Senior GRC Consultant
New Today
We are looking for a Governance & Risk Management Consultant (15+ years experience) with strong expertise in compliance mapping, vulnerability risk management, and risk escalation. The role focuses on aligning platforms to security frameworks and managing vulnerability lifecycles across hybrid and cloud environments.
Key Skills Required
Security Controls Framework mapping (NIST, ISO 27001, NHS DSP Toolkit, NCSC CAF)
Strong exposure to vulnerability risk management across hybrid and cloud estates (AWS, Azure)
Governance oversight of vulnerability burn-down across platforms, applications, servers, and systems
Compliance reporting aligned to hardening standards (permissive accounts, IaC, etc.)
Risk and issue assessment, tracking, and lifecycle management
Compliance evidence collation and governance reporting
Stakeholder engagement and program oversight
Key Responsibilities
Map NHS platforms against Security Controls Frameworks with focus on vulnerability management
Track and manage security issues via Security Issue Management Tracker
Escalate unresolved risks to Cyber Operations and governance forums
Conduct weekly risk reviews and support audit readiness
Work with product owners to identify risks and prioritize vulnerability remediation
Report to senior management on remediated, mitigated, and residual risks
TPBN1_UKTJ
- Location:
- United Kingdom
- Job Type:
- FullTime
- Category:
- Finance