Governance Risk & Compliance Consultant (GRC)
London, England, United Kingdom - Remote
Applications have closed
Methods
Delivering end-to-end business & technical solutions that are people-centred, safe, & designed for the futureJob Title Governance Risk & Compliance Consultant (GRC)
Reporting to Cyber & Technical Advisory
Salary £60,000-£80,000
Job Type Permanent, full time
Location Home based (This role will require regular UK travel and at times need you to stay away from home)
Since our establishment in 1990, Methods has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK.
Our mission is to improve and safeguard public-facing services. We apply digital thinking to ensure the future of our public services is centred around our citizens.
Our human touch sets us apart from other consultancies, system integrators and software houses - we have a customer-centric value system whereby we focus on delivering what is right for our clients.
We passionately support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them.
Methods are experts in delivering secure, resilient cyber and information services – keeping systems and data safe.
We help reduce risk and vulnerabilities from cyber-attacks by developing a security road-map tailored to your unique needs.
We help organisations improve processes such as threat management by building an identity management programme, and establishing prevention, detection and response capabilities to cyber-attacks.
The Cyber Security Consultant will have the following responsibilities:
- Ability to research, articulate, pitch complex and innovative security advice, at both business and technical levels, for new or existing problems, with the objective to justify and communicate decisions directly to key customer stakeholders including senior management.
- Able to understand and comprehend the impact of decisions, balancing requirements and deciding between approaches
- Develop vision, principles and strategy for security for multiple projects or technologies; working in a particular field as subject matter expert, to support a team in delivering engagements at scale, which may require subtle security needs and requirements, contributing to development of information security policy, standards, procedures and guidelines.
- Effective business acumen and an understanding of the cyber security challenges faced by client, with the objective to develop our cyber assurance practice, by supporting business development and practice management.
- Experience of identifying and applying security risk and familiarity with common control frameworks, with the ability investigating major breaches of security and recommending appropriate control improvements.
- Maintaining awareness of key business and industry trends and understanding how they impact responses to cyber risk, with the contribution of the development of our team through training and coaching.
- Managing, delivering, leading cyber security and cyber risk assignments, with the management of portfolio of clients, across a variety of sectors and locations, including producing documentation, presentation, reports, recommendations and quality assuring, for the work produced by team members and being the point of escalation for lower grade roles.
- Providing our clients with trusted advice, rooted in a pragmatic and agnostic understanding of their business situation and objectives, to help them navigate complex, risk-driven cyber decisions.
- Working as a subject matter expert in your particular field, owning and delivering initiatives to embed quality through learning and other activity, working seamlessly and collaboratively with colleagues and clients from other service lines, supporting a team or colleagues to deliver engagements at scale, with the appropriate reach and influence across the teams and communities.
- Managing diverse teams within an inclusive team culture where people are recognised and encouraged for their contribution.
Requirements
Essential Skills and Experience:
- An experienced consultant with a background in Cyber Security
- Significant experience of leading complex cyber risk assurance engagements.
- Significant experience of working with internal audit teams, and understanding of internal audit practice and controls.
- Significant experience of assessing and reviewing cyber risks and controls.
- Significant experience of testing wider, general technology controls.
- Significant experience of interacting with senior client stakeholders.
- Demonstrable experience of people leadership.
- A technology, security and privacy related background.
- Ability to think creatively, generate innovative ideas, challenge the status quo and deliver effectively with what can often be ambiguous requirements or environments.
- Corporates and financial services industry specialism is desired.
- A proactive mind-set, with the ability to take responsibility and drive key actions forward coupled with excellent oral and written communication skills to aid effective interaction with senior clients and stakeholders.
- Experience of working with a C-suite and IT/Security Managers;
- Broad range of security experience with a distinct specialism in one or several of the following areas:
- Cyber strategy and transformation programmes or security change initiatives;
- Security target operating models;
- Cyber governance, risk management/assessment and compliance;
- Third party cyber risk management and assessment;
- Security architecture and network infrastructure (e.g. firewall rule set review, logging and monitoring capability, network segregation etc.);
- Security testing process and control (e.g. penetration testing, vulnerability management and red teaming etc.); and
- Security standards/frameworks (e.g. ISO 270001, IEC 62443, NIST 800-82, NCSC/CPNI SICS Framework etc.)
- Delivery of client engagements, typically leading the fieldwork using a team of resources, scoping and financial planning, and reporting;
- Delivery of engagements for clients based on complex deliverables and programmes of work, including effective programme, project, financial and people management;
- Experience of developing proposals and tender documentation;
- Strong commercial awareness and business acumen, including a strong understanding of business processes and/or supporting technology;
- Excellent interpersonal skills and experience of developing strong relationships, either as a consultant or within an organisation;
- Able to solve complex problems objectively individually and as part of a team;
- Excellent verbal and written communication skills and the ability to tailor communications to people from a wide range of backgrounds and seniorities; and
- Relevant qualifications, for example CISSP,CISA, CRISC, NCSC-CCP.
Am I the right fit? We're looking for:
- Resilience
- Strong collaboration and team working
- Good Communication skills
- Genuine passion/commitment to improving public services
- A determined and tenacious approach to work
- A creative approach to problem solving
- Good listening and comprehension
- Great stakeholder management
Methods is passionate about its people; we want our colleagues to develop the things they are good at and enjoy.
By joining us you can expect
- Autonomy to develop and grow your skills and experience
- Be part of exciting project work that is making a difference in society
- Strong, inspiring, and thought-provoking leadership
- A supportive and collaborative environment
- Flexibility to learn and grow
This role will require you to have or be willing to go through Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected . Details of this will be discussed with you at interview
Benefits
Methods is passionate about its people; we want our colleagues to develop the things they are good at and enjoy.
By joining us you can expect
- Autonomy to develop and grow your skills and experience
- Be part of exciting project work that is making a difference in society
- Strong, inspiring and thought-provoking leadership
- A supportive and collaborative environment
As well as this, we offer:
Development access to LinkedIn Learning, a management development programme and training
Wellness 24/7 Confidential employee assistance programme
Social - office parties, pizza Friday and commitment to charitable causes
Time off 25 days a year
Pension Salary Exchange Scheme with 4% employer contribution and 5% employee contribution
Discretionary Company Bonus based on company and individual performance
Life Assurance of 4 times base salary
Private Medical Insurance which is non-contributory (spouse and dependants included)
Worldwide Travel Insurance which is non-contributory (spouse and dependants included)
Benefits Platform offering various retail and leisure discounts
Tags: C CISA CISSP Clearance Compliance CRISC Firewalls Governance IEC 62443 Monitoring NIST Pentesting Privacy Risk management Security Clearance Strategy Vulnerabilities Vulnerability management
Perks/benefits: Career development Flex vacation Health care Home office stipend Salary bonus Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs