Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join us as a GRC Consultant, scoping customer needs and delivering impactful consultancy projects.
- Company: Phoenix empowers UK organisations with innovative IT solutions for digital transformation.
- Benefits: Enjoy remote work flexibility, skill development, and a supportive culture.
- Why this job: Be part of a dynamic team that values your growth and fosters a collaborative environment.
- Qualifications: Experience in GRC consultancy and ability to communicate complex standards simply is essential.
- Other info: Monthly visits to HQ in Pocklington; BPSS check required for all employees.
The predicted salary is between 36000 - 60000 £ per year.
Overview of the role
Phoenix enables digital transformation in the workplace, empowering UK organisations to innovate and transform with cloud and hybrid infrastructures, data, AI, security, and collaboration tools.
We are now looking for a Governance, Risk & Compliance (GRC) Consultant to join the team and help deliver a range of customer engagements.
What will you be doing?
- Scoping of customer requirements, working with the GRC Practice Lead and Business Development Manager to identify GRC opportunities
- Providing internal support to key business functions within the organisation around GRC
- Delivery of GRC consultancy projects to a range of customers across the public sector and corporate sector, this includes:
- Security/maturity assessments
- Cyber security strategy development
- ISO services – from gap analysis, external auditing and implementation support around ISO27001, ISO22301 & ISO42001
- AI governance workshops
- Third party risk management
- Incident response planning, including CSIRPs, tabletop exercises, Business Impact Assessments, Disaster Recovery and Business Continuity Plans and support
Why you should apply?
At Phoenix, our philosophy is simple – we aim to be the UK’s leading IT solution and managed service provider and that means we recognise that it’s our people who are the heart of everything we do.
We do this by providing the encouragement, support and skill development that you need to be the very best you can be at work. We are proud of our culture, so much so that we have developed our Culture Blueprint which you can read here.
What are we looking for?
The right person for this role will already have a track record and pedigree in delivering GRC consultancy to a varied customer base. You will be comfortable in the consultant role with the commercial awareness to be excellent in a customer-facing role such as this.
Those who have only experience in an internal role or as an engineer will not be suitable for this position.
Key skills/experience
- A consistent track record and pedigree in delivering GRC consultancy to a varied customer base
- Ability to understand and succinctly explain the complex requirements of frameworks, standards and best practice including ISO27001/22301, CIS and Cyber Essentials
- Experience of creating CSIRPs or similar incident response documentation, and delivery of tabletop exercises
- Ability to create high quality reports and documentation, meeting deadlines
- Ability to translate technical content into simple and straightforward language, and deal with a range of technical and non-technical stakeholders
- Ability to form rapport and trust with customers quickly, and dedication to delivering outstanding work
Practical stuff
Where is the role based? Our HQ is in Pocklington (YO42) however this role can be largely remote with a visit once a month.
How many interviews? Following a screen with the Recruitment Team you can expect a two-stage interview process.
What are the benefits? You can read about the benefits on offer here.
Important: BPSS Check
As part of our recruitment process due to the nature of the work we do, all employees are required to undertake a Baseline Personal Security Standard (BPSS) check. While some employees require further security clearance, the BPSS check is a must-have requirement and all offers of employment are conditional pending the passing of this check.
Have you made it this far?
If you’re still reading, we think there’s a strong chance you might be our kind of person. If you don’t check every box above, we still encourage you to introduce yourself. We believe a diversity of perspectives and experiences makes a team stronger – and the stronger our team, the more successful we will be.
#J-18808-Ljbffr
Governance, Risk and Compliance Consultant employer: Phoenix Software Limited
Contact Detail:
Phoenix Software Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Governance, Risk and Compliance Consultant
✨Tip Number 1
Familiarise yourself with the specific GRC frameworks and standards mentioned in the job description, such as ISO27001 and Cyber Essentials. This knowledge will not only help you understand the role better but also allow you to speak confidently about your experience during interviews.
✨Tip Number 2
Network with professionals in the GRC field, especially those who have experience in consultancy roles. Engaging with industry peers can provide insights into the role and may even lead to referrals or recommendations for your application.
✨Tip Number 3
Prepare to discuss your previous consultancy projects in detail, focusing on how you delivered value to clients. Be ready to share specific examples of your work with incident response plans and risk management strategies, as these are key aspects of the role.
✨Tip Number 4
Demonstrate your ability to communicate complex technical information clearly. Practice explaining GRC concepts in simple terms, as this skill is crucial for building rapport with both technical and non-technical stakeholders in the role.
We think you need these skills to ace Governance, Risk and Compliance Consultant
Some tips for your application 🫡
Understand the Role: Before applying, make sure to thoroughly read the job description for the Governance, Risk and Compliance Consultant position. Understand the key responsibilities and required skills, so you can tailor your application accordingly.
Highlight Relevant Experience: In your CV and cover letter, emphasise your experience in delivering GRC consultancy. Provide specific examples of projects you've worked on, particularly those that align with the requirements mentioned in the job description.
Showcase Your Skills: Make sure to highlight your ability to create high-quality reports and documentation, as well as your experience with frameworks like ISO27001 and Cyber Essentials. Use clear and concise language to demonstrate your communication skills.
Personalise Your Application: Address your cover letter to the hiring manager if possible, and express your enthusiasm for the role and the company. Mention why you believe you would be a good fit for Phoenix and how you can contribute to their goals.
How to prepare for a job interview at Phoenix Software Limited
✨Understand GRC Fundamentals
Make sure you have a solid grasp of Governance, Risk, and Compliance principles. Be prepared to discuss frameworks like ISO27001 and Cyber Essentials, as well as how they apply to real-world scenarios.
✨Showcase Your Consultancy Experience
Highlight your previous consultancy roles and the impact you've made. Be ready to share specific examples of projects you've delivered, especially those involving security assessments or incident response planning.
✨Communicate Clearly
Practice translating complex technical jargon into simple language. You’ll need to demonstrate your ability to communicate effectively with both technical and non-technical stakeholders during the interview.
✨Build Rapport
Since forming trust with customers is crucial, think of ways to showcase your interpersonal skills. Prepare to discuss how you've built relationships in past roles and how you approach customer engagement.