Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead GRC consulting engagements and develop compliance frameworks for critical national infrastructure clients.
- Company: Join NTT DATA UK, a leader in Cyber Security Consulting with a focus on innovation.
- Benefits: Enjoy competitive salary, health coverage, flexible work options, and continuous learning opportunities.
- Why this job: Make a real impact in cybersecurity while advancing your career in a supportive environment.
- Qualifications: 3-5 years in GRC consulting, strong knowledge of UK regulations, and relevant certifications.
- Other info: Hybrid working model with travel across the UK and a commitment to diversity and inclusion.
The predicted salary is between 36000 - 60000 £ per year.
The GRC Security Consultant role is central to delivering complex Governance, Risk, and Compliance (GRC) engagements independently for Critical National Infrastructure (CNI) clients. As part of NTT DATA UK's Cyber Security Consulting team, this mid-level position empowers individuals to make a tangible impact by leveraging their expertise in UK regulatory frameworks such as the NCSC Cyber Assessment Framework (CAF), ISO 27001, and NIS Regulations. Ideal candidates will excel in client-facing leadership, technical execution, and mentorship roles, advancing both organizational objectives and their personal professional growth.
Responsibilities
- Lead end-to-end execution of GRC consulting engagements, including compliance assessments, risk reviews, and policy framework development.
- Provide strategic advisory services and manage day-to-day client relationships, acting as a trusted partner in matters of GRC.
- Conduct independent evaluations of compliance aligned with NCSC CAF, ISO 27001, NIS Regulations, and other sector-specific security frameworks.
- Design and implement robust governance frameworks, risk management programs, and compliance tracking systems tailored to client needs.
- Facilitate workshops with client teams (5-20 stakeholders) to address risk assessments, control frameworks, and strategic planning.
- Develop high-quality deliverables such as risk registers, compliance roadmaps, remediation plans, and board presentations.
- Serve as mentor to junior consultants (P1 level), supporting skill development and conducting technical reviews of their work.
- Contribute to business development initiatives, including crafting client proposals, leading pitches, and promoting thought leadership.
- Maintain professional certifications and stay abreast of regulatory changes impacting CNI industries.
Qualifications
- 3-5 years of proven experience in GRC consulting, information security, or cyber risk-related roles.
- Substantial expertise in UK regulatory standards including NCSC CAF, NIS Regulations, ISO 27001, with tangible examples of their application.
- Bachelor's degree in cybersecurity, information assurance, computer science, or related fields. A Master's degree is advantageous.
- Certifications such as CISSP, CRISC, CISM, ISO 27001 Lead Auditor/Implementer, or equivalent professional credentials.
- Demonstrated ability to manage client relationships, deliver advisory services, and oversee workstreams independently.
- Experience working within the Critical National Infrastructure sectors (energy, telecommunications, public utilities).
- Background in independently designing and implementing governance programs for enterprise organizations.
- An advanced skill set in risk management methodologies, such as NIST RMF or ISO 31000, used to support client scenarios.
Benefits & Inclusion
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensures continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options. We are an equal opportunities employer committed to promoting equity and diversity in our employment practices. We are a Disability Confident Committed Employer, dedicated to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions to remove barriers to employment opportunities. We guarantee an interview to applicants who declare a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.
Working Arrangements & Compensation
Hybrid working model balancing remote work with client site attendance (typically 3-4 days per week at client sites). Frequent travel across the UK (up to 60% of time), reimbursed by NTT DATA UK. Competitive salary package supplemented with professional certification reimbursements, health coverage, and industry-leading benefits programs.
GRC Security Consultant employer: NTT DATA UK Ltd.
Contact Detail:
NTT DATA UK Ltd. Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land GRC Security Consultant
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the GRC space. Attend industry events, webinars, or even local meetups. You never know who might have the inside scoop on job openings or can refer you to someone looking for a consultant.
✨Tip Number 2
Show off your expertise! Create a personal website or LinkedIn profile that highlights your skills in UK regulatory frameworks like NCSC CAF and ISO 27001. Share articles, insights, or case studies that demonstrate your knowledge and passion for GRC.
✨Tip Number 3
Practice makes perfect! Prepare for interviews by role-playing common questions related to GRC consulting. Think about how you’d handle client relationships or lead workshops. The more you practice, the more confident you’ll feel when it’s time to shine.
✨Tip Number 4
Don’t forget to apply through our website! We’re always on the lookout for talented individuals like you. Keep an eye on our job listings and make sure to submit your application directly to us for the best chance of landing that GRC Security Consultant role.
We think you need these skills to ace GRC Security Consultant
Some tips for your application 🫡
Tailor Your CV: Make sure your CV reflects the specific skills and experiences that match the GRC Security Consultant role. Highlight your expertise in UK regulatory frameworks like NCSC CAF and ISO 27001, as these are key to impressing us.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to tell us why you're passionate about GRC consulting and how your background makes you the perfect fit for our team. Be sure to mention any relevant projects or achievements.
Showcase Your Client Management Skills: Since this role involves managing client relationships, make sure to include examples of how you've successfully led client engagements in the past. We want to see your ability to act as a trusted partner!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates during the process!
How to prepare for a job interview at NTT DATA UK Ltd.
✨Know Your Regulations
Make sure you brush up on the UK regulatory frameworks mentioned in the job description, like NCSC CAF, ISO 27001, and NIS Regulations. Be ready to discuss how you've applied these standards in your previous roles, as this will show your expertise and relevance to the position.
✨Showcase Your Client Management Skills
Since this role involves managing client relationships, prepare examples of how you've successfully led client engagements in the past. Think about specific challenges you faced and how you overcame them, as well as any feedback you received from clients that highlights your strengths.
✨Prepare for Technical Questions
Expect to dive deep into technical discussions during your interview. Brush up on risk management methodologies like NIST RMF or ISO 31000, and be prepared to explain how you've used these frameworks to support client scenarios. This will demonstrate your technical prowess and problem-solving abilities.
✨Be Ready to Mentor
As a GRC Security Consultant, you'll likely be mentoring junior consultants. Think about your mentoring style and prepare to share examples of how you've supported others in their professional development. This will show your leadership potential and commitment to team growth.
