GRC consultant
Location: London/ Hybrid
Salary: Up to £85,000 DOE
We're looking for a GRC consultant to come aboard and use your background in Governance, Risk & Compliance, you will help,
Governance: Direct, oversee, design, implement, or operate within the set of multi-disciplinary structures, policies, procedures, processes, and controls implemented to manage cyber and information security at an enterprise level. Support an organisation's immediate and future regulatory, legal, risk, environmental, and operational requirements and ensure compliance with those requirements.
Policy and Procedure Management: Direct, develop, or maintain organisational cyber and information security policies, standards, and processes, using recognised standards (e.g., the ISO/IEC 27000 family, NIST CSF) where appropriate. Apply recognised cyber and information security standards and controls within an organisation, programme, project, or operation. Apply relevant security classification.
Risk Management: Develop cyber and information security risk management strategies and controls, considering business needs, balancing technical, physical, procedural, and personnel controls. Identify and assess information assets, threat-specific information, business impacts, business benefits, and costs to identify and assess potential vulnerabilities and risks.
Data Privacy: Direct, oversee, design, implement, contribute to, or operate within the set of multi-disciplinary structures, policies, procedures, processes, and controls to manage the protection of personal data, privacy, and human rights. Support regulatory, legal, risk, environmental, and operational requirements and ensure compliance with those requirements (e.g., GDPR, Data Protection).
Internal Controls Oversight: Establish and monitor internal controls to safeguard data and assets, conducting regular reviews and audits.
Stakeholder Engagement: Serve as a liaison, offering guidance and support to internal teams, external partners, and regulatory authorities. Provide remediation guidance and prepare management reports to track remediation activities.
Continuous Improvement: Identify opportunities for process enhancements, driving initiatives to bolster governance framework and security posture. Assess and test the effectiveness of security controls, and document compliance levels to identify risks and control gaps.
It starts with amazing people, challenging projects, and a work environment that supports the creation of tangible solutions that make an impact. You will need to have a broad experience of security risk management and have evidence of experience in a number of the following fields of expertise:
Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, UK CNI/OT/IIOT compliance.
Hands-on experience building credibility with external stakeholders, including enterprise clients, critical system vendors, certification auditors, and regulatory bodies.
Proven leadership skills with the ability to guide and mentor teams, as well as influence and collaborate with senior stakeholders in a similar GRC, security, or risk management role.
A hands-on approach with the ability to balance strategic oversight with direct involvement in security tasks.
Excellent communication skills, with the ability to present complex information clearly and effectively to non-technical stakeholders.
The ability to explain complex topics to a diverse range of audiences.
Strong attention to detail and the ability to deliver high-quality work.
A valid right to work in the UK.
Eligibility to obtain UK SC clearance.
CISA, CRISC, CISM, or CISSP certification is advantageous.
Disclaimer:
This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission
The latest news, articles, and resources, sent to your inbox weekly.
Job DescriptionGRC Consultant - Home-Based, UK - Travel ExpectedAt Telefónica Tech we are seeking a Cyber Security GRC (Governance, Risk, and Compliance) Consultant to join our team. This role involves a blend of strategic advisory services, cyber security assessments and active participation in client governance processes. This is a new...
Telefonica Tech
CYBER SECURITY CONSULTANT– client facing – hybrid - permanent – leading UK consultancy offering market leading salary!The Role:Join as a Cyber Security Consultant and embark on a dynamic career where you'll support a diverse portfolio of esteemed UK public sector and defence organisations. Your expertise will play a pivotal role...
Graduate Recruitment Bureau London
Location: Aldermaston Job Type: Contract Industry: Cloud & Infrastructure Job reference: BBBH389537_1734349222 Posted: about 7 hours agoRole Title:SAP Security ConsultantDuration:contract to run until 30/06/2025Location:Aldermaston - 1 day a week remote - 4 days on siteRate:up to £708.75 p/d Umbrella inside IR35Clearance required:Active DV or Eligible for DVDue to the nature...
Experis Aldermaston
Job Description: IT Risk Consulting DirectorJob Title:IT Risk Consulting DirectorDepartment:Risk Management / IT ConsultingReports To:Managing Director / PartnerPosition Overview:The IT Risk Consulting Director is a senior leadership role responsible for delivering strategic guidance to clients on IT risk management, governance, and compliance. This role combines deep technical knowledge with business...
DWH Recruitment London
Role: Cyber Security AnalystType: PermanentLocation: AndoverClearance: SC/DVCND are looking to bolster our internal team with another experienced Security Analyst. Your role will be to develop and provide monitoring services to both our customers and our internal networks. This role is focused on supporting one of our key customers on site.You...
Andover
GRC Analyst – Cybersecurity – £70-75k – Remote Overview:We are currently partnered with an award-winning cybersecurity firm specialising in Identity and Access Management (IAM) solutions. They are seeking a GRC Analyst with a strong background in ISO 27001 to support their clients in achieving their governance, risk, and compliance objectives....
Tower, Greater London
