SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. London, Greater London
  3. Ict security engineer
  4. Security, Governance, Risk & Compliance Consultant

Security, Governance, Risk & Compliance Consultant

Walter Everett
Posted 3 days ago, valid for 7 days
Location

London, Greater London EC2V7NQ, England

Salary

£50,000 - £60,000 per annum

info
Contract type

Full Time

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Sonic Summary

info
  • Walter Everett is seeking a skilled Cyber Security Consultant for a global consultancy, focusing on Security, Governance, Risk, and Compliance (GRC).
  • The role requires a seasoned professional with relevant experience in information security, data protection, and risk management, along with a strong understanding of frameworks such as ISO 27001 and NIST CSF.
  • Key responsibilities include designing governance structures, developing security policies, managing cyber risk, and ensuring compliance with regulations like GDPR.
  • Candidates should have proven leadership skills and the ability to engage with stakeholders, along with a valid right to work in the UK and eligibility for UK SC clearance.
  • The position offers a competitive salary of £70,000 - £80,000 and requires a minimum of 5 years of relevant experience.

At Walter Everett, we specialize in sourcing niche technical talent for top-tier roles. We are currently working with a global consultancy to find a skilled Cyber Security Consultant to join their team. This role focuses on Security, Governance, Risk, and Compliance (GRC), where you’ll collaborate with leading organizations to strengthen their security frameworks and enhance compliance.

What You'll Be Doing

Using your expertise in GRC, you will support clients by:

  • Governance: Designing, implementing, and overseeing multi-disciplinary structures, policies, and processes that manage cyber and information security at an enterprise level. Ensuring compliance with regulatory, legal, and operational requirements, and aligning with immediate and long-term business goals.
  • Policy and Procedure Management: Developing and maintaining cyber and information security policies, standards, and processes based on recognized standards such as ISO/IEC 27000 and NIST CSF. Ensuring security classifications are applied appropriately.
  • Risk Management: Creating and implementing cyber risk management strategies and controls tailored to business needs. Conducting assessments to identify vulnerabilities, threats, and impacts, balancing technical, procedural, and physical controls.
  • Data Privacy: Establishing and managing frameworks to protect personal data and privacy, ensuring compliance with GDPR, Data Protection Act, and other relevant regulations.
  • Internal Controls Oversight: Establishing and monitoring internal controls to safeguard data and assets through regular reviews and audits.
  • Stakeholder Engagement: Acting as a liaison for internal teams, external partners, and regulatory authorities. Providing remediation guidance and preparing management reports to track progress.
  • Continuous Improvement: Driving process improvements to enhance governance frameworks and security postures. Assessing the effectiveness of security controls and documenting compliance to address gaps and risks.
What Experience You'll Bring

Our client is seeking a seasoned professional with a broad background in security risk management and expertise across the following areas:

  • Relevant Experience: Varied background in information security, data protection, risk management, enterprise IT, legal, or compliance roles.
  • Framework Knowledge: Strong understanding of frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, and UK CNI/OT/IIOT compliance.
  • Stakeholder Management: Demonstrated ability to build credibility with enterprise clients, critical system vendors, certification auditors, and regulatory bodies.
  • Leadership: Proven leadership and mentoring skills, with the ability to influence and collaborate with senior stakeholders in similar GRC, security, or risk management roles.
  • Hands-On Approach: A balance of strategic oversight and direct involvement in security initiatives.
  • Communication Skills: Ability to articulate complex information clearly to non-technical stakeholders and adapt messaging to diverse audiences.
  • Attention to Detail: Strong focus on delivering high-quality, accurate work.
  • Right to Work: Valid right to work in the UK and eligibility to obtain UK SC clearance, lived in the UK for 5 years
  • Certifications: CISA, CRISC, CISM, or CISSP certifications are advantageous but not essential.

This is a unique opportunity to work on challenging projects that have a real-world impact. If you have the skills and experience to excel in this role, we'd love to hear from you.

Contact Walter Everett today to learn more about this opportunity and take the next step in your career.

Apply now in a few quick clicks

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2024 SonicJobs App Ltd. All rights reserved

Terms & Conditions | Privacy Policy | AI Agent | Browse Jobs