Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Develop GRC frameworks and conduct risk assessments to ensure compliance.
- Company: Sword is a top tech solutions provider in Energy, Public, and Finance sectors.
- Benefits: Enjoy flexible working, personalised career development, and a fantastic benefits package.
- Why this job: Join a culture that values growth, diversity, and making a real impact.
- Qualifications: Relevant experience in governance, compliance, and IT audits; IT degree preferred.
- Other info: We welcome diverse applicants and support adjustments for accessibility.
The predicted salary is between 36000 - 60000 £ per year.
Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals.
About the role:
- Develop and maintain GRC frameworks aligned with ISO 27001, NIST, GDPR, and NIS2 standards
- Conduct risk assessments across business units, vendors, and projects
- Monitor regulatory changes and ensure compliance with legal and contractual obligations
- Support business continuity and disaster recovery planning and testing
- Manage internal audits, compliance reporting, and remediation activities
- Coordinate GDPR compliance and data protection processes across the organisation
- Drive improvements in security culture through awareness and training
- Collaborate with stakeholders to identify and address control deficiencies
Qualifications & Experience
- Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes
- Understanding of regulatory requirements, including cross-industry regulations (e.g., GDPR, Data Protection Act) and industry-specific regulations
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
- Knowledge of OneTrust risk management toolset or similar preferred
- Proven ability to communicate with technical teams to elicit information and requirements
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate compliance and risk related concepts to technical and nontechnical audiences
- CISA, CISM or equivalent
- BSc or equivalent qualification in IT based degree.
At Sword, our core values and culture are based on caring about our people, investing in training and career development and building inclusive teams where we are all encouraged to contribute to achieve success.
We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life.
In addition to a Competitive Salary, here\’s what you can expect as part of our benefits package:
Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth.
Flexible working: Flexible work arrangements to support your work-life balance. We can\’t promise to always be able to meet every request, however are keen to discuss your individual preferences to make it work where we can.
A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well-being, and insurance schemes, an employee assistance programme, discounted cash plan and more
At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don\’t tick all the boxes but feel you have some of the relevant skills and experience we\’re looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex or sexual orientation. Your perspective and potential are important to us.
If we can do anything to help make the hiring process more accessible, please let our talent acquisition team know when you apply so we can support any adjustments.
IT Governance, Risk and Compliance (GRC) Consultant employer: Sword Group
Contact Detail:
Sword Group Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IT Governance, Risk and Compliance (GRC) Consultant
✨Tip Number 1
Familiarise yourself with the specific GRC frameworks mentioned in the job description, such as ISO 27001 and NIST. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and alignment with the role.
✨Tip Number 2
Network with professionals in the IT governance and compliance field. Attend relevant webinars or local meetups to connect with others who may have insights into Sword's culture and expectations, which can give you an edge in your application.
✨Tip Number 3
Prepare to discuss real-world examples of how you've conducted risk assessments or managed compliance projects in the past. This practical experience will be crucial in showcasing your ability to handle the responsibilities outlined in the job description.
✨Tip Number 4
Research Sword's recent projects or initiatives within the Energy, Public, and Finance sectors. Understanding their business technology solutions will allow you to tailor your conversation and show genuine interest in how you can contribute to their goals.
We think you need these skills to ace IT Governance, Risk and Compliance (GRC) Consultant
Some tips for your application 🫡
Understand the Role: Thoroughly read the job description for the IT Governance, Risk and Compliance (GRC) Consultant position at Sword. Make sure you understand the key responsibilities and qualifications required, as this will help you tailor your application.
Highlight Relevant Experience: When writing your CV and cover letter, focus on your substantial experience in control management, governance, compliance, and risk management programmes. Use specific examples to demonstrate how your background aligns with the requirements outlined in the job description.
Showcase Communication Skills: Since excellent written and verbal communication skills are essential for this role, ensure that your application is well-structured and free of errors. Clearly articulate your ability to communicate complex compliance and risk concepts to both technical and non-technical audiences.
Tailor Your Application: Customise your application materials to reflect Sword's core values and culture. Emphasise your commitment to diversity, inclusion, and professional development, and mention any relevant training or certifications, such as CISA or CISM, that align with their expectations.
How to prepare for a job interview at Sword Group
✨Understand the Regulatory Landscape
Familiarise yourself with key regulations such as ISO 27001, GDPR, and NIST. Be prepared to discuss how these frameworks apply to the role and demonstrate your understanding of compliance requirements.
✨Showcase Your Risk Assessment Skills
Be ready to explain your experience in conducting risk assessments. Provide examples of how you've identified and mitigated risks in previous roles, particularly in relation to IT governance and compliance.
✨Communicate Effectively
Highlight your ability to communicate complex compliance and risk concepts to both technical and non-technical audiences. Practice articulating your thoughts clearly and concisely, as strong communication skills are essential for this role.
✨Demonstrate a Collaborative Mindset
Emphasise your experience working with various stakeholders to address control deficiencies. Share examples of how you've successfully collaborated with teams to drive improvements in security culture and compliance processes.
