GRC Consultant - pathway to practice leadership

GRC Consultant - pathway to practice leadership

Full-Time 60000 - 80000 £ / year (est.) No working from home possible
N

At a Glance

  • Tasks: Lead GRC consulting, develop compliance strategies, and engage with clients on governance.
  • Company: Award-winning IT Managed Services provider with a strong growth trajectory.
  • Benefits: Hybrid working, supportive onboarding, and opportunities for rapid career advancement.
  • Other info: Opportunity to build a new practice and lead a dedicated team.
  • Why this job: Join a fast-growing team and shape the future of GRC services.
  • Qualifications: Experience in Governance, Risk & Compliance and a passion for security.

The predicted salary is between 60000 - 80000 £ per year.

This is a new role with one of our regular clients, a well-established, award-winning IT Managed Services provider, recognised as one of the fastest-growing MSPs in the country. The company has always prided itself on progressing staff through the ranks but they're excelling themselves in this instance: they are hiring someone who can specialise in an emerging part of their business and who will ultimately be given the chance to build a practice around them. This is a fantastic opportunity for someone who's built up expertise in Governance, Risk and Compliance and sees themselves heading a function within a year or two.

The company has been around for 20+ years and has a tremendous track record as a Microsoft-centric IT MSP, with more than 300 clients from a wide range of sectors. The business has seen growing demand for GRC-related services. These include Cyber Essentials, Cyber Essentials Plus, ISO 27001, GDPR and Data Protection compliance, compliance in regulated sectors, BC and DR planning, vCISO assignments and AI governance. The company has developed a thorough Cyber Security Framework, is launching a Compliance-as-a-Service offering, has various relevant technical partnerships and capabilities in-house. However, the potential to scale the GRC offering goes beyond the capacity of the current team. Hence, the business wants to hire a dedicated GRC specialist who has the desire and potential to grow out a specialist business unit.

Currently, this role is effectively undertaken by the CEO, CTO and Head of Sales. The first twelve months in the role will focus on assuming an increasing amount of responsibility for GRC consulting activities from these three. This will be a very supportive process, engaging mainly with long-standing clients and ensuring that the positioning of GRC services, or delivery of GRC assignments, is well aligned to the company's established ways of working and dovetails well with existing relationships.

A more detailed summary of the duties looks like this:

  • Client Compliance & Governance engagements including Compliance as a Service
  • Conduct governance reviews, maturity assessments, compliance audits
  • Develop & maintain client risk registers, remediation plans, governance frameworks
  • Produce governance roadmaps
  • Lead compliance workshops
  • Virtual CISO services
  • Develop client cyber security & governance strategies
  • Board-level security & risk reporting
  • Risk Management, Supplier Assurance & third-party risk assessment & mitigation
  • Lead client Operational Resilience, Business Continuity and Disaster Recovery programmes
  • Provide expert advice on compliance frameworks & regulatory issues
  • Develop and advise on AI governance frameworks
  • Work closely with internal technical team to align compliance requirements with security controls
  • Work closely with the sales team to support the sale of CaaS service to new and existing clients
  • Take lead role in supporting internal governance.

Ultimately, as incoming Head of GRC, the following responsibilities will be added:

  • Establish GRC practice including fully implemented governance and compliance roadmap
  • Grow Compliance revenue in line with agreed targets
  • Increase CaaS adoption amongst client base
  • Increase compliance maturity among client base
  • Maintain and improve certification levels
  • Develop new governance and compliance services
  • Develop and deliver relevant GRC thought-leadership content
  • Develop multi-year roadmap for GRC business
  • Own the performance, development and direction of the GRC practice
  • Support the recruitment of required resources as the practice expands

The fundamental requirements are as follows:

  • Experience in Governance, Risk & Compliance, Information Security, Audit or Risk Management
  • Experience of conducting audits, compliance reviews, governance assessments
  • Good knowledge of Cyber Essentials/Plus, GDPR, Data Protection
  • Experience presenting to senior stakeholders
  • Strong commercial awareness, with the potential to progress into a leadership role
  • A passion for helping organisations with their governance, security and resilience.

If you have any of the following, that would be a bonus:

  • ISO 27001 Lead Auditor or Lead Implementer
  • CISSP, CRISC, CISM, CISMP or equivalent
  • Experience of delivering vCISO services
  • Knowledge of NIST CSF, CAF, DSPT
  • Knowledge of Microsoft 365 security and compliance tools
  • Experience in an MSP environment

The working pattern is hybrid, with 3 days in the office per week. It's likely that you'll spend more time in the office in the early days in the interests of a thorough and supportive onboarding process.

GRC Consultant - pathway to practice leadership employer: Nemo Resourcing

Join a dynamic and award-winning IT Managed Services provider that prioritises employee growth and development, offering a clear pathway from GRC Consultant to Head of GRC within just a couple of years. With a supportive work culture and a commitment to innovation in Governance, Risk, and Compliance, you'll have the opportunity to shape a new practice while working alongside experienced leaders in a hybrid environment that fosters collaboration and professional advancement.

N

Contact Details:

Nemo Resourcing Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land GRC Consultant - pathway to practice leadership

Join Compliance Communities

Get involved in compliance and risk communities — both online and offline. Look for forums, LinkedIn groups, or even local meetups where compliance pros hang out. You never know who might drop a job opportunity your way!

Attend Industry Conferences

Keep an eye out for compliance and risk management conferences and workshops in your area. These events are a goldmine for networking, and they often have job boards or recruiters on-site looking for new talent. Plus, it’s a chance to learn what's trending in the field.

Leverage Your University Career Services

If you’ve recently graduated or are still studying, head over to your university's career services. Many companies, including those in compliance, actively recruit fresh talent through these services, so make sure you tap into that resource.

Showcase Your Knowledge Online

Start writing articles or blog posts about compliance topics that interest you. Share them on platforms like LinkedIn to demonstrate your knowledge and passion. This not only builds your presence in the field but can also catch the attention of companies like Nemo Resourcing looking for candidates who are engaged and informed.

We think you need these skills to ace GRC Consultant - pathway to practice leadership

Governance, Risk and Compliance (GRC)
Information Security
Audit
Risk Management
Cyber Essentials/Plus
GDPR
Data Protection Compliance

Some tips for your application 🫡

Show Your Understanding of Compliance:In the compliance-risk field, it's super important to showcase your understanding of regulations and risk management frameworks. Highlight any relevant coursework, certifications (like ICA or AML), or even projects that demonstrate your knowledge and commitment to this area. We want to see how you can navigate this complex landscape!

Quantify Your Achievements:When detailing your experience, try to quantify your achievements. For example, if you've previously worked on a project that improved compliance metrics or reduced risk exposure, give us the numbers! This data-driven approach really stands out to hiring managers in compliance-risk roles.

Tailor Your CV to Reflect Relevant Skills:Make sure your CV highlights skills that are particularly relevant to compliance, like attention to detail, analytical thinking, and report writing. Ensure these are easy to spot – consider using bullet points to break down your responsibilities and achievements for maximum impact!

Craft a Motivating Cover Letter:In your cover letter, let us know why you’re excited about the compliance-risk role at Nemo Resourcing. Share what motivates you about compliance, and how you believe you can contribute to our mission. This is your chance to showcase not only your skills but also your passion for this important field!

How to prepare for a job interview at Nemo Resourcing

Master the Regulations

Brush up on key compliance regulations relevant to the industry you're applying to. Familiarising yourself with specific laws and frameworks used in your field will give you an edge during technical questions. Show that you’re not just aware of them but can also apply them—think real-life scenarios!

Show Your Analytical Skills

Compliance roles really focus on analytical skills, so be prepared for case studies or situational questions during the interview. We've got to demonstrate how we approach risk assessments or compliance audits, possibly drawing on examples from past experiences or university projects. Bring some thoughtful case scenarios to discuss!

Know Your Tools

Get comfortable with commonly used compliance software and tools. Familiarity with platforms like RSA or MetricStream can really impress during your interview, as it shows you're ready to hit the ground running. If you’ve had any experience with them, make sure to highlight that!

Align with Company Culture

Since it's a full-time position, show your long-term commitment and interest in the company’s mission and values. Dive into how your ethics and professional philosophy align with Nemo Resourcing’s stance on compliance. A shared vision can really resonate with interviewers looking for fit as much as skill!