1 to 25 of 84 GRC Jobs in the UK excluding London

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

Improvement: Identify opportunities to enhance risk management, compliance, and control processes. Recommend and implement improvements to strengthen the organisation's environment. Project Work: Contribute to project activities to ensure GRC requirements are understood and addressed. Roles and Responsibilities: Support the Global Risk & Compliance Senior Manager in delivering governance, compliance, and risk activities, including: Supporting security, audit, and compliance activities Ensuring … Requirements: Key skills and experience include: Excellent communication skills, capable of conveying compliance and risk concepts to both technical and non-technical audiences Significant experience in control management for governance, compliance, IT audits, IS assurance, and risk management CISA, CISM, or equivalent certification preferred BSc or equivalent in an IT-related field preferred Ability to communicate effectively with technical teams … to gather information and requirements Understanding of regulatory requirements (e.g., GDPR, Data Protection Act) and industry-specific regulations Experience implementing compliance and control frameworks Proficiency in IT governance and quality standards Knowledge of security management frameworks like ISO/IEC 27001, ITIL, COBIT, NIST standards Strong stakeholder management skills High integrity and professionalism in handling confidential matters Familiarity with risk More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

implementation of data classification methodologies to ensure appropriate protection based on sensitivity and importance. The role will be based in Reading and will report directly to the Head of Governance, Risk and Compliance, working to deliver the company's goals for a fit-for-purpose critical asset and classification framework. This is a role that requires independence, a proactive approach … risk management practices. Desirable Technical Skills & Qualifications: Industry Certifications: Certifications such as CISSP, CISM, or CISA. Key Relationships & Interactions: CISO direct reports: Security Operations Manager, Security Architecture Manager, Security Governance Manager, Cyber Security Programme Manager, Cyber Resilience Manager CIO and CIO Direct Reports: Operational Technology, Enterprise Architects, PMO and Programme Delivery, Business Change and Engagement Key Business Stakeholders Service Owners More ❯

a SOC environment. - Familiarity with risk management frameworks?(e.g. ISO 27005, NIST RMF). - Excellent communication and reporting skills. - Relevant certifications (e.g. CISSP, CISM, CRISC, CEH). - Experience with GRC tools and risk registers. - Knowledge of regulatory requirements and data protection laws. This is a full time role on a temporary basis. If you are interested in the role please More ❯

drive discussions with key stakeholders and suppliers to provide insights. Experience of third party assurance activities, either for supplier or customer assurance. Extensive knowledge of IT risk management within GRC function, preferably processes, concepts, terminology and control frameworks e.g. ISACA, COBIT, ITIL. Certified in CISA or relevant certifications with one of the following: CISM, CISSP, equivalent experience. Strong knowledge of More ❯

impact in Cyber Security, this role is for you! Responsibilities: Ensure protection of information assets and technologies Participate in security audits like ISO27001, ISO27701, ISO20000, NIST-CSF, and IASME Governance Conduct and document internal audits for our clients Deliver security awareness training, including public speaking engagements Manage Third-Party Risk Management (TPRM) including vendor security reviews Assist the Sales Team … with scoping engagements and delivering valuable services to clients Skills/Must have: Extensive experience in Information Security Governance, Risk, and Compliance (GRC) Experience contributing to an Information Security Management System (ISMS) certified to ISO27001 standards Knowledge of the Cyber Essentials Plus Scheme, GDPR, and Data Protection Act (2018) Strong communication skills and the ability to build relationships with internal More ❯

d love to hear from you. About You We'd love to hear from you if you can demonstrate expertise in at least one of the following areas : Security governance, risk and compliance (GRC), aligned with HMG cybersecurity and information assurance policies, standards, and guidance with experience in consultancy or supplier roles. Securing OT (Operational Technologies) with knowledge and understanding More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

packaging solutions, paper products and recycling services in more than 30 different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and … risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T GRC scope, delegated and assigned by the Head of I&T GRC. Key Accountabilities Engage with More ❯

Governance, Risk & Compliance (GRC) Lead Location: Fully Remote - UK Wide Department: Technology – IT Security and Service Management Contract Type: Permanent Salary: £55,000 - £65,000 About the Role We are seeking a highly experienced and motivated GRC Lead to join our Cyber Security team. This role is critical in shaping and delivering our information assurance strategy, ensuring that cyber security … such as DSPT , CAF , and DORA . You will also play a key role in stakeholder engagement, presenting confidently to senior leadership and translating complex technical requirements into actionable governance strategies. With a significant project pipeline launching in 2026, this is a unique opportunity to influence the future of cyber security governance in a regulated environment. Key Responsibilities Own and … leadership teams. Ensure timely and accurate submission of compliance documentation, including NHS audits and DSPT submissions. Skills & Experience Minimum 5 years’ experience in information security , with a focus on governance, risk, and compliance. Proven ability to lead teams and manage complex programmes in regulated environments. Strong understanding of cyber security frameworks and regulations (DSPT, ISO 27001, CAF, GDPR, DORA). More ❯

Governance, Risk & Compliance (GRC) Lead Location: Fully Remote - UK Wide Department: Technology - IT Security and Service Management Contract Type: Permanent Salary: £55,000 - £65,000 About the Role We are seeking a highly experienced and motivated GRC Lead to join our Cyber Security team. This role is critical in shaping and delivering our information assurance strategy, ensuring that cyber security … such as DSPT , CAF , and DORA . You will also play a key role in stakeholder engagement, presenting confidently to senior leadership and translating complex technical requirements into actionable governance strategies. With a significant project pipeline launching in 2026, this is a unique opportunity to influence the future of cyber security governance in a regulated environment. Key Responsibilities Own and … leadership teams. Ensure timely and accurate submission of compliance documentation, including NHS audits and DSPT submissions. Skills & Experience Minimum 5 years' experience in information security , with a focus on governance, risk, and compliance. Proven ability to lead teams and manage complex programmes in regulated environments. Strong understanding of cyber security frameworks and regulations (DSPT, ISO 27001, CAF, GDPR, DORA). More ❯

Join our Cyber Security Team as a Governance, Risk and Compliance Analyst. If you have been involved in practical aspects of GRC including ISO270001, want to work with a team of dedicated professionals and are able to understand wider business impacts of GRC on a business, please read more and apply. Location We operate a flexible, hybrid working environment with … wellness and employee assistance programmes, gymflex, buy and sell annual leave, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture As a GRC Analyst you will: Support the development and maintenance of our Information Security Management System (ISMS) including policies, objectives, and risk assessments Assist with internal audits and help prepare for external More ❯

of our Insurance clients on a 12-month contract. Inside IR35 Hybrid Responsibilities: Analyze large datasets to identify trends, anomalies, and emerging risks across technology and cyber domains. Support governance and risk forums with timely and accurate reporting on key risk indicators (KRIs), control effectiveness, and remediation progress. Develop and maintain dashboards and reports to visualize technology and cyber risk … general controls, cyber security principles, and technology risk domains. Proven experience in risk analytics, data visualization, and reporting (e.g., using Power BI, Tableau, or similar tools). Familiarity with GRC platforms and risk data management practices. Experience in a risk management, IT audit, or cyber security role within a financial services or regulated environment. Qualifications: Educated to degree level or More ❯

such as M.Inst.ISP, CISSP, CISM, CISA or an MSc in cyber security or a related discipline. Practical experience across various areas of cyber security, such as cyber architecture, cyber GRC, cyber threat management, vulnerability management, cyber security reviews. Detail oriented and strong problem-solving skills. Excellent oral and written communication skills including concisely communicating status and creating customer reports and More ❯

of the Information Security Graduate: Assist with incidents and requests that are assigned to Information Security within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO/IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally More ❯

of the Information Security Graduate: Assist with incidents and requests that are assigned to Information Security within ServiceNow. Learning how to conduct Information Security risk assessments within the Surecloud GRC tool. Assist in managing the requirements for the firm to comply with ISO/IEC 27001 Policies and Standards and Cyber Essentials Plus. Assisting with conducting information security audits internally More ❯

PureCyber combines both defensive & offensive cyber security, with expert governance & compliance consultancy - offering organisations a comprehensive service. Our all-in-one solution simplifies cyber security by providing 24/7 protection, proactive threat intelligence, expert consultancy, and real-world attack simulations - all from a single, trusted source. Our goal is to provide peace of mind to our clients, knowing they … are secured by a partner they can trust. The Governance, Risk and Compliance (GRC) team fulfil a broad role within the delivery of all PureCyber services; focusing on supporting customers to improve their approach to cyber security governance and supporting the organisation on multiple internal projects. Reporting to the Chief Information Risk Officer, this role plays a key part in … maximising the experience of PureCyber clients by guiding them through their cyber security journey and help to improve their assurance levels across multiple service lines. Key Responsibilities Lead on governance and compliance projects such as Cyber Essentials, IASME Cyber Assurance and ISO27001. Schedule and co-ordinate GRC engagements with the wider team and ensure timely and accurate delivery of projects. More ❯

Information Security Analyst - 6-Month FTC Governance, Risk and Compliance Location: London/Hybrid Contract Type: Fixed Term (6 months) Salary: Competitive A global professional services firm is seeking a proactive Information Security Analyst to support the delivery of robust security and privacy policies across its global operation. This role is ideal for someone with hands-on experience in information More ❯

various tools and activities. Manage and improve Three's Security Exception process. Work effectively with Enterprise risk and compliance functions to escalate enterprise-level Technology and Security risks. Operate GRC tools for Risk Management to record, track, and monitor risks and controls. Support ongoing education and awareness activities related to Security policies, Risk management frameworks, and governance across the company. More ❯

guiding us to deliver impact how and where it mattersmost . Connect to your opportunity As a Senior Manager, you will lead and oversee a variety of SAP Security, Governance, Risk, and Compliance (GRC) and Identity Access management work for a portfolio of diversified clients in different industries where you will be required to lead and collaborate effectively. The ideal … candidate will have extensive experience with SAP Security architecture and implementation, SAP GRC solutions (Access Control, Identity Access Governance), and proven experience managing teams through complex SAP ERP Transformation engagements. You will demonstrate and develop your capabilities in the following areas: Apply problem solving and critical thinking to enable the identification of Technology and Risks associated. Access the security requirements … and risks for complex ERP environment supporting the core business and IT processes. Develop and implement a comprehensive SAP security and GRC strategy, policies, and procedure aligned with Organisational goals and industry best practice. Oversee SAP Security during implementations, ensuring compliance with regulatory requirements and internal security standards. Establish and maintain robust access management policies and procedure for user provisioning More ❯

guiding us to deliver impact how and where it mattersmost . Connect to your opportunity As a Senior Manager, you will lead and oversee a variety of SAP Security, Governance, Risk, and Compliance (GRC) and Identity Access management work for a portfolio of diversified clients in different industries where you will be required to lead and collaborate effectively. The ideal … candidate will have extensive experience with SAP Security architecture and implementation, SAP GRC solutions (Access Control, Identity Access Governance), and proven experience managing teams through complex SAP ERP Transformation engagements. You will demonstrate and develop your capabilities in the following areas: Apply problem solving and critical thinking to enable the identification of Technology and Risks associated. Access the security requirements … and risks for complex ERP environment supporting the core business and IT processes. Develop and implement a comprehensive SAP security and GRC strategy, policies, and procedure aligned with Organisational goals and industry best practice. Oversee SAP Security during implementations, ensuring compliance with regulatory requirements and internal security standards. Establish and maintain robust access management policies and procedure for user provisioning More ❯

guiding us to deliver impact how and where it mattersmost . Connect to your opportunity As a Senior Manager, you will lead and oversee a variety of SAP Security, Governance, Risk, and Compliance (GRC) and Identity Access management work for a portfolio of diversified clients in different industries where you will be required to lead and collaborate effectively. The ideal … candidate will have extensive experience with SAP Security architecture and implementation, SAP GRC solutions (Access Control, Identity Access Governance), and proven experience managing teams through complex SAP ERP Transformation engagements. You will demonstrate and develop your capabilities in the following areas: Apply problem solving and critical thinking to enable the identification of Technology and Risks associated. Access the security requirements … and risks for complex ERP environment supporting the core business and IT processes. Develop and implement a comprehensive SAP security and GRC strategy, policies, and procedure aligned with Organisational goals and industry best practice. Oversee SAP Security during implementations, ensuring compliance with regulatory requirements and internal security standards. Establish and maintain robust access management policies and procedure for user provisioning More ❯