CrawlJobs Logo
Myn Logo Myn · IT - Administration

Senior GRC Security Consultant

United Kingdom B2B 350.00 - 600.00 GBP / Day · Job Posted May 31, 2026
Apply Position
Job Link Share

Job Description

Senior GRC Security Consultant The Opportunity We are currently partnering with multiple leading technology consultancies and established financial services organisations who are seeking dedicated Senior GRC Security Consultants to drive their critical governance, risk, and compliance initiatives. These roles offer the unique opportunity to act as a trusted advisor, translating complex security risks into actionable business insights for diverse and forward-thinking organisations. The Role In this position, you will take ownership of assessing organisational security posture against industry-standard frameworks, managing full audit lifecycles, and ensuring regulatory compliance across complex environments. Your day-to-day focus will involve conducting comprehensive risk assessments and gap analyses, developing robust security policies, and collaborating with cross-functional teams to embed security controls into core business operations.

Job Responsibility

  • Taking ownership of assessing organisational security posture against industry-standard frameworks
  • Managing full audit lifecycles
  • Ensuring regulatory compliance across complex environments
  • Conducting comprehensive risk assessments and gap analyses
  • Developing robust security policies
  • Collaborating with cross-functional teams to embed security controls into core business operations

Requirements

  • Proven experience in Governance, Risk, and Compliance (GRC) within an information security context
  • Strong knowledge of industry-standard security frameworks such as ISO 27001, NIST, or NCSC CAF
  • Extensive experience conducting security risk assessments, gap analyses, and risk treatment planning
  • Proficiency in managing audit lifecycles, including evidence collection and remediation tracking
  • Ability to develop and maintain comprehensive security policies, standards, and procedures
  • Strong stakeholder management skills with the ability to communicate technical risk to business audiences
  • Experience in client-facing consultancy or cross-functional internal advisory roles
Myn - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior GRC Security Consultant

8 matching positions

Senior Associate Security Consultant (GRC)

The Senior Associate Security Consultant is responsible for developing expertise...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field
  • Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential
  • Moderate level of demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment
  • Moderate level of experience with security architecture design principles
  • Moderate level of experience with industry compliance and standards such as ISO 27000, PCI:DSS, NIST, HIPAA or others
  • Moderate level of experience with security tools and techniques to cover SANS Top 25, OWASP or others
  • Strong interest in cybersecurity and a desire to learn and grow in the field
  • Knowledge of basic cybersecurity concepts, principles, and best practices
  • Familiarity with common security tools and technologies is a plus
  • Excellent analytical and problem-solving skills
Job Responsibility
Job Responsibility
  • Assists in conducting security assessments, vulnerability scans, and penetration tests to identify weaknesses in client systems
  • Analyzes security data, logs, and reports to detect and investigate security incidents or anomalies
  • Prepares and maintains documentation, including security assessment reports, findings, and recommendations
  • Collaborates with senior consultants to provide advice and support to clients on security best practices and risk mitigation strategies
  • Learns and uses various security tools and technologies for assessments and monitoring
  • Stays updated on the latest cybersecurity threats, vulnerabilities, and industry best practices
  • Assists in evaluating client systems for compliance with industry standards (e.g., ISO 27001, NIST) and regulatory requirements
  • Communicates effectively with clients to understand their security needs and concerns
  • Participates in training programs and certifications to develop expertise in cybersecurity
  • Fulltime
Read More
Arrow Right

Senior Security Consultant

The Senior Security Consultant will lead security architecture design and compli...
Location
Location
United States , Cheyenne
Salary
Salary:
97864.00 - 145000.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum ten (10) years of combined, progressive experience in cybersecurity, information assurance, or IT security, including senior advisory, advanced practitioner, or program-level leadership responsibilities
  • Demonstrated expertise in: Threat modeling
  • Security architecture
  • Security and privacy risk assessments across the full Software Development Life Cycle (SDLC) and production environments
  • Proven experience in IT governance, risk, and compliance (GRC), including: Internal and external audit and compliance assessments
  • Drafting and maintaining security and privacy documentation
  • Conducting security and privacy risk assessments
  • Extensive experience developing and supporting: Security Incident Response Plans
  • System Security & Privacy Plans (SSPPs)
  • Risk Assessments and POA&M remediation strategies
Job Responsibility
Job Responsibility
  • Provides System Integration security architecture design and collaborate with the client to document security standards and provide security architecture advice and oversight to module vendors in support of module solution development, integration, and infrastructure
  • Responsible for adherence to State security standards, communications with State Chief Information Security Officer (CISO), compliance with HIPAA, Health Information Technology for Economic and Clinical Health (HITECH) and NIST requirements, and Internal Revenue Service (IRS) Federal Tax Information
What we offer
What we offer
  • medical insurance
  • dental insurance
  • vision insurance with an employer contribution
  • flexible spending or health savings account
  • life and AD&D insurance
  • short and long term disability coverage
  • paid time off
  • employee assistance
  • participation in a 401k program with company match
  • additional voluntary or legally-required benefits
  • Fulltime
Read More
Arrow Right

Senior GRC Consultant

The Information Security Analyst will be responsible for maintaining and enhanci...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant experience in Information Security and GRC
  • Strong understanding of risk management methodologies and international security standards (e.g., ISO 27001, US NIST, TSA, etc.) and the ability to assess risks, identify vulnerabilities, etc.
  • Familiarity with data privacy legislation such as EU GDPR
  • Experience maintaining and auditing Information Security Management Systems (ISMS) in line with ISO 27001
  • Customer service-oriented with the ability to build strong relationships with internal stakeholders
  • Analytical and creative thinking skills, with the ability to identify pragmatic solutions
  • The ability to organize the daily work schedule and delegate where necessary
  • Strong verbal and written proficiency in English and German.
Job Responsibility
Job Responsibility
  • Maintain the Information Security Management System (ISMS) in accordance with ISO 27001
  • Conduct audit against Telecommunications Security Act (TSA) and other applicable local and regional compliance standards
  • Analyze and evaluate internal projects to identify risks and define appropriate compensatory measures
  • Prepare and present reports on information security including areas for improvement
  • Manage and update content for the information security awareness platform for employees and key suppliers, ensuring up-to-date training on information and cybersecurity best practices
  • Research and recommend security enhancements and improvements.
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options.
Read More
Arrow Right

Senior Security Consultant

As a Senior Security Technical Architect at NTT DATA, you will design complex se...
Location
Location
Philippines , Metro Manila
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Possess at least 8 years of working experience related to information security consulting with a minimum of 5 years of hands-on experiences on GRC practice areas
  • Required degree level education, or significant experience and track record with tertiary qualifications on relevant domains, including computer science, computer engineering and information security
  • Information security and audit certifications such as ISO 27001 LI, ISO 27001 LA, CISA, CRISC, CISSP
  • Experienced in supporting consulting pre-sales work (e.g. writing SoWs, proposals etc.)
  • Demonstrate excellent skills in structured problem solving techniques, creativity and intelligence in the development of solutions to customer problems
  • Be self-motivated and self-disciplined with a demonstrable and successful track record in delivering consultancy projects to all sizes of organizations
  • Must have good presentation skills with the ability to present to audiences of both business and IT stakeholders
  • Must have good written communication and report writing skills
  • Must be a good team player
  • Demonstrates commitment to delivering projects within time and in budget and to a high level of client satisfaction
Job Responsibility
Job Responsibility
  • Deliver and lead GRC (Governance, Risk and Compliance) security consulting projects covering the following key areas: ISMS (ISO27001) Advisory
  • Security Maturity/Posture Assessments
  • Third party security assessments
  • Cloud Security posture assessments
  • Risk assessments
  • PCI DSS Gap Analysis
  • Security compliance assessments
  • Information security framework design (policies, processes and procedures)
  • Support security consulting pre-sales work (e.g. writing SoWs, proposals etc.)
  • Be flexible to acquire new skills and show willingness in learning/re-learning and un-learning things as needed for the success of this role and the overall security consulting practice
  • Fulltime
Read More
Arrow Right

Security Consultant GRC

The Security Consultant (GRC) role involves leveraging expertise in Governance, ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years' varied experience in information security, data protection, risk management, enterprise IT, legal or (relevant) compliance roles
  • Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS/NIS2, DORA, UK CNI / OT / IIOT compliance
  • Hands-on experience building credibility with external stakeholders, including enterprise clients, critical system vendors, certification auditors and regulatory bodies
  • Proven leadership skills with the ability to guide and mentor teams, as well as influence and collaborate with senior stakeholders in a similar GRC, security, or risk management role
  • A hands-on approach with the ability to balance strategic oversight with direct involvement in security tasks
  • Excellent communication skills, with the ability to present complex information clearly and effectively to non-technical stakeholders
  • The ability to explain complex topics to a diverse range of audiences
  • Strong attention to detail and the ability to deliver high quality work
  • A valid right to work in the UK
  • Eligible to obtain UK SC clearance
Job Responsibility
Job Responsibility
  • Governance: directs, oversee, designs, implements or operates within the set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage cyber and information security at an enterprise level
  • Policy and Procedure Management: directs, develops or maintains organisational cyber and information security policies, standards and processes, using recognised standards (e.g. the ISO/ IEC 27000 family, NIST CSF) where appropriate
  • Risk Management: develops cyber and information security risk management strategies and controls, considering business needs, balancing technical, physical, procedural and personnel controls
  • Data Privacy: directs, oversee, designs, implements, contributes to, or operates within the set of multi-disciplinary structures, policies, procedures, processes and controls to manage the protection of personal data, privacy and human rights
  • Internal Controls Oversight: Establish and monitor internal controls to safeguard data and assets, conducting regular reviews and audits
  • Stakeholder Engagement: Serve as a liaison, offering guidance and support to internal teams, external partners, and regulatory authorities
  • Continuous Improvement: Identify opportunities for process enhancements, driving initiatives to bolster governance framework and security posture
What we offer
What we offer
  • Tailored benefits that support your physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • Flexible work options
Read More
Arrow Right

Medior-Senior GRC Consultant - Regulatory and Compliance focus

We ensure that all operations, digital or otherwise, meet the latest quality and...
Location
Location
Belgium , Brussels
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of experience in the Cybersecurity business landscape
  • Proficiency in Dutch and English is mandatory
  • Advanced knowledge of the 'cyber regulatory area'
  • Understanding of AI Act, DORA is a plus
  • Strong experience in performing Compliance Maturity assessments, Data Protection Impact Assessments and to apply Data protection by Design/By default and risk-based approach, perform quality legal compliance analyses and produce good quality reports
  • ISO27001 certification is a plus, experience in ITSRM, and a good understanding of compliance-oriented projects
  • Strong knowledge of PM roles and the ability to independently handle content-oriented missions
  • Client-oriented with the ability to navigate the EU and national regulatory environment, engaging with various stakeholders (regulators, EU, CISO, DPO)
  • A hands-on approach with a solution-oriented mindset, capable of effective communication within the business environment
  • Independence in client-oriented projects and adept at identifying opportunities
Job Responsibility
Job Responsibility
  • Lead regulatory compliance projects
  • Interpret complex legislation such as AI Act and DORA
  • Apply technical knowledge in cybersecurity to enhance the company’s security posture
  • Contribute to pre-sales activities
  • Draft RFPs
  • Understand the broader EU and national business landscapes
What we offer
What we offer
  • Extensive career development opportunities
  • Dynamic network of 56,000 professionals
  • Wide array of offices to explore
  • Fulltime
Read More
Arrow Right
New

Senior Product Security Consultant

The Product Security Consultant is a post-sales role that works closely with cus...
Location
Location
United States
Salary
Salary:
89300.00 - 120700.00 USD / Year
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years of technical experience working with security applications: Security Information and Event (SIEM)/ Log Management, Governance Risk Compliance (GRC), Identity Access Management, IDS/IPS, Advanced Persistent Threat, Anti-Virus, Vulnerability Management
  • Experience with scripting languages and databases: Python or Powershell
  • SQL
  • Interacting with APIs
  • Experience communicating highly technical concepts to a non-technical audience
  • Understanding of network technologies and protocols (e.g. DHCP, IP, DNS, HTTP, etc.)
  • Experience deploying and maintaining virtual machines and configuring policies on cloud platforms (e.g. Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP))
  • Administrator-level experience with Microsoft Windows Server, Linux and/or MacOS operating systems
  • Customer Centric Communication: Ability to translate complex technical concepts and security best practices into clear, actionable guidance for customers with varying levels of technical expertise
  • Technical Collaboration & Enablement: Ability to partner sales teams to provide technical expertise and support throughout the customer lifecycle, from pre-sales scoping to post-implementation success
Job Responsibility
Job Responsibility
  • Evaluate information technology architecture within customer environments across a broad range of industries and proportions to deploy Rapid7 products, and advise on security best practices within the scope of these products
  • Document and communicate design & implementation details to customer end users
  • Automate and customize solutions to enable customers to use Rapid7 products most efficiently via API scripting, reporting, and custom dashboard development
  • Support sales teams by providing enablement on available offerings and by providing scoping assistance during the sales cycle
  • Generate, Maintain and deliver R7 internal enablement materials to team members and cross-functional R7 partners, as well as team infrastructure, internal processes, tooling, and collateral
  • Willingness to travel up to 30%
  • Fulltime
Read More
Arrow Right

Senior Information Security Consultant (QSA)

PGI is a global consultancy that helps organisations build digital resilience. W...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
pgitl.com Logo
Protection Group International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven relationship management skills and experience in Information Assurance consultancy
  • Qualified Security Assessor (QSA) experience with valid PCI-DSS QSA accreditation with a minimum of 2 years of experience performing PCI DSS compliance consultancy
  • Familiarity with PCI DSS and NIST CSF
  • Experience in conducting risk assessments, cyber security maturity evaluations, and remediation strategies
  • Strong communication skills, able to present to clients and senior stakeholders
  • A collaborative, solutions-oriented mindset with excellent time-management skills
Job Responsibility
Job Responsibility
  • Provide expert guidance to clients, supporting both pre-sales and delivery, and establishing trusted advisor relationships to drive compliance and security improvements
  • Lead and deliver hands-on PCI DSS compliance consultancy, performing assessments, gap analyses, and remediation strategies tailored to client needs
  • Act as a subject matter expert in PCI DSS compliance and Governance, Risk, and Compliance (GRC), advising clients on regulatory compliance, risk management, and information security best practices
  • Contribute to PGI’s consultancy growth by aligning services with emerging trends and industry standards. Drive PGI’s accreditations and assist with maintaining ISO 27001, PCI DSS and data protection compliance
  • Mentor junior team members, contribute to the recruitment process, and oversee third-party relationships to ensure project profitability and delivery quality
  • Stay ahead of industry trends, emerging security threats, and best practices to maintain professional growth and continuously improve PGI’s consultancy offerings
Read More
Arrow Right