and More ❯

We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role: Develop and maintain GRC frameworks aligned with ISO 27001, NIST, GDPR, and NIS2 standards Conduct risk assessments across business units, vendors, and projects Monitor regulatory changes and ensure compliance with legal and contractual obligations … the organisation Drive improvements in security culture through awareness and training Collaborate with stakeholders to identify and address control deficiencies Qualifications & Experience Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes Understanding of regulatory requirements, including cross-industry regulations (e.g., GDPR, Data Protection Act) and industry-specific regulations Knowledge of common information More ❯

We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role: Develop and maintain GRC frameworks aligned with ISO 27001, NIST, GDPR, and NIS2 standards Conduct risk assessments across business units, vendors, and projects Monitor regulatory changes and ensure compliance with legal and contractual obligations … the organisation Drive improvements in security culture through awareness and training Collaborate with stakeholders to identify and address control deficiencies Qualifications & Experience Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes Understanding of regulatory requirements, including cross-industry regulations (e.g., GDPR, Data Protection Act) and industry-specific regulations Knowledge of common information More ❯

We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role: Develop and maintain GRC frameworks aligned with ISO 27001, NIST, GDPR, and NIS2 standards Conduct risk assessments across business units, vendors, and projects Monitor regulatory changes and ensure compliance with legal and contractual obligations … the organisation Drive improvements in security culture through awareness and training Collaborate with stakeholders to identify and address control deficiencies Qualifications & Experience Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes Understanding of regulatory requirements, including cross-industry regulations (e.g., GDPR, Data Protection Act) and industry-specific regulations Knowledge of common information More ❯

Senior GRC Analyst This is a hybrid role and can be based from either our Peterborough, Manchester, Stoke, Tunbridge Wells or Chesterfield office. Role Purpose: Reporting to the Head of Information Security to provide BAU operational technical security support. The Senior GRC Analyst will be responsible for compliance governance to security standards, delivering required GRC processes and analysis day to … also help provide ongoing assurance that digital systems and data are safe and secure. Key Accountabilities & Responsibilities: Be an SME for PCI DSS and contribute to and ensure compliance governance to security standards. Contribute to business and technology audits. Engagement with 3rd party partners as a SME and to ensure due diligence process adherence. Management IT Security GRC activities and … end-to-end delivery of information security practices and processes. SME, advice, oversight and governance of security policies, processes, procedures and standards. Contribute to the delivery of the security roadmap and a continuous improvement model for security. Ensure Information Security controls are operating effectively. Ensure where gaps are identified that these have remediation plans agreed and delivered. Ensure annual Security More ❯

Senior GRC Analyst This is a hybrid role and can be based from either our Peterborough, Manchester, Stoke, Tunbridge Wells or Chesterfield office. Role Purpose: Reporting to the Head of Information Security to provide BAU operational technical security support. The Senior GRC Analyst will be responsible for compliance governance to security standards, delivering required GRC processes and analysis day to … also help provide ongoing assurance that digital systems and data are safe and secure. Key Accountabilities & Responsibilities: Be an SME for PCI DSS and contribute to and ensure compliance governance to security standards. Contribute to business and technology audits. Engagement with 3rd party partners as a SME and to ensure due diligence process adherence. Management IT Security GRC activities and … end-to-end delivery of information security practices and processes. SME, advice, oversight and governance of security policies, processes, procedures and standards. Contribute to the delivery of the security roadmap and a continuous improvement model for security. Ensure Information Security controls are operating effectively. Ensure where gaps are identified that these have remediation plans agreed and delivered. Ensure annual Security More ❯

security leader with a blend of strategic vision and operational expertise. You should bring: Proven experience defining and executing cyber security strategy at a senior level Strong knowledge of governance, risk, compliance, and regulatory frameworks Leadership experience managing cyber security operations teams Excellent stakeholder management skills, including board-level engagement The ability to represent the organisation externally with authority and More ❯

security leader with a blend of strategic vision and operational expertise. You should bring: Proven experience defining and executing cyber security strategy at a senior level Strong knowledge of governance, risk, compliance, and regulatory frameworks Leadership experience managing cyber security operations teams Excellent stakeholder management skills, including board-level engagement The ability to represent the organisation externally with authority and More ❯

Senior Information Security Analyst We are looking for a Senior Information Security Analyst with a strong operational background with a focus on Cyber Security and a working knowledge of GRC to be part of a central team supporting a mixture of security operations ensuring compliance with business needs. This will focus around vulnerability and threat management, making sure security controls More ❯

Senior Information Security Analyst We are looking for a Senior Information Security Analyst with a strong operational background with a focus on Cyber Security and a working knowledge of GRC to be part of a central team supporting a mixture of security operations ensuring compliance with business needs. This will focus around vulnerability and threat management, making sure security controls More ❯

Security Risk Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you … risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO 270001), and compliance requirements (GDPR More ❯

the need for Sponsorship We're looking for a Compliance Manager to support and evolve the compliance function for a telecoms organisation based in Theale. Reporting to the Senior Governance, Risk & Compliance Counsel, you'll lead the development and implementation of compliance programs that mitigate legal and regulatory risks while embedding a culture of ethical and operational integrity. Key Responsibilities More ❯

IT Governance Officer The successful candidate will serve as the subject matter expert on the IT operational risk assessment, controls and governance (“IT GRC”). Sitting within the IT team and acting as the first line of defence. You will closely partner with internal IT teams, Business OPC, Central IT OPC and other control functions to strengthen IT operational processes. … IT Operational Permanent Control (OPC) Assessment Group Cybersecurity Assessment IT Audits Client Due Diligence Questionnaire and Security clauses The successful candidate will have strong and relevant experience in IT governance and operational risk management in a similar sized organisation. Knowledge of external certifications and the ability to audit the organisation’s conformance to those standards; Working experience within ISO …/NIST standards Good level of experience and competency within an IT OPC and Governance environment. Personal experience of implementing high quality standards (ideally ISO etc.) within an organisation and the ability to drive quality standards through the organisation. Desirable qualifications ITIL Life cycle/Capability certification ISACA Certificate in the Governance of Enterprise IT (CGEIT) CISA certification Due to More ❯