Security GRC Consultant

arrow

London / £550 - £700 day

INFO

Salary
SALARY:

£550 - £700

Location

LOCATION

London

Job Type
JOB TYPE

Contract

Job Title: GRC Security Consultant

Contract Duration: 6 Months

Location: Remote with occasional site visit

Day Rate: Inside IR35 - £550-£700 per day

The Role:

We are seeking an experienced Security Consultant to join our team on a contract basis. In this role, you will focus on providing expert guidance in information security management, risk assessments, governance, and compliance aligned with industry standards such as ISO27001 and NIST frameworks. Your primary responsibility will be to assess, design, and implement security strategies that mitigate risks and ensure compliance with relevant regulations.

Key Responsibilities:

Governance, Risk, and Compliance (GRC):

  • Design and implement governance frameworks that ensure alignment with ISO27001, NIST, and other relevant standards.
  • Develop and maintain risk management strategies, identifying, assessing, and mitigating security risks across the organization.
  • Conduct regular compliance assessments and audits to ensure adherence to regulatory requirements (e.g., GDPR, PCI-DSS).

NIST Cybersecurity Framework:

  • Implement and manage cybersecurity controls in alignment with the NIST Cybersecurity Framework (CSF).
  • Perform gap analyses between current practices and NIST CSF to identify areas for improvement.
  • Recommend and implement cybersecurity measures based on NIST standards to enhance the organization's security posture.

Risk Management:

  • Conduct risk assessments to identify vulnerabilities and threats, proposing solutions for risk mitigation.
  • Develop risk treatment plans that prioritize business-critical risks and ensure continuous monitoring and reporting.
  • Work closely with cross-functional teams to integrate risk management into day-to-day operations.

Compliance & Auditing:

  • Perform internal security audits to ensure compliance with ISO27001, NIST, and other regulatory frameworks.
  • Review and maintain documentation related to compliance audits and risk assessments.
  • Collaborate with external auditors during formal audits, providing required evidence and remediation plans.

Reporting and Documentation:

  • Prepare detailed reports on risk assessments, compliance findings, and security governance initiatives for management.
  • Document security incidents, non-compliance issues, and corrective actions taken to ensure continual compliance.

Key Skills and Requirements:

  • Proven experience as a Security Consultant with a focus on ISO27001, NIST, and risk management frameworks.
  • In-depth knowledge of ISO27001 implementation, audits, and continual improvement processes.
  • Hands-on experience with NIST CSF, including assessment and control implementation.
  • Strong understanding of governance, risk, and compliance (GRC) frameworks, along with regulatory requirements such as GDPR, HIPAA, and PCI-DSS.
  • Excellent analytical and problem-solving skills to assess security risks and recommend mitigation strategies.
  • Strong communication skills, with the ability to articulate complex security issues clearly to both technical and non-technical stakeholders.
  • Experience in preparing detailed audit reports and risk treatment plans.
  • Relevant certifications such as ISO27001 Lead Auditor, CISSP, CISM, or CRISC are highly desirable.

CONTACT

William Ingleby

Senior Recruitment Consultant

SIMILAR
JOB RESULTS

4k-Harnham_DA copy
CAN’T FIND THE RIGHT OPPORTUNITY?

STILL
LOOKING?

If you can’t see what you’re looking for right now, send us your CV anyway – we’re always getting fresh new roles through the door.