SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. London, Greater London
  3. GRC Consultant

GRC Consultant

GCS Ltd
Posted 2 days ago, valid for 7 days
Location

London, Greater London SW1A2DX, England

Salary

£70,000 - £75,000 per annum

Contract type

Full Time

By applying, a CV-Library account will be created for you. CV-Library's Terms & Conditions and Privacy Policy will apply.

Sonic Summary

info
  • The job involves assessing and testing the effectiveness of security controls and documenting compliance levels to identify risks and control gaps.
  • Candidates should have a broad experience in security risk management, with knowledge of various risk assessment methodologies and frameworks.
  • Experience in implementing compliance standards such as ISO 27001, PCI DSS, and GDPR is essential, along with strong English communication skills.
  • The role requires a relevant professional certification in Security, Risk, or Compliance and the ability to explain complex topics clearly.
  • The position offers a salary of £60,000 to £80,000 and requires at least 5 years of experience in a related field.

About the job

What you'll be doing:


Using your background in Risk & Compliance, you will help our clients:

  • Assess and test the effectiveness of security controls, and document the compliance levels to identify risks and control gaps.
  • Understanding the Security regulatory landscape that affecting UK & EU business and IT areas.
  • Evaluate security risks against either client risk models or well-known risk &/or control frameworks such as; the ISO3100 series, NIST, ISO270xx series, ISF, CIS, UK CAF, etc,
  • Develop and review security risk models, standards, procedures, and controls to manage client risks.
  • Improve security risk posture through defining a process of improvements, leveraging Risk & Compliance platforms, policy, automation, and the continuous evolution of capabilities.
  • Ensure & evaluate that required and expected security controls are in place and working as they should.
  • Recommend tooling and process improvements and develops reporting metrics, dashboards, and evidence artefacts.
  • Document and report control failures and gaps to stakeholders. Provide remediation guidance and prepare management reports to track remediation activities.


What experience you'll need:


It starts with amazing people, challenging projects and a work environment that supports the creation of tangible solutions that make an impact. You will need to have a broad experience of security risk management and have evidence of experience in a number of the following fields of expertise:

  • Demonstrate in-depth knowledge of Risk assessment and risk management methodologies &/or frameworks.
  • Experience in applying & using qualitive / qualitive Risk and/or Threat based risk models
  • Knowledge of UK / EU information security management, governance, and compliance principles, practices, laws, rules and regulations.
  • Experience in implementing and/or operating one or more Security Risk Management, Compliance or Data Protection technology platforms.
  • Experience in implementing and operating one or more of the following:
  • ISO 27001 compliant ISMS
  • PCI DSS / SOX compliance
  • UK NCSC CAF compliance
  • UK or EU GDPR / UK Data Protection compliance
  • NIS/NIS2, DORA compliance
  • UK Operational Resilience / TSA(R) compliance
  • UK CNI / OT / IIOT compliance
  • Cyber and Cloud Security standards & frameworks, supporting architecture, design, operations, controls, technology, solutions, and service orchestration.
  • Core knowledge of Information Technology systems and processes, network infrastructure, data architecture, data processes, and protocols.
  • Information systems auditing, monitoring, controlling, and assessment processes.
  • Knowledge of Incident response management.
  • Outstanding English verbal communication skills with the ability to explain things in a clear and non-technical way.
  • Excellent English writing skills for technical documents and improving processes (such as policies and reports).
  • The ability to explain complex topics to a diverse range of audiences.
  • Strong attention to detail and the ability to deliver high quality work.
  • A valid right to work in the UK.
  • Have held UK SC clearance or be eligible for obtaining UK SC clearance.
  • A relevant and recognised professional Security / Risk / Compliance certification supporting the role, such as; CISSP, PCI ISA, ISO 27001 ISMS Lead Implementer, CRISC, etc.

GCS is acting as an Employment Agency in relation to this vacancy.

Apply now in a few quick clicks

By applying, a CV-Library account will be created for you. CV-Library's Terms & Conditions and Privacy Policy will apply.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2024 SonicJobs App Ltd. All rights reserved

Terms & Conditions | Privacy Policy | AI Agent | Browse Jobs