Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the implementation of Information Security Management System and manage security risks.
- Company: Join a talented Cyber team working with the MOD on exciting projects.
- Benefits: Competitive pay, inclusive culture, and opportunities for professional growth.
- Why this job: Make a real impact in cybersecurity while working on critical government projects.
- Qualifications: Experience in GRC and knowledge of ISO/IEC 27001 compliance required.
- Other info: Diverse and inclusive workplace with support for all applicants.
Location: Hemel Hempstead
Type: 4-5 days on-site
IR Status: Inside
Rate: £450 - £700
Clearance: Must have active MOD DV
Contingency: Must be a sole British National
Length: Initial 6 months
Sanderson Government and Defence are seeking a GRC Manager for an ongoing programme of work with a primary technical supplier into the MOD. This is a great opportunity to join a talented Cyber team on an interesting project.
Role Overview
As GRC Manager, you will be the driving force behind the implementation of Information Security Management System (ISMS) for an assigned client. Your expertise will help the client understand their security challenges, manage security risks and enable them to enhance their security posture.
Key Responsibilities
- Conduct security risk and threat assessments (operational and system).
- Deliver services aligned with ISO27001 standards.
- Provide regular reporting on ISMS effectiveness and operational performance.
- Manage security operations in line with organisational policy, standards and industry best practice.
- Engage with internal stakeholders and third-party providers on security, risk and privacy matters.
- Respond to security incidents promptly, ensuring early identification and resolution.
- Oversee threat detection, vulnerability management and remediation activities.
- Represent security considerations in IT and process change assessments.
- Maintain ISMS, Operational Security and Risk Assurance documentation.
- Lead monthly client Security Working Group meetings and stakeholder sessions.
- Ensure audit readiness and support internal/external audits.
Essential Skills
- GRC/Operational Security Manager experience with solid understanding and experience with security policies and standards.
- Technical proficiency and knowledge across the spectrum of information security solutions and operations.
- Knowledge of IT security solutions and their integration and operation into business systems and processes.
- Experience of security maturity and developing roadmaps aligned to the priorities of clients.
- Experience of ISO/IEC 27001 Compliance and Certification.
If you're interested in any of the above and interested in learning more, apply or reach out to (see below).
Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.
MOD DV - Governance, Risk And Compliance Manager in Hemel Hempstead employer: Sanderson Government & Defence
Contact Detail:
Sanderson Government & Defence Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land MOD DV - Governance, Risk And Compliance Manager in Hemel Hempstead
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, especially those who work in governance, risk, and compliance. A friendly chat can lead to insider info about job openings or even a referral.
✨Tip Number 2
Prepare for interviews by researching the company and its security challenges. Show us you understand their needs and how your experience aligns with their goals. Tailor your answers to highlight your GRC expertise!
✨Tip Number 3
Don’t just wait for job postings! Be proactive and reach out directly to companies you’re interested in. Express your enthusiasm for their work and ask if they have any upcoming opportunities that fit your skills.
✨Tip Number 4
Apply through our website for a smoother process! We want to see your application and help you land that GRC Manager role. Plus, it’s a great way to stay updated on new opportunities tailored to your expertise.
We think you need these skills to ace MOD DV - Governance, Risk And Compliance Manager in Hemel Hempstead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the GRC Manager role. Highlight your experience with ISO27001 and any relevant security policies. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for this role. Share specific examples of your past work in governance, risk, and compliance that relate to the job description.
Showcase Your Technical Skills: Don’t forget to mention your technical proficiency in information security solutions. We’re keen to know how you’ve integrated these into business systems and processes in your previous roles.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates during the process!
How to prepare for a job interview at Sanderson Government & Defence
✨Know Your GRC Fundamentals
Make sure you brush up on your Governance, Risk, and Compliance knowledge. Understand the key principles of ISO27001 and be ready to discuss how you've applied these in past roles. This will show that you're not just familiar with the terms but can also implement them effectively.
✨Prepare for Scenario-Based Questions
Expect questions that ask you to solve hypothetical security challenges or assess risks. Think of specific examples from your experience where you successfully managed security incidents or improved compliance. This will demonstrate your practical skills and problem-solving abilities.
✨Engage with Stakeholders
Since the role involves engaging with internal stakeholders and third-party providers, prepare to discuss how you've built relationships in previous positions. Be ready to share examples of how you’ve communicated complex security concepts to non-technical audiences.
✨Show Your Audit Readiness
Highlight your experience with audits and compliance checks. Be prepared to talk about how you've ensured audit readiness in the past and any specific frameworks you've worked with. This will reassure the interviewers that you understand the importance of maintaining standards and can lead their audit processes.
