SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. London
  3. Ict security engineer
  4. Technical GRC consultant

Technical GRC consultant

Walter Everett
Posted 14 hours ago, valid for 9 days
Location

London, Greater London EC1R 0WX

Contract type

Full Time

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Sonic Summary

info
  • Walter Everett is seeking a Governance, Risk, and Compliance (GRC) Consultant with a minimum of 10 years of experience in a GRC role, including at least 5 years in a leadership position.
  • The role involves performing enterprise-level risk assessments, driving innovative GRC solutions, and enhancing governance processes aligned with regulatory standards.
  • Candidates should possess relevant certifications such as CISSP, CISM, and expertise in industry security frameworks like NIST 800-53 and ISO 27001.
  • The position offers a competitive salary, although the specific amount is not disclosed in the job description.
  • Walter Everett emphasizes a commitment to diversity and inclusivity within the workplace, ensuring equal opportunities throughout the recruitment process.

Governance, Risk, and Compliance (GRC) Consultant

Walter Everett is a specialist recruitment company, and our client is currently looking to recruit a talented and technical Governance, Risk, and Compliance (GRC) Consultant to join their dynamic and forward-thinking team.

This is an exciting opportunity to work on meaningful projects that impact industries worldwide, driving innovative solutions while working with brilliant colleagues and clients.

What You’ll Be Doing:

  • Performing enterprise-level risk assessments for large-scale organizations
  • Drive pragmatic and creative solutions to GRC challenges, leveraging agile methodologies to adapt to new regulations, compliance requirements, and business changes.
  • Foster continuous improvement in GRC processes, improving management information to prioritize risk-based decisions effectively.
  • Lead initiatives to build a culture of accountability and responsibility across engagements.
  • Enhance governance processes and advise on evidencing alignment with regulatory requirements and industry best practices (e.g., Secure by Design, NCSC CAF).
  • Provide security expertise across standards and accreditations, ensuring the effectiveness of the security controls framework and maintaining the Information Security Management System.
  • Derive and deliver documented Information Security Management Plans aligned with regulatory, legal, and compliance standards.
  • Assist in identifying and analyzing emerging cybersecurity vulnerabilities and threats, leading risk mitigation efforts.
  • Work with Service Management to ensure that partners and suppliers adhere to agreed standards and policies, verifying compliance and security KPIs.
  • Collaborate with 1st, 2nd, and 3rd lines of defense on matters related to cybersecurity, data privacy, and regulatory considerations.
  • Lead the development of governance, risk, and compliance aligned to policy, standards, and industry practices.
  • Perform focused risk assessments of services and technologies, including supplier and third-party assessments during onboarding and throughout the contract lifecycle.
  • Chair and coordinate Security Working Groups (SWG) and actively participate in governance forums.

What Experience You’ll Bring:

  • Extensive knowledge of GRC frameworks, regulatory compliance, and proactive risk management.
  • Minimum of 10 years’ experience in a GRC role, with at least 5 years in a leadership or managerial position.
  • Relevant certifications such as CISSP, CISM, CCSP, CISA, CRISC, or equivalent experience.
  • Expertise in industry security frameworks such as NIST 800-53, NIST CSF, DORA, and NCSC guidelines.
  • Strong understanding of cybersecurity domains, including network and cloud security, vulnerability management, and third-party supplier risk management.
  • Knowledge of networking (e.g., switching, routing, firewalls).
  • Familiarity with security testing and vulnerability management (e.g., pen testing/ITHC, CVSS/CVE).
  • Experience working with standards such as ISO 27001, 27002, 27017, and 27108.

Desirable Skills and Experience:

  • Thrives as a consultant, enjoying the variety and challenges of engaging with different clients and technologies.
  • Proposes security requirements for new systems or changes to existing systems with minimal supervision.
  • Executes technical management tasks for ongoing client projects.
  • Hands-on technical background with a range of technologies and systems.

Diversity Statement:Walter Everett is committed to fostering an inclusive and diverse workplace. We are happy to discuss reasonable adjustments and accommodations throughout the recruitment process to ensure everyone has an equal opportunity to succeed.

Apply now in a few quick clicks

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2025 SonicJobs App Ltd. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs