Governance, Risk & Compliance Officer

Summary: The Governance, Risk & Compliance Officer will support and enhance the organization's GRC framework within the Cyber Security function. This role involves leading compliance initiatives, conducting third-party risk assessments, and ensuring ongoing compliance and risk mitigation. The officer will work closely with internal stakeholders and assist in policy and control development. The position is remote-friendly and based in London, England.

Key Responsibilities:

• Support and enhance the organisation's GRC framework within the Cyber Security function
• Lead on compliance initiatives across key standards including:
  • Cyber Essentials / Cyber Essentials Plus
  • PCI DSS
  • CAF (Cyber Assessment Framework)
• Conduct and manage third-party risk assessments and vendor due diligence
• Perform vendor security assessments and ensure appropriate controls are in place
• Identify, assess, and report on information security risks
• Work closely with internal stakeholders to ensure ongoing compliance and risk mitigation
• Assist in policy, process, and control development and improvement
• Support audit activities and remediation programmes

Key Skills:

• Experience in Governance, Risk, and Compliance (GRC) frameworks
• Knowledge of Cyber Essentials, PCI DSS, and CAF standards
• Strong understanding of third-party risk management
• Ability to conduct vendor security assessments
• Proficient in identifying and reporting information security risks
• Excellent communication and stakeholder management skills
• Experience in policy and process development
• Familiarity with audit activities and remediation processes

Salary (Rate): £500 per day

City: London

Country: United Kingdom

Working Arrangements: remote

IR35 Status: undetermined

Seniority Level: undetermined

Industry: Other

Detailed Description From Employer:

• Support and enhance the organisation's GRC framework within the Cyber Security function
• Lead on compliance initiatives across key standards including:
  • Cyber Essentials / Cyber Essentials Plus
  • PCI DSS
  • CAF (Cyber Assessment Framework)
• Conduct and manage third-party risk assessments and vendor due diligence
• Perform vendor security assessments and ensure appropriate controls are in place
• Identify, assess, and report on information security risks
• Work closely with internal stakeholders to ensure ongoing compliance and risk mitigation
• Assist in policy, process, and control development and improvement
• Support audit activities and remediation programmes

Please click here to find out more about our Key Information Documents. Please note that the documents provided contain generic information. If we are successful in finding you an assignment, you will receive a Key Information Document which will be specific to the vendor set-up you have chosen and your placement.

To find out more about Real, please visit www.realstaffing.com

Real Staffing, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy | Registered office | 8 Bishopsgate, London, EC2N 4BQ, United Kingdom | Partnership Number | OC387148 England and Wales