Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead a team in shaping our cyber security governance and risk management strategies.
- Company: Join a forward-thinking organisation dedicated to enhancing cyber security in health and social care.
- Benefits: Enjoy 27 days of annual leave, flexible working options, and comprehensive training support.
- Why this job: Be part of a significant project pipeline and influence the future of cyber security governance.
- Qualifications: 5+ years in information security with strong leadership and compliance experience required.
- Other info: Fully remote role with opportunities for career progression and personal development.
The predicted salary is between 55000 - 65000 £ per year.
Governance, Risk & Compliance (GRC) Lead Location: Fully Remote – UK Wide Department: Technology – IT Security and Service Management Contract Type: Permanent Salary: £55,000 – £65,000 About the Role We are seeking a highly experienced and motivated GRC Lead to join our Cyber Security team. This role is critical in shaping and delivering our information assurance strategy, ensuring that cyber security risks are effectively managed across the organisation. As a senior member of the team, you will lead a small group of risk and security professionals, drive the implementation of Secure by Design principles, and oversee compliance with key frameworks such as DSPT , CAF , and DORA . You will also play a key role in stakeholder engagement, presenting confidently to senior leadership and translating complex technical requirements into actionable governance strategies. With a significant project pipeline launching in 2026, this is a unique opportunity to influence the future of cyber security governance in a regulated environment. Key Responsibilities Own and evolve the Information Security Assurance Framework and programme. Lead themed reviews to assess the effectiveness of security controls. Manage the organisation\’s technology risk management programme , ensuring risks are identified, assessed, and remediated within appetite. Oversee Secure by Design initiatives, aligning business and technical changes with security requirements and government standards. Drive compliance with frameworks including DSPT , CAF , ISO 27001 , and GDPR . Lead the security culture, education, and awareness programme across the organisation. Collaborate with external bodies to mature cyber security practices across the health and social care sector. Present findings, risks, and recommendations to senior stakeholders and leadership teams. Ensure timely and accurate submission of compliance documentation, including NHS audits and DSPT submissions. Skills & Experience Minimum 5 years\’ experience in information security , with a focus on governance, risk, and compliance. Proven ability to lead teams and manage complex programmes in regulated environments. Strong understanding of cyber security frameworks and regulations (DSPT, ISO 27001, CAF, GDPR, DORA). Experience authoring governance documentation (policies, standards, reports). Familiarity with Microsoft-based technologies , including IdAM, networks, applications, and cloud environments. Excellent communication and presentation skills, with the ability to engage technical and non-technical audiences. Demonstrated ability to translate security frameworks across sectors and align them with organisational goals. Desirable Qualifications Certifications such as CISSP , CISM , CRISC , or ISO 27001 Lead Implementer . Experience with tools like OneTrust , Varonis , or similar GRC platforms. Why Work Us? Generous annual leave : 27 days starting leave (rising to 32.5 days with service) plus bank holidays. Flexible working options : including home, office, and hybrid working, as well as compressed hours and part-time arrangements. Public sector pension scheme or Nest pension scheme (depending on eligibility). Comprehensive training and development : access to in-house learning, study support, and career progression opportunities. Health and wellbeing support : including a 24-hour employee assistance programme Family-friendly policies Travel and shopping discounts TPBN1_UKTJ
Governance, Risk & Compliance (GRC) Lead employer: Reed Technology
Contact Detail:
Reed Technology Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Governance, Risk & Compliance (GRC) Lead
✨Tip Number 1
Familiarise yourself with the specific frameworks mentioned in the job description, such as DSPT, CAF, and DORA. Understanding these frameworks will not only help you in interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the cyber security field, especially those who have experience in governance, risk, and compliance. Engaging with industry peers can provide insights and potentially lead to referrals.
✨Tip Number 3
Prepare to discuss your leadership experiences in managing teams and complex programmes. Be ready to share specific examples of how you've successfully implemented security strategies in regulated environments.
✨Tip Number 4
Practice your presentation skills, as you'll need to communicate effectively with both technical and non-technical audiences. Consider rehearsing with a friend or mentor to refine your ability to convey complex information clearly.
We think you need these skills to ace Governance, Risk & Compliance (GRC) Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in governance, risk, and compliance. Focus on your leadership roles and any specific frameworks you've worked with, such as DSPT or ISO 27001.
Craft a Compelling Cover Letter: In your cover letter, express your passion for cyber security and detail how your skills align with the responsibilities of the GRC Lead role. Mention your experience in leading teams and managing complex programmes.
Showcase Communication Skills: Since the role requires presenting to senior stakeholders, emphasise your communication skills in both your CV and cover letter. Provide examples of how you've successfully engaged technical and non-technical audiences.
Highlight Relevant Certifications: If you have certifications like CISSP, CISM, or ISO 27001 Lead Implementer, make sure to include them prominently in your application. These qualifications can set you apart from other candidates.
How to prepare for a job interview at Reed Technology
✨Understand the GRC Landscape
Make sure you have a solid grasp of the key frameworks mentioned in the job description, such as DSPT, CAF, and ISO 27001. Be prepared to discuss how these frameworks apply to the role and how you've implemented them in past positions.
✨Showcase Leadership Experience
As a GRC Lead, you'll be managing a team. Highlight your leadership experience by sharing specific examples of how you've successfully led teams or projects in regulated environments. This will demonstrate your capability to manage complex programmes effectively.
✨Prepare for Stakeholder Engagement Scenarios
Since the role involves presenting to senior leadership, practice articulating complex technical concepts in a way that is accessible to non-technical audiences. Consider preparing a few scenarios where you've successfully communicated risks and recommendations to stakeholders.
✨Demonstrate Your Communication Skills
Excellent communication is crucial for this role. During the interview, focus on clearly expressing your thoughts and ideas. Use examples from your experience to illustrate your points, ensuring you engage the interviewer and convey your passion for cyber security governance.
