Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead third-party risk assessments and develop enterprise-wide awareness training.
- Company: Join a leading global financial services firm focused on cybersecurity.
- Benefits: Enjoy a competitive package, career progression, and a collaborative team culture.
- Why this job: Make a real impact on security posture while influencing cyber risk management.
- Qualifications: 6+ years in GRC within cybersecurity; certifications like CISA or CISSP are a plus.
- Other info: Work in a dynamic InfoSec team with visibility to senior stakeholders.
The predicted salary is between 43200 - 72000 £ per year.
Social network you want to login/join with:
Governance Risk and Compliance Lead (GRC) – Cyber, London
Client:
Marlin Selection
Location:
London, United Kingdom
Job Category:
Other
EU work permit required:
Yes
Job Reference:
0b3690dacbce
Job Views:
9
Posted:
14.07.2025
Expiry Date:
28.08.2025
Job Description:
We\’re partnering with a leading global financial services firm to appoint a Governance, Risk, and Compliance (GRC) Lead into their high-performing Information Security function.
GRC Lead – Cybersecurity (Financial Services)
London | Competitive Package
As a trusted search partner, we’re looking for an experienced and strategic GRC professional who can bring deep subject matter expertise across third-party risk, regulatory compliance, audit readiness, and awareness training. You’ll play a pivotal role in helping the firm navigate the evolving threat landscape while maintaining compliance with complex global regulations.
The Opportunity
Sitting within a dynamic global InfoSec team, you’ll be responsible for:
- Leading third-party risk assessments and driving continuous improvement of vendor governance processes.
- Owning client due diligence responses, ensuring the business meets external compliance and assurance requirements.
- Developing and delivering enterprise-wide awareness training, phishing simulations, and educational campaigns.
- Advising technical teams and stakeholders on controls around access management, incident handling, BCP, SDLC, and data protection.
- Supporting audits and regulatory engagements, including evidence gathering and remediation tracking.
- Facilitating a governance programme around risk acceptances and policy exceptions.
- Mentoring junior GRC professionals and driving internal knowledge sharing.
What We’re Looking For
We’re keen to speak with individuals who bring:
- 6+ years of experience in GRC within cybersecurity, ideally in financial services or highly regulated environments.
- Proven capability in third-party risk management, client due diligence, and compliance frameworks (NIST, ISO 27001, DORA, etc.).
- Experience in managing audits and regulatory engagements across multiple jurisdictions.
- Excellent communication skills – able to translate complex technical concepts to non-technical stakeholders.
- A collaborative, proactive approach with the ability to thrive in a global, fast-moving organisation.
- Bonus points if you hold certifications such as CISA, CRISC, CISM, CISSP or equivalent.
Tools You Might Use
Familiarity with platforms such as:
- InfoSec training solutions (e.g., Ninjio)
- Third-party risk platforms (e.g., Venminder, CyberGRX, Upguard)
- Microsoft O365 suite
Why Apply?
This is a high-impact role offering direct visibility with senior stakeholders, the chance to shape security posture across a global organisation, and real opportunities for career progression. You’ll be supported by a collaborative team culture, continuous learning, and the ability to influence how cyber risk is managed across a major financial institution.
If you would like to discuss this role in confidence, reach out to Javed Hussain at 0208 142 3930.
#J-18808-Ljbffr
Governance Risk and Compliance Lead (GRC) - Cyber employer: Marlin Selection
Contact Detail:
Marlin Selection Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Governance Risk and Compliance Lead (GRC) - Cyber
✨Tip Number 1
Network with professionals in the cybersecurity and GRC fields. Attend industry events, webinars, or local meetups to connect with others who work in financial services. This can help you gain insights into the role and potentially get referrals.
✨Tip Number 2
Stay updated on the latest trends and regulations in cybersecurity and GRC. Follow relevant blogs, podcasts, and news sources to ensure you can speak knowledgeably about current challenges and solutions during interviews.
✨Tip Number 3
Prepare to discuss specific examples of your experience with third-party risk management and compliance frameworks. Be ready to explain how you've successfully navigated audits and regulatory engagements in previous roles.
✨Tip Number 4
Familiarise yourself with the tools mentioned in the job description, such as InfoSec training solutions and third-party risk platforms. Being able to demonstrate your proficiency with these tools can set you apart from other candidates.
We think you need these skills to ace Governance Risk and Compliance Lead (GRC) - Cyber
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Governance, Risk, and Compliance (GRC) within cybersecurity. Emphasise your familiarity with compliance frameworks like NIST and ISO 27001, as well as any certifications you hold.
Craft a Compelling Cover Letter: Write a cover letter that showcases your strategic thinking and ability to navigate complex regulatory environments. Mention specific examples of how you've led third-party risk assessments or developed awareness training in previous roles.
Highlight Communication Skills: Since excellent communication is key for this role, provide examples in your application of how you've successfully translated technical concepts to non-technical stakeholders. This will demonstrate your ability to collaborate effectively.
Showcase Leadership Experience: If you have experience mentoring junior GRC professionals or leading teams, make sure to include this in your application. Highlighting your leadership skills will show that you're capable of driving internal knowledge sharing and fostering a collaborative team culture.
How to prepare for a job interview at Marlin Selection
✨Showcase Your Expertise
Make sure to highlight your extensive experience in Governance, Risk, and Compliance, especially within cybersecurity. Be prepared to discuss specific frameworks you've worked with, such as NIST or ISO 27001, and how you've applied them in previous roles.
✨Prepare for Technical Questions
Expect questions that delve into technical aspects of GRC. Brush up on your knowledge of third-party risk management and compliance frameworks, and be ready to explain complex concepts in a way that non-technical stakeholders can understand.
✨Demonstrate Leadership Skills
As this role involves mentoring junior professionals, be prepared to discuss your leadership style and experiences. Share examples of how you've successfully led teams or initiatives in the past, particularly in high-pressure environments.
✨Research the Company Culture
Understanding the company's values and culture is crucial. Familiarise yourself with their approach to cybersecurity and compliance, and think about how your own values align with theirs. This will help you articulate why you're a good fit for their team.
