CrawlJobs Logo

Security Consultant GRC

nttdata.com Logo

NTT DATA

Location Icon

Location:
United Kingdom , London

Category Icon
Category:
Consulting

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Security Consultant (GRC) role involves leveraging expertise in Governance, Risk, and Compliance to assist clients in managing cybersecurity and compliance needs.

Job Responsibility:

  • Governance: directs, oversee, designs, implements or operates within the set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage cyber and information security at an enterprise level
  • Policy and Procedure Management: directs, develops or maintains organisational cyber and information security policies, standards and processes, using recognised standards (e.g. the ISO/ IEC 27000 family, NIST CSF) where appropriate
  • Risk Management: develops cyber and information security risk management strategies and controls, considering business needs, balancing technical, physical, procedural and personnel controls
  • Data Privacy: directs, oversee, designs, implements, contributes to, or operates within the set of multi-disciplinary structures, policies, procedures, processes and controls to manage the protection of personal data, privacy and human rights
  • Internal Controls Oversight: Establish and monitor internal controls to safeguard data and assets, conducting regular reviews and audits
  • Stakeholder Engagement: Serve as a liaison, offering guidance and support to internal teams, external partners, and regulatory authorities
  • Continuous Improvement: Identify opportunities for process enhancements, driving initiatives to bolster governance framework and security posture

Requirements:

  • 5+ years' varied experience in information security, data protection, risk management, enterprise IT, legal or (relevant) compliance roles
  • Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS/NIS2, DORA, UK CNI / OT / IIOT compliance
  • Hands-on experience building credibility with external stakeholders, including enterprise clients, critical system vendors, certification auditors and regulatory bodies
  • Proven leadership skills with the ability to guide and mentor teams, as well as influence and collaborate with senior stakeholders in a similar GRC, security, or risk management role
  • A hands-on approach with the ability to balance strategic oversight with direct involvement in security tasks
  • Excellent communication skills, with the ability to present complex information clearly and effectively to non-technical stakeholders
  • The ability to explain complex topics to a diverse range of audiences
  • Strong attention to detail and the ability to deliver high quality work
  • A valid right to work in the UK
  • Eligible to obtain UK SC clearance

Nice to have:

CISA, CRISC, CISM or CISSP certification are advantageous

What we offer:
  • Tailored benefits that support your physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • Flexible work options

Additional Information:

Job Posted:
March 05, 2026

Icon
NTT DATA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security Consultant GRC

Lead Cyber Security Consultant

As a Lead Cyber Security Consultant at Actica Consulting, you will have the oppo...
Location
Location
United Kingdom , London; Guildford; Bristol; M4 corridor
Salary
Salary:
Not provided
actica.co.uk Logo
Actica Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience of complex ICT systems security in a technical delivery or consulting capacity in the UK Defence sector or Public Sector
  • The ability to present and justify conclusions to project teams and business stakeholders
  • Proven abilities in delivering to client expectations and requirements
  • Strong verbal and written communications skills
  • Must be eligible and willing to obtain UK Government Security Clearance
Job Responsibility
Job Responsibility
  • Leading one or more Actica teams to undertake varying consultancy assignments
  • Providing security expertise for major system procurements and Agile programmes to ensure secure delivery
  • Identifying, analysing and evaluating information risks across a range of programmes, projects and systems
  • Explaining to risk owners the causes, likelihood and potential business impacts of information risks
  • Identifying and presenting options for treating or transferring information risks
  • Authoring and/or supporting the development of security assurance documentation
  • Developing or reviewing new security architectures
  • Scoping security testing activities, and explaining the results and required remediation
  • Managing the delivery of security services by Actica teams across several live projects
  • Working with our client-side customers to manage contract delivery
What we offer
What we offer
  • 25 days of paid leave per annum plus 8 UK bank holidays
  • Discretionary, Performance-Based Bonus Scheme
  • Enrolment in Stakeholder Pension Scheme
  • Cycle To Work Scheme
  • Employee Assistance Programme
  • Electric Vehicle Leasing Scheme
  • Private Medical Insurance
  • Substantial training leading to nationally recognised certifications
  • Mentor support and guidance
  • Performance and Development Manager for regular reviews and career progression planning
  • Fulltime
Read More
Arrow Right

Senior Information Security Consultant (QSA)

PGI is a global consultancy that helps organisations build digital resilience. W...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
pgitl.com Logo
Protection Group International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven relationship management skills and experience in Information Assurance consultancy
  • Qualified Security Assessor (QSA) experience with valid PCI-DSS QSA accreditation with a minimum of 2 years of experience performing PCI DSS compliance consultancy
  • Familiarity with PCI DSS and NIST CSF
  • Experience in conducting risk assessments, cyber security maturity evaluations, and remediation strategies
  • Strong communication skills, able to present to clients and senior stakeholders
  • A collaborative, solutions-oriented mindset with excellent time-management skills
Job Responsibility
Job Responsibility
  • Provide expert guidance to clients, supporting both pre-sales and delivery, and establishing trusted advisor relationships to drive compliance and security improvements
  • Lead and deliver hands-on PCI DSS compliance consultancy, performing assessments, gap analyses, and remediation strategies tailored to client needs
  • Act as a subject matter expert in PCI DSS compliance and Governance, Risk, and Compliance (GRC), advising clients on regulatory compliance, risk management, and information security best practices
  • Contribute to PGI’s consultancy growth by aligning services with emerging trends and industry standards. Drive PGI’s accreditations and assist with maintaining ISO 27001, PCI DSS and data protection compliance
  • Mentor junior team members, contribute to the recruitment process, and oversee third-party relationships to ensure project profitability and delivery quality
  • Stay ahead of industry trends, emerging security threats, and best practices to maintain professional growth and continuously improve PGI’s consultancy offerings
Read More
Arrow Right

Cyber Security ITRM Consultant

Responsible for developing, implementing, and maintaining the organisation's IT ...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in IT Risk Management frameworks, threat modelling, and risk scenario planning
  • Strong understanding of regulatory requirements and compliance frameworks
  • Expertise in GRC platforms (ServiceNow GRC, RSA)
  • Proficiency in risk scoring methodologies and control gap analysis
  • 8-12 years experience
  • Education: B.E./ B.Tech./MCA
Job Responsibility
Job Responsibility
  • Conduct comprehensive risk assessments: identification, impact analysis, heatmap/matrix creation, inherent vs. residual risk scoring, and control gap analysis
  • Perform threat modelling and develop detailed risk scenarios for IT infrastructure, applications, and cloud environments
  • Align IT risk practices with industry frameworks and standards (ISO 27005/27001, NIST RMF, PCI DSS, DORA)
  • Evaluate and maintain IT controls and security posture, recommending enhancements where necessary
  • Support internal and external IT audit processes, ensuring timely remediation of findings
  • Work with GRC teams (ServiceNow GRC, RSA) to track and manage risk compliance workflows
  • Prepare and present risk dashboards, KRIs, and management reports to senior leadership
  • Fulltime
Read More
Arrow Right

GRC Consultant

Sopra Steria offers tailored, end-to-end corporate technology and software solut...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in the domain
  • extensive experience with information security management systems (ISMS), compliance audits and ensuring security-by-design
  • interest in AI security developments
  • familiarity with IT processes based on e.g. ITIL
  • knowledge of standards and legislations such as ISO2700x, NIS2, GDPR, AI and Cyber Fundamentals
  • experience working in the EU or public sector, navigating complex projects
  • fluency in English, French and/or Dutch
  • certifications such as CISSP, CISA, CISM, CRISC or ISO27001 - Lead Implementor or Lead Auditor, AI risk management (ISO42001) is desirable.
Job Responsibility
Job Responsibility
  • design and develop secure solutions to complex application problems - deliver clients projects end-to-end, interfacing across stakeholders
  • implement hardening controls using CIS benchmark across different system components and applications to reduce attack surface
  • lead risk assessments, identification, analysis, treatment, and monitoring across clients
  • perform BCPs, draft Security Plans and roadmaps, ensure third-party risk management
  • cooperate with key stakeholders such as CISO
  • implement/support DevSecOps processes and security engineering review of code and IT configuration
  • support internal and external audits including audit planning, evidence gathering, gap analysis, and remediation tracking
  • support business development and GRC team in driving NIS2 and AI security initiatives and projects
  • support presale process by drafting and leading relevant offers, RFPs, etc.
What we offer
What we offer
  • extensive career development opportunities, both local and international
  • participation in Sopra Steria Academy
  • dynamic network of 56,000 professionals
  • wide array of offices to explore to find ideal location
  • Fulltime
Read More
Arrow Right

Junior GRC Cybersecurity Consultant

We are seeking an enthusiastic and communicative Junior GRC Cybersecurity Consul...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master/Bachelor's degree in Cybersecurity, Computer Science/IT, Business/Information Management, or related field
  • 1-2 years of experience in information security, risk management or IT
  • Basic understanding of ISMS, Risk Management, and Information Security principles
  • Familiarity with compliance standards and legislations (e.g., ISO27001, NIS2, CyberFundamentals, etc.)
  • Basic knowledge of common security tools and best-practices
  • Strong analytical and problem-solving skills
  • Excellent communication and teamwork abilities
  • Fluency in French and/or Dutch, + English
Job Responsibility
Job Responsibility
  • Assisting in the development and maintenance of cybersecurity policies, standards, processes and procedures based on frameworks like ISO 27001, CyberFundamentals, NIST, etc.
  • Joining security maturity assessments, audits and gap analyses to improve the organization's cyber resilience (e.g. with regards to NIS2)
  • Supporting risk treatment plans, including tracking mitigation actions and following up with the responsible teams
  • Contribute to third-party/vendor risk assessments by reviewing security questionnaires and analyzing risks associated with external partners
  • Assisting in the development and delivery of security awareness training sessions for employees
What we offer
What we offer
  • Extensive career development opportunities
  • Access to the Sopra Steria Academy for continuous learning, including industry-recognized certification paths
  • Opportunity to work on diverse and challenging projects in different industries
  • Collaborative team environment in a major European tech company
  • Competitive salary with an indefinite contract
  • Wide range of benefits
  • Access to Sopra Steria training and personal development academy
  • Friendly work atmosphere
  • Fulltime
Read More
Arrow Right

Medior-Senior GRC Consultant - Regulatory and Compliance focus

We ensure that all operations, digital or otherwise, meet the latest quality and...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of experience in the Cybersecurity business landscape
  • Proficiency in Dutch and English is mandatory
  • Advanced knowledge of the 'cyber regulatory area'
  • Understanding of AI Act, DORA is a plus
  • Strong experience in performing Compliance Maturity assessments, Data Protection Impact Assessments and to apply Data protection by Design/By default and risk-based approach, perform quality legal compliance analyses and produce good quality reports
  • ISO27001 certification is a plus, experience in ITSRM, and a good understanding of compliance-oriented projects
  • Strong knowledge of PM roles and the ability to independently handle content-oriented missions
  • Client-oriented with the ability to navigate the EU and national regulatory environment, engaging with various stakeholders (regulators, EU, CISO, DPO)
  • A hands-on approach with a solution-oriented mindset, capable of effective communication within the business environment
  • Independence in client-oriented projects and adept at identifying opportunities
Job Responsibility
Job Responsibility
  • Lead regulatory compliance projects
  • Interpret complex legislation such as AI Act and DORA
  • Apply technical knowledge in cybersecurity to enhance the company’s security posture
  • Contribute to pre-sales activities
  • Draft RFPs
  • Understand the broader EU and national business landscapes
What we offer
What we offer
  • Extensive career development opportunities
  • Dynamic network of 56,000 professionals
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right

Solutions Consultant

We are looking for a dynamic, customer-facing Solutions consultant to be the pri...
Location
Location
United States , Los Angeles; Seattle; Portland; Denver; Chicago; Austin; Dallas; New Orleans; St. Louis; Baltimore; Boston; Miami; Philadelphia; Pittsburgh; Washington D.C.
Salary
Salary:
100000.00 - 130000.00 USD / Year
https://www.upguard.com Logo
UpGuard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years in a customer-facing technical role such as a Solutions Consultant, Sales Consultant, Technical Account Manager, or Professional Services Consultant
  • Experience in a post-sales or expansion focused role is highly preferred
  • Deep understanding of the cybersecurity and GRC landscape (e.g., GRC platforms like ServiceNow
  • SIEMs like Splunk
  • or other security stack tools)
  • A passion for becoming a deep subject matter expert on a complex software platform
  • Hands-on experience with REST APIs is essential
  • You must be comfortable guiding customers on implementation, reading documentation, and using tools like Postman to troubleshoot
Job Responsibility
Job Responsibility
  • Drive Technical Expansion: Act as the key technical partner for Account Managers and CSMs during renewal and upsell motions. You will lead technical deep-dives, run customized product demonstrations, and build "proof-of-value" solution architectures for our new multi-product offerings
  • Serve as the Go-To Product Expert: Maintain an expert-level understanding of the UpGuard platform, its architecture, API capabilities, and competitive differentiators. You will be the technical authority the CS team relies on to answer complex customer questions
  • Architect Complex Solutions: Design, scope, and validate deep technical solutions for our customers. This includes architecting robust API integrations to connect UpGuard with our customers' key systems (like GRC platforms, SIEMs, and other security tools)
  • Manage Critical Technical Escalations: Act as an escalation point to "bridge the gap" between standard technical support and our CSMs. You will take ownership of high-priority technical issues that require deep, hands-on solutioning within a customer's environment
  • Enable the Team: Create and maintain a library of technical documentation, best-practice guides, integration playbooks, and demonstration scripts to empower the entire Customer Success team
What we offer
What we offer
  • Monthly Lifestyle subsidy: Use this for financial, physical, and mental well-being
  • WFH set-up allowance: To ensure you have the right environment to work in, we will help you get set up within your first 3 months at UpGuard
  • $1500 USD annual Learning & Development allowance: To support your career development, all team members will be able to expense development opportunities against this allowance
  • Annual leave: 6 weeks PTO plus two additional UpGuardian leave days to give you time to recharge your batteries
  • 18 weeks paid Parental Leave: Irrespective of parenting role
  • Personal Leave Allowance: This includes sick & carer’s leave
  • Fully remote working environment: While we have physical offices in Sydney & Hobart, we do not mandate compulsory attendance
  • Top-spec hardware: All team members will be provided with top-spec laptops for their role
  • Generative AI subsidy: UpGuard provides paid subscriptions for all team members to access generative AI tools to support their work
  • Health Insurance: Health, dental, and vision insurance
  • Fulltime
Read More
Arrow Right

Product Security Engineer - Secure SDLC Analyst

HPE Aruba Networking is looking for a person excited to work at the intersection...
Location
Location
United States , San Juan
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Information Security, Computer Science, or related technical field
  • A background in software security, either academic or work experience, including reverse engineering, vulnerability classes such as buffer overflows and their prevention, web application security, and/or cloud security
  • Programming knowledge of at least one programming language with the ability to look at source code and figure out what it’s doing
  • Familiarity with the purpose of tools such as IDEs, compilers, source code revision control systems, ASPM, SCA and code scanners
  • Minimum 3 years of experience working directly in software engineering or in an adjacent field with exposure to the software engineering environment
  • Experience conducting risk assessments, threat modeling, and/or compliance assessments
  • Experience supporting the integration of security practices through the software development lifecycle
Job Responsibility
Job Responsibility
  • Assist in the execution of product compliance assessments against various frameworks (e.g. NIST SSDF, NIST SP 800-218, SP 800-53, CIS Benchmarks)
  • Assist in the development and/or maintenance of GRC and SDLC tooling implementations, including scripting and automation
  • Operate as a representative of HPE Aruba in working groups, with government representatives, and with auditors
  • Provide consulting, information, and advice to product teams around implementing and improving the maturity of our SDLC
  • Document known issues and provide information to product teams in a manner which allows for easy interpretation and corrective actions to be performed
  • Monitor worldwide government standards and communicate to management and product teams when changes are made that may impact an existing control or introduce new requirements
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy