Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead third-party risk assessments and develop enterprise-wide awareness training.
- Company: Join a globally recognised financial services firm with a strong cyber security programme.
- Benefits: Enjoy a competitive package, career progression, and a collaborative team culture.
- Why this job: Make a real impact on global security posture while working in a fast-paced environment.
- Qualifications: 6+ years in GRC within cybersecurity, ideally in financial services; strong communication skills required.
- Other info: Opportunity to mentor junior professionals and influence cyber risk management.
The predicted salary is between 48000 - 84000 £ per year.
We're partnering with a leading global financial services firm to appoint a Governance, Risk, and Compliance (GRC) Lead into their high-performing Information Security function. This is an exciting opportunity to join a fast-paced, globally recognised institution with a mature cyber programme and significant investment in its security posture.
As a trusted search partner, we’re looking for an experienced and strategic GRC professional who can bring deep subject matter expertise across third-party risk, regulatory compliance, audit readiness, and awareness training. You’ll play a pivotal role in helping the firm navigate the evolving threat landscape while maintaining compliance with complex global regulations.
The Opportunity
- Leading third-party risk assessments and driving continuous improvement of vendor governance processes.
- Owning client due diligence responses, ensuring the business meets external compliance and assurance requirements.
- Developing and delivering enterprise-wide awareness training, phishing simulations, and educational campaigns.
- Advising technical teams and stakeholders on controls around access management, incident handling, BCP, SDLC, and data protection.
- Supporting audits and regulatory engagements, including evidence gathering and remediation tracking.
- Facilitating a governance programme around risk acceptances and policy exceptions.
- Mentoring junior GRC professionals and driving internal knowledge sharing.
What We’re Looking For
- 6+ years of experience in GRC within cybersecurity, ideally in financial services or highly regulated environments.
- Proven capability in third-party risk management, client due diligence, and compliance frameworks (NIST, ISO 27001, DORA, etc.).
- Experience in managing audits and regulatory engagements across multiple jurisdictions.
- Excellent communication skills – able to translate complex technical concepts to non-technical stakeholders.
- A collaborative, proactive approach with the ability to thrive in a global, fast-moving organisation.
- Bonus points if you hold certifications such as CISA, CRISC, CISM, CISSP or equivalent.
Tools You Might Use
- Familiarity with platforms such as InfoSec training solutions (e.g., Ninjio)
- Third-party risk platforms (e.g., Venminder, CyberGRX, Upguard)
- Microsoft O365 suite
Why Apply?
This is a high-impact role offering direct visibility with senior stakeholders, the chance to shape security posture across a global organisation, and real opportunities for career progression. You’ll be supported by a collaborative team culture, continuous learning, and the ability to influence how cyber risk is managed across a major financial institution.
If you would like to discuss this role in confidence reach out to Javed Hussain 0208 142 3930.
Governance Risk and Compliance Lead (GRC) - Cyber employer: Marlin Selection Ltd
Contact Detail:
Marlin Selection Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Governance Risk and Compliance Lead (GRC) - Cyber
✨Tip Number 1
Familiarise yourself with the specific compliance frameworks mentioned in the job description, such as NIST and ISO 27001. Understanding these frameworks will not only help you in interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the cybersecurity field, especially those who work in financial services. Attend industry events or webinars to connect with potential colleagues and learn about the latest trends in GRC.
✨Tip Number 3
Prepare to discuss your experience with third-party risk management and client due diligence in detail. Be ready to share specific examples of how you've successfully navigated these areas in previous roles.
✨Tip Number 4
Showcase your communication skills by practising how to explain complex technical concepts in simple terms. This is crucial for the role, as you'll need to engage with non-technical stakeholders effectively.
We think you need these skills to ace Governance Risk and Compliance Lead (GRC) - Cyber
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in Governance, Risk, and Compliance (GRC) specifically within cybersecurity. Emphasise your familiarity with compliance frameworks like NIST and ISO 27001, as well as any relevant certifications you hold.
Craft a Compelling Cover Letter: In your cover letter, explain why you're passionate about GRC in the financial services sector. Mention specific examples of how you've successfully managed third-party risk or led compliance initiatives in previous roles.
Showcase Communication Skills: Since excellent communication skills are crucial for this role, consider including examples in your application that demonstrate your ability to translate complex technical concepts to non-technical stakeholders.
Highlight Leadership Experience: If you have experience mentoring junior professionals or leading teams, make sure to include this in your application. This will show your capability to drive internal knowledge sharing and support the development of others in the field.
How to prepare for a job interview at Marlin Selection Ltd
✨Showcase Your GRC Expertise
Make sure to highlight your experience in Governance, Risk, and Compliance, especially within cybersecurity. Be prepared to discuss specific frameworks you've worked with, such as NIST or ISO 27001, and how you've applied them in previous roles.
✨Demonstrate Communication Skills
Since the role requires translating complex technical concepts to non-technical stakeholders, practice explaining your past projects in simple terms. Use examples that showcase your ability to communicate effectively across different levels of an organisation.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving skills in real-world scenarios. Think about past experiences where you led third-party risk assessments or managed audits, and be ready to explain your thought process and outcomes.
✨Emphasise Collaboration and Proactivity
This role thrives in a collaborative environment, so be sure to share examples of how you've worked with cross-functional teams. Highlight instances where your proactive approach led to improvements in compliance or risk management processes.
