GRC Consultant in London

GRC Consultant in London

London Full-Time 60000 - 80000 £ / year (est.) Home office (partial)
Mishcon de Reya

At a Glance

  • Tasks: Deliver governance, risk management, and compliance advisory services to diverse clients.
  • Company: Join a leading consulting firm with a focus on GRC excellence.
  • Benefits: Competitive salary, flexible working hours, and opportunities for professional growth.
  • Other info: Dynamic work environment with opportunities to engage with senior leadership.
  • Why this job: Make a real impact by advising top-tier clients on critical risk and compliance issues.
  • Qualifications: 5+ years in GRC or related fields, with strong analytical and communication skills.

The predicted salary is between 60000 - 80000 £ per year.

We are seeking an experienced Senior GRC Consultant to join our consulting practice.

The successful candidate will operate as a client‑facing consultant across a portfolio of concurrent engagements, delivering governance, risk management, and compliance advisory services to multiple clients with the autonomy and rigor expected of a senior consulting professional.

Key Responsibilities

Governance : Assess, develop, and uplift governance frameworks, policies, and procedures across the firm and external client environments.

Ensure that governance structures are robust, clearly documented, and aligned with strategic objectives.

Facilitate governance forums and committees, preparing board‑level and executive reporting as required.

Risk Management : Deliver enterprise‑wide cyber risk assessments across the firm and client environments, including identification, analysis, evaluation, and treatment of key risks.

Maintain and enhance risk registers, ensuring risks are accurately captured, rated, and escalated in accordance with the applicable risk appetite framework.

Assess and uplift risk management methodologies, tools, and reporting mechanisms across stakeholder groups.

Provide subject‑matter expertise and advisory guidance on emerging risks, threat landscapes, and risk mitigation strategies.

Compliance : Monitor and assess compliance posture against applicable laws, regulations, standards, and contractual obligations (e. g.

GDPR, ISO 27001, SOC 2, PCI DSS, NIS2) across the firm and external client engagements.

Design and execute compliance assessment programmes, internal audits, and gap analyses.

Advise on and manage relationships with external auditors, regulators, and certification bodies.

Track regulatory developments and deliver clear, actionable guidance on the impact of new or amended requirements.

Stakeholder Engagement & Advisory : Act as a trusted adviser to senior leadership across the firm and client environments on GRC matters, translating complex risk and compliance topics into clear, actionable insights.

Collaborate with IT, Information Security, Legal, Data Protection, and operational teams to embed GRC principles into day‑to‑day operations and client delivery.

Deliver GRC awareness training and education programmes to promote a risk‑aware culture across the firm and within client organisations.

Reporting & Metrics : Develop and maintain GRC dashboards, key risk indicators (KRIs), and key performance indicators (KPIs) to provide visibility of risk and compliance status across the firm and client engagements.

Define and track meaningful metrics to measure the effectiveness of GRC activities and demonstrate progress against maturity objectives.

Prepare regular reports for senior management, audit committees, and the board as required.

Qualifications

  • A minimum of five (5) years' experience in a GRC, risk management, information security, or compliance role, with demonstrable experience operating at a senior or lead level within a consulting or advisory capacity.
  • Strong working knowledge of governance and risk management frameworks (e. g. ISO 27001, ISO 31000, NIST CSF, COBIT).
  • Proven experience conducting risk assessments, compliance audits, and gap analyses.
  • Experience engaging with regulators, external auditors, and certification bodies.
  • Excellent understanding of relevant regulatory landscapes (e. g. GDPR, NIS2, PCI DSS, FCA regulations, or sector‑specific requirements).
  • Demonstrated ability to deliver GRC advisory services with the autonomy and rigor expected of a senior consulting professional.

Desirable Qualifications & Certifications

  • Professional certifications such as CRISC, CISA, CISM, CISSP, ISO 27001 Lead Auditor/Implementer, or equivalent.
  • Experience with GRC tooling platforms (e. g. Service Now GRC, One Trust, Archer, or similar).
  • Prior experience in financial services, legal, defence, or other highly regulated sectors.
  • Familiarity with third‑party risk management and supply chain assurance programmes.
  • Experience delivering GRC services to multiple clients simultaneously, managing competing priorities and maintaining consistent quality of delivery across engagements.
  • Key Skills & Competencies
  • Exceptional analytical and critical‑thinking skills with the ability to assess complex risk scenarios.
  • Outstanding written and verbal communication skills, with the ability to present to executive and board‑level audiences.
  • Strong client relationship management skills, with the ability to build trust and credibility across diverse stakeholder groups.
  • Proven ability to context‑switch effectively across multiple concurrent engagements without compromising quality of delivery.
  • Strong stakeholder management and influencing skills.
  • Self‑motivated and able to work independently, managing multiple priorities within a fast‑paced consulting environment.
  • High attention to detail and a commitment to delivering quality outcomes.
  • #J-18808-Ljbffr

GRC Consultant in London employer: Mishcon de Reya

Mishcon de Reya is an exceptional employer that fosters a collaborative and innovative work culture, making it an ideal place for professionals looking to make a significant impact in client relationship management. With a strong emphasis on employee growth, the company offers numerous opportunities for professional development and training, particularly in the dynamic field of CRM and marketing automation. Located in a vibrant area, employees benefit from a supportive environment that encourages creativity and teamwork, ensuring that every team member can thrive and contribute to the firm's success.

Mishcon de Reya

Contact Details:

Mishcon de Reya Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land GRC Consultant in London

Join Compliance Communities

Get involved in compliance and risk communities — both online and offline. Look for forums, LinkedIn groups, or even local meetups where compliance pros hang out. You never know who might drop a job opportunity your way!

Attend Industry Conferences

Keep an eye out for compliance and risk management conferences and workshops in your area. These events are a goldmine for networking, and they often have job boards or recruiters on-site looking for new talent. Plus, it’s a chance to learn what's trending in the field.

Leverage Your University Career Services

If you’ve recently graduated or are still studying, head over to your university's career services. Many companies, including those in compliance, actively recruit fresh talent through these services, so make sure you tap into that resource.

Showcase Your Knowledge Online

Start writing articles or blog posts about compliance topics that interest you. Share them on platforms like LinkedIn to demonstrate your knowledge and passion. This not only builds your presence in the field but can also catch the attention of companies like Mishcon de Reya looking for candidates who are engaged and informed.

We think you need these skills to ace GRC Consultant in London

Governance Frameworks
Risk Management
Compliance Assessment
Cyber Risk Assessments
ISO 27001
GDPR
Stakeholder Engagement

Some tips for your application 🫡

Show Your Understanding of Compliance:In the compliance-risk field, it's super important to showcase your understanding of regulations and risk management frameworks. Highlight any relevant coursework, certifications (like ICA or AML), or even projects that demonstrate your knowledge and commitment to this area. We want to see how you can navigate this complex landscape!

Quantify Your Achievements:When detailing your experience, try to quantify your achievements. For example, if you've previously worked on a project that improved compliance metrics or reduced risk exposure, give us the numbers! This data-driven approach really stands out to hiring managers in compliance-risk roles.

Tailor Your CV to Reflect Relevant Skills:Make sure your CV highlights skills that are particularly relevant to compliance, like attention to detail, analytical thinking, and report writing. Ensure these are easy to spot – consider using bullet points to break down your responsibilities and achievements for maximum impact!

Craft a Motivating Cover Letter:In your cover letter, let us know why you’re excited about the compliance-risk role at Mishcon de Reya. Share what motivates you about compliance, and how you believe you can contribute to our mission. This is your chance to showcase not only your skills but also your passion for this important field!

How to prepare for a job interview at Mishcon de Reya

Master the Regulations

Brush up on key compliance regulations relevant to the industry you're applying to. Familiarising yourself with specific laws and frameworks used in your field will give you an edge during technical questions. Show that you’re not just aware of them but can also apply them—think real-life scenarios!

Show Your Analytical Skills

Compliance roles really focus on analytical skills, so be prepared for case studies or situational questions during the interview. We've got to demonstrate how we approach risk assessments or compliance audits, possibly drawing on examples from past experiences or university projects. Bring some thoughtful case scenarios to discuss!

Know Your Tools

Get comfortable with commonly used compliance software and tools. Familiarity with platforms like RSA or MetricStream can really impress during your interview, as it shows you're ready to hit the ground running. If you’ve had any experience with them, make sure to highlight that!

Align with Company Culture

Since it's a full-time position, show your long-term commitment and interest in the company’s mission and values. Dive into how your ethics and professional philosophy align with Mishcon de Reya’s stance on compliance. A shared vision can really resonate with interviewers looking for fit as much as skill!