Governance Risk & Compliance Manager

Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals.

About the role

The Governance Risk & Compliance Manager is primarily an operational role and will be required to operate with high levels of autonomy, effectively managing regulatory requirements, implementing risk management strategies, and promoting a culture of compliance based on continuous improvements.

Key Responsibilities

• Develop and maintain GRC frameworks aligned with ISO 27001, NIST, GDPR, and NIS2 standards.

• Conduct risk assessments across business units, vendors, and projects
• Monitor regulatory changes and ensure compliance with legal and contractual obligations
• Support business continuity and disaster recovery planning and testing
• Manage internal audits, compliance reporting, and remediation activities
• Coordinate GDPR compliance and data protection processes across the organisation
• Drive improvements in security culture through awareness and training
• Collaborate with stakeholders to identify and address control deficiencies

Experience and Knowledge

• Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes.
• Understanding of regulatory requirements, including cross-industry regulations (e.g., GDPR, Data Protection Act) and industry-specific regulations.
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
• Knowledge of OneTrust risk management toolset or similar preferred
• Proven ability to communicate with technical teams to elicit information and requirements.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate compliance and risk related concepts to technical and nontechnical audiences.
• CISA, CISM or equivalent.
• BSc or equivalent qualification in IT based degree

At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here\’s what you can expect as part of our benefits package:

• Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth.
• Flexible working: Flexible work arrangements to support your work-life balance. We can’t promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can.
• A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well-being, and insurance schemes.

At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don’t tick all the boxes but feel you have some of the relevant skills and experience we’re looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.