7 of 7 Contract GRC Jobs in the UK excluding London

IT Governance Analyst – London – 3 month contract – Excellent day rate We are seeking an analytical mind, with an eye for detail, procedures and technical acumen, to help the business implement and run a new IT risk management framework. This is a multi-faceted role supporting both a Technology Transformation Programme … assessments, controls assurance and compliance attestations for the clients and other third parties. 3. Risk controls and management Assist the development of the technology governance framework and controls reference library, and support the development and maintenance of policies, standards and procedures; Support the management of the IT controls library, reviewing … change requests, version control, as well as providing regular analysis on technology control performance; Support the GRC platform and service provision, e.g. write and operate GRC runbooks, proactively engage feedback, conduct business analysis for change requests to improve GRC service design and operations. 4. Risk governance and compliance Run the More ❯

NSoIT(D) Cyber and Information Security Risk Management . Reporting to the Chief Information Security Officer (CISO) , you will be responsible for ensuring security governance, risk, and compliance across these environments. Key Responsibilities JADE: Oversee all aspects of physical, procedural, and personnel security for JADE operations. Identify security risks and … assessments, penetration testing, and remediation activities . Monitor and report on emerging security threats. SOC: Assure Live Service Security (LSS) delivery . Provide security governance, risk, and compliance direction for Network Operations and Service Management. Act as lead for Paxcroft building security . Risk Management: Lead Cyber and Information Security More ❯

primary purpose of the Cyber Risk and Assurance Analyst is to support the delivery of Cyber Risk and Assurance services by the SPEN Cyber Governance, Risk and Assurance team. This role offers the opportunity to work and gain further experience within three primary GRA domains across BAU and Change Delivery … services, IT and OT estates regular reviews and reporting of existing risks to ensure remediation plans are on track producing risk reports for various governance forums and supporting risk owners with definition of risk treatment strategies. The role will support the TPRM team to undertake risk and assurance activities for … principles, frameworks, and best practices such as NCSC CAF, ISO27001 or NIST CSF. Awareness of regulatory requirements, such as NIS Regulation. Experience with Archer GRC solution or other GRC solutions desirable. Personal Skills/Abilities Excellent analytical, problem-solving, and communication skills. Ability to work collaboratively in a cross-functional More ❯

primary purpose of the Cyber Risk and Assurance Analyst is to support the delivery of Cyber Risk and Assurance services by the SPEN Cyber Governance, Risk and Assurance team. This role offers the opportunity to work and gain further experience within three primary GRA domains across BAU and Change Delivery … services, IT and OT estates regular reviews and reporting of existing risks to ensure remediation plans are on track producing risk reports for various governance forums and supporting risk owners with definition of risk treatment strategies. The role will support the TPRM team to undertake risk and assurance activities for … principles, frameworks, and best practices such as NCSC CAF, ISO27001 or NIST CSF. Awareness of regulatory requirements, such as NIS Regulation. Experience with Archer GRC solution or other GRC solutions desirable. Personal Skills/Abilities Excellent analytical, problem-solving, and communication skills. Ability to work collaboratively in a cross-functional More ❯

technical audiences. Direction & Decision Making: Provide guidance to security product owners, defining the direction for security technology solutions. Key Technologies You'll Work With: Governance, Risk, and Compliance (GRC) Endpoint Protection (e.g., Sentinel One, Microsoft Defender) Identity Access Management (e.g., Ping, SailPoint) Network Security Solutions (e.g., Akamai, F5) Cloud Security More ❯

technical audiences. Direction & Decision Making: Provide guidance to security product owners, defining the direction for security technology solutions. Key Technologies You'll Work With: Governance, Risk, and Compliance (GRC) Endpoint Protection (e.g., Sentinel One, Microsoft Defender) Identity Access Management (e.g., Ping, SailPoint) Network Security Solutions (e.g., Akamai, F5) Cloud Security More ❯

managed vendors previously, or someone with equivalent practical experience in providing technology and security assurance for clients, who is looking to grow into a GRC role and potentially beyond third party risk. 1. Third party governance and risk management framework Support the development and implementation of third party policies and … governance controls with other functions, e.g. Finance, Legal, Procurement, Security, Architecture, Risk; Develop technology service and operational risk considerations for supplier tier classification definitions; Review existing technology supplier due diligence and work with SME functions to streamline the process; Create and maintain a risk taxonomy and reference library to support … third party risk identification and assessment for technology; Ensure all Technology and Application change involving third parties follow policies, standards and governance procedures, and support various stage gate assessments including business case and design reviews, operational readiness and service transition, data management and governance, migration and decommissioning/vendor exits. More ❯