At a Glance
- Tasks: Identify and manage security risks while ensuring compliance with industry standards.
- Company: Dynamic London-based organisation focused on governance and risk management.
- Benefits: Competitive salary of £60,000 plus benefits and opportunities for professional growth.
- Other info: Engage with senior stakeholders and enhance your skills in a collaborative setting.
- Why this job: Join a key team shaping the future of risk management in a tech-driven environment.
- Qualifications: Experience in governance, risk management, or compliance within IT or regulated sectors.
The predicted salary is between 60000 - 60000 £ per year.
We are recruiting for a client in London for a GRC OFFICER (with OT and IT experience) Reporting into Head of IT and Security. £60,000pa (including benefits). Role ensures that security/operational risks are effectively identified, assessed and monitored, and that the organisation maintains compliance with relevant legislation, industry standards and internal policies. This position operates as a key member of the second line of defence, working closely with business units, technical teams and senior stakeholders to embed robust governance and risk practices.
Essential Skills & Experience
- Demonstrable experience in governance, risk management or compliance within an IT/ technology, operational, regulated or critical services environment.
- Strong understanding of risk management methodologies and compliance frameworks (e.g., ISO 27001, NIST CSF, NIS, CAF).
- Excellent written and verbal communication skills with proven stakeholder engagement capability.
- Ability to interpret and translate regulatory requirements into practical processes and controls.
- Strong organisational skills with the ability to manage multiple workstreams effectively.
Desirable Skills & Experience
- Experience working in regulated sectors (e.g., transport, utilities, financial services, health, government, technology).
- Exposure to operational technology (OT) or industrial control systems (ICS) risk and compliance.
- Experience in developing policies, standards and governance reporting.
- Relevant certifications such as ISO 27001 Lead Implementer/Lead Auditor, CISMP, CRISC, CISM, or similar.
Areas of focus:
Risk Management
- Implement and maintain the organisation’s risk management framework, including risk identification, assessment, treatment planning and monitoring.
- Facilitate risk assessments across business units and support the development of risk mitigation strategies.
- Monitor and report on risk trends, control effectiveness and emerging threats.
Compliance
- Support the organisation’s compliance programme, ensuring adherence to relevant laws, regulations and standards (e.g., ISO 27001, NIS Regulations, GDPR, sector‑specific obligations).
- Maintain compliance registers, audit evidence repositories and documentation to demonstrate ongoing compliance.
- Monitor changes in regulatory and industry requirements and assess their impact on the organisation.
- Coordinate internal and external audits, including evidence collection and management of findings.
Governance & Policy Support
- Contribute to the development, review and implementation of policies, standards and governance processes.
- Produce clear, accurate reports for senior leadership, committees and governance bodies.
- Support the establishment and continuous improvement of governance controls and assurance mechanisms.
- Hold accountability across all technology departments for the governance and assurance of change management, including oversight of changes to systems, data pipelines, AI models, prompts, and configurations, ensuring that appropriate approval, risk assessment, testing, documentation, and audit evidence are maintained prior to implementation.
Awareness & Engagement
- Assist in the design and delivery of awareness, engagement and training activities related to security, compliance and risk.
- Communicate complex requirements to both technical and non-technical stakeholders in a practical and business relevant manner.
Qualifications
- Degree in Information Security, Risk Management, Business, Law or a related discipline; or equivalent professional experience.
- Professional qualifications in information security, risk or compliance are beneficial but not essential.
Personal Attributes
- Detail‑oriented and methodical, with strong analytical skills.
- Proactive and able to work independently while engaging collaboratively across teams.
- Able to simplify complex subjects into accessible and actionable guidance.
- Confident engaging with stakeholders at all levels, including senior leaders.
For more information please apply asap.
Governance, Risk & Compliance (GRC) (with OT and IT experience) in Slough employer: Edward Mann
Join a forward-thinking organisation in London that prioritises governance, risk, and compliance while fostering a collaborative work culture. With a competitive salary of £60,000 and comprehensive benefits, employees are encouraged to grow through continuous learning and development opportunities. This role not only offers the chance to work with cutting-edge technology but also to engage with senior stakeholders, making a meaningful impact on the organisation's risk management and compliance strategies.
StudySmarter Expert Advice🤫
We think this is how you could land Governance, Risk & Compliance (GRC) (with OT and IT experience) in Slough
✨Tip Number 1
Network like a pro! Reach out to your connections in the GRC field and let them know you're on the hunt for a role. Attend industry events or webinars to meet potential employers and make a lasting impression.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of risk management methodologies and compliance frameworks. Be ready to discuss how you've applied these in past roles, especially in regulated sectors.
✨Tip Number 3
Showcase your communication skills! Practice explaining complex regulatory requirements in simple terms. This will help you connect with both technical and non-technical stakeholders during interviews.
✨Tip Number 4
Don't forget to apply through our website! We have loads of resources to help you land that GRC Officer role, and applying directly can give you an edge over other candidates.
We think you need these skills to ace Governance, Risk & Compliance (GRC) (with OT and IT experience) in Slough
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the GRC role. Highlight your experience in governance, risk management, and compliance, especially within IT or operational environments. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about GRC and how your background aligns with our needs. Keep it engaging and relevant to the job description – we love a good story!
Showcase Your Communication Skills:Since excellent communication is key for this role, make sure your application reflects that. Use clear and concise language, and don’t shy away from demonstrating how you've effectively engaged with stakeholders in the past.
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It helps us keep track of your application and ensures you don’t miss out on any important updates. Plus, it’s super easy!
How to prepare for a job interview at Edward Mann
✨Know Your Frameworks
Make sure you brush up on key compliance frameworks like ISO 27001 and NIST CSF. Be ready to discuss how you've applied these in past roles, especially in risk management and compliance contexts.
✨Showcase Your Communication Skills
Since this role involves engaging with various stakeholders, practice explaining complex regulatory requirements in simple terms. Use examples from your experience where you successfully communicated with both technical and non-technical teams.
✨Prepare for Scenario Questions
Expect scenario-based questions that assess your problem-solving skills in risk management. Think of specific situations where you identified risks and implemented mitigation strategies, and be ready to share those stories.
✨Demonstrate Your Organisational Skills
Highlight your ability to manage multiple workstreams effectively. Prepare to discuss how you prioritise tasks and ensure compliance across different projects, showcasing your detail-oriented approach.
