1 to 25 of 147 GRC Jobs in England

o Excellent pension o NHS Car lease scheme o Access to a wide range of benefits and high street discounts! Main duties of the job As a Governance, Risk and Compliance (GRC) Analyst, you'll play a vital role in supporting the development, implementation, and continuous improvement of governance, risk, and compliance frameworks across our Digital, Data and Technology (DDaT … to the development of corrective and preventative actions. 4. Training & Awareness: Assist with the development and delivery of training programs and awareness campaigns for DDaT colleagues on governance, risk management, and compliance matters. Promote a governance, risk and compliance culture and ensure DDaT Colleagues understand their roles and responsibilities in maintaining high standards. 5. Documentation & Reporting: Maintain up-to-date … Provide accurate and timely analysis of risk and compliance data to assist with decision-making and improvement initiatives. 6. Continuous Improvement: Contribute to the continuous improvement of governance, risk management, and compliance practices within the DDaT directorate and organisation. Identify opportunities for process improvements and assist with the implementation of best practice in risk management and compliance activities. Person Specification More ❯

Head of Cybersecurity Governance Risk and Compliance Location: Mainly remote based working in the UK with travel to Oxford, Cowley (OX4 2GQ) occasionally Contract: Permanent Hours: Full time Salary: £70,000 per annum, plus car/car allowance Benefits: 33 days holiday, pension, life assurance, employee assistance programme, wellbeing support, and flexible benefits scheme About the Job As our Head … of Cybersecurity Governance Risk and Compliance youll work closely with business and technology teams, helping to articulate and communicate the InfoSec governance program, identify risks and evaluate and help implement controls and improvements. As part of your key responsibilities youll: Manage the day to day of the function and team Support the management of Information Security governance for the organisation … following skills and experience, but please apply if you think youd be able to perform well in this role! Excellent written and verbal communication skills Previous experience within a GRC function, IT Security/Cyber team, Internal Audit or an IT environment Hands on practical experience of ensuring full compliance with legal & regulatory frameworks including ISO 27001 Risk management Strong More ❯

environments. Relevant certifications such as CISSP, CISM, CISA, M.Inst.ISP, or a postgraduate qualification (e.g. MSc in Cyber Security). Practical knowledge in domains like threat management, vulnerability management, cyber GRC, cyber architecture, and cyber assurance. Detail-oriented with strong analytical and problem-solving capabilities. Excellent written and verbal communication skills, including stakeholder reporting and presentation development. Consulting & Delivery Skills: Project More ❯

keep our systems safe. We have a varied range of skillsets in our team including Security Operations, intrusion detection, vulnerability scanning, advanced threat protection, Operational Technology, Physical Security and Governance Risk and Compliance specialists to name but a few. We cover every angle of digital defence. Whether you're decoding threat intel, crafting policy, leading tabletop exercises, or crafting clever More ❯

a financially regulated enterprise environment or similar. The Senior Security Analyst is a specialist lead SME role with the primary focus on AWS Cloud Security Assurance, as well as Governance, Risk and supporting Compliance. You will be supporting the Information Security function to ensure HL remains effective in protecting critical information assets within risk appetite. You will be working with More ❯

packaging solutions, paper products and recycling services in more than 30 different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and … risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T GRC scope, delegated and assigned by the Head of I&T GRC. Key Accountabilities Engage with More ❯

the tender process. This is a hybrid working role, with a requirement to be in our Warwick a few times per month. What you’ll do: Assist on all Governance, Risk and Compliance activities across Network Services Business Unit. Provide specialist security expertise for multiple internal projects across the Network Services business area. Provide guidance in secure software development throughout More ❯

the tender process. This is a hybrid working role, with a requirement to be in our Warwick a few times per month. What you’ll do: Assist on all Governance, Risk and Compliance activities across Network Services Business Unit. Provide specialist security expertise for multiple internal projects across the Network Services business area. Provide guidance in secure software development throughout More ❯

the tender process. This is a hybrid working role, with a requirement to be in our Warwick a few times per month. What you'll do: Assist on all Governance, Risk and Compliance activities across Network Services Business Unit. Provide specialist security expertise for multiple internal projects across the Network Services business area. Provide guidance in secure software development throughout More ❯

keep our systems safe. We have a varied range of skillsets in our team including Security Operations, intrusion detection, vulnerability scanning, advanced threat protection, Operational Technology, Physical Security and Governance Risk and Compliance specialists to name but a few. We cover every angle of digital defence. Whether you're decoding threat intel, crafting policy, leading tabletop exercises, or crafting clever More ❯

providing actionable recommendations. Essential Skills & Qualifications ISO 27001 Lead Implementer or Lead Auditor certification (or equivalent). Demonstrable experience managing compliance for ISO , and PCI-DSS. Strong understanding of governance, risk management, and regulatory compliance. Proficiency with security monitoring tools and incident management processes. Excellent analytical, communication, and leadership skills. Desirable Knowledge of GDPR, NIST, or other security frameworks. Experience More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

protection frameworks and global privacy regulations (e.g., GDPR,CCPA). Professional certifications such as from the International Compliance Association (ICA), or other relevant credentials preferred. Technical : Experience with compliance GRC, DPIA, ROPA and privacy management technologies and automation tools.Strong project management skills with experience leading cross-functional initiatives. Team : Strong communication and influencing skills, capable of working with senior leaders More ❯

Senior Information Security Analyst We are looking for a Senior Information Security Analyst with a strong operational background with a focus on Cyber Security and a working knowledge of GRC to be part of a central team supporting a mixture of security operations ensuring compliance with business needs. This will focus around vulnerability and threat management, making sure security controls More ❯

commercial experience working as a SOC Analyst in large, complex organisations. Active SC clearance. Strong working knowledge of cloud technologies including AWS and Azure. The ability to liaise with GRC teams to ensure compliance with and company adherence to relevant regulations and control frameworks e.g. NCSC CAF, ONR SyAPs, ISO27001. Proven knowledge of adversary TTPs and frameworks like MITRE ATT More ❯

GRC Analyst Maxwell Bond – Merseyside, England, United Kingdom (Hybrid) 📍 North-West based – Hybrid 💰 £40,000 – £50,000 (DOE) + benefits 🕒 Full-time | Monday to Friday, 9:00 AM – 5:30 PM A growing UK-based organisation in the insurance and financial services sector is looking for a GRC Analyst to join their expanding Information Security & Risk team. This opportunity offers … a hybrid working model and the chance to play a key role in shaping governance, risk, and compliance across the business during a period of transformation. The role provides visibility across senior stakeholders and business units while ensuring alignment with regulatory and industry standards. 🔐 Key Responsibilities Support and lead security risk assessments , ensuring risks are documented, tracked, and remediated. Develop … review, and maintain information security and governance policies, standards, and procedures . Manage and improve third-party/vendor risk management processes and assurance activities. Monitor compliance with regulatory requirements (e.g. FCA, GDPR ) and security frameworks (e.g. ISO 27001, NIST, CIS ). Provide oversight on the risk register and support risk committees with reporting and metrics. Support internal and external More ❯

projects and managing complex, multi-stream programmes. Strong background in risk, issue, and escalation management. Solid experience using Jira for project planning and tracking. Familiarity with EDR, email security, GRC, and cloud security controls across multiple cloud platforms. Experience integrating security in M&A activities, including OT risk and compliance. Preferred certifications: PMP, Agile/Scrum Master, CompTIA Security+, CISSP. More ❯

projects and managing complex, multi-stream programmes. Strong background in risk, issue, and escalation management. Solid experience using Jira for project planning and tracking. Familiarity with EDR, email security, GRC, and cloud security controls across multiple cloud platforms. Experience integrating security in M&A activities, including OT risk and compliance. Preferred certifications: PMP, Agile/Scrum Master, CompTIA Security+, CISSP. More ❯

including risk assessments. Using tools such as Nessus, Tenable, or Microsoft Defender to identify and prioritise vulnerabilities. Delivering clear, actionable security reports to technical and non-technical stakeholders. Supporting governance, risk, and compliance activities related to security findings. Collaborating with wider teams and contributing to security training and mentoring initiatives. Ideal candidate profile: 2-3 years' experience in vulnerability management More ❯

optimising efficiency, data capabilities and effective use of digital technologies. The Business Analyst will also ensure our processes are designed to be highly effective in helping us meet all governance, risk and compliance requirements and align with our commitment to delivering exceptional client service. Job Type: Full-time (Mon-Fri) Location: Cheltenham Occasional travel within the UK may be required More ❯

accessible environment for all our employees. If you require accommodations during the application process, let us know, and we'll work to meet your needs. As a Senior AI Governance Consultant within our highly skilled Cyber Security Team, you will be at the forefront of our new and exciting AI governance service. This will involve advising clients on developing and … implementing robust AI governance frameworks, conducting AI risk assessments, and creating policies for the secure and ethical use of AI. While the primary focus is on AI, you will also apply your expertise to broader GRC projects, including information security assessments, ISO 27001 audits, and general information security consulting. The ability to be adaptable and work on a variety of … projects is essential. Essential experience and skills: A strong foundation in traditional GRC, demonstrated by significant experience in auditing and implementing Information Security Management Systems. A recognised ISO 27001 qualification (e.g., Lead Auditor or Lead Implementer) is essential. You must be able to apply this rigorous mindset to new challenges. Demonstrable, hands-on experience applying AI governance principles. This must More ❯

site into London Role Description: As a Senior Information Security Analyst, you will be instrumental in executing the company's Information Security strategies and initiatives, focusing on supporting the Governance, Risk, and Compliance (GRC) function and implementing the NIST Cyber Security Framework (CSF) throughout the organization. You will lead day-to-day GRC activities, including designing security controls, enforcing requirements … activities with the Group Information Security Framework, Cyber Essentials, and PCI DSS attestation. Collaborating with the wider organization to integrate control testing and risk management activities into the existing governance framework. Assisting cross-functional teams and business units in integrating security measures into business operations. Facilitating regular reviews and updates of control and risk management processes to remain effective and … responsive to emerging threats and changes in the organizational landscape. Documenting and visualizing reports for governance forums, providing insights and recommendations to inform decision-making and risk management strategy across the business. Essential Skills: Minimum of 4 years of experience in information security with a solid understanding of Information Security control and governance frameworks. Practical experience of implementing NIST CSF More ❯