Senior Information Security GRC Consultant
Salary: £62,000 per annum
Location: Highly remote (occasional office presence required)
Benefits: 30 days annual leave + bank holidays, 35-hour working week, up to 10% pension contribution

re you an experienced Information Security professional with a strong background in Governance, Risk, and Compliance (GRC)? We are seeking an Senior Information Security GRC Consultant to lead our GRC function, ensuring robust security controls, regulatory compliance, and effective risk management.

The Role
As the Information Security GRC Manager, you will oversee governance frameworks, risk assessments, and compliance initiatives to strengthen our security posture. Collaborating across teams, you will provide strategic guidance, manage security policies, and ensure adherence to industry standards. Additionally, you will lead and develop a dedicated InfoSec GRC team, driving best practices in security governance.

Key Responsibilities:

• Develop, implement, and maintain a robust GRC framework to ensure compliance with regulatory and security requirements.
• Conduct risk identification, assessment, and mitigation strategies to support business objectives.
• Oversee security policies, controls, and compliance with frameworks such as PCI-DSS, GDPR, and NIST CSF.
• Lead and mentor a team, providing guidance on security governance, risk management, and compliance activities.
• Work closely with key stakeholders to enhance cloud security governance and risk management frameworks.
• Ensure alignment with critical security control libraries, including CIS Controls and Cyber Essentials Plus.

This is an exciting opportunity for a security professional to lead and shape a growing GRC function while contributing to a meaningful mission.