About this job

Senior Information Security GRC Consultant
📍 London / Hybrid | 💰 Up to £80,000 DOE + Benefits

Are you an experienced Senior Information Security GRC Consultant looking to take a strategic role in a specialist cyber security consultancy?

This is an opportunity to join a team of experts delivering governance, risk, and compliance (GRC) services across a wide range of sectors. As a Senior Consultant, you'll independently manage client engagements, contribute to pre-sales activities, and lead the delivery of risk assessments, compliance audits, and penetration testing services.

Role Overview:

As a Senior Information Security GRC Consultant, you'll be responsible for:

Delivering consulting services in GRC frameworks including ISO 27001, SOC 2, PCI DSS, NIS2, DORA, and the UK DPA.
Leading penetration testing across web apps, infrastructure, IoT, cloud, and mobile.
Drafting and managing project plans using Monday.com, and ensuring timely, high-quality delivery.
Engaging directly with clients to assess risks and present solutions.
Supporting pre-sales efforts by helping scope services and drafting proposals.
Mentoring junior consultants and interns.
Representing the brand at industry events and supporting business development.

You'll need:

Minimum 7 years' experience with risk assessment and GRC frameworks.
Hands-on knowledge of ISO-27001, SOC 2, NIS2, DORA, PCI DSS, and UK DPA compliance.
Experience with security auditing, threat assessments, and risk analysis methodologies.
Excellent client communication, report writing, and presentation skills.
Strong experience delivering information security consulting services across various industries.

If you're ready to join a high-performing consultancy and lead critical security projects for strategic clients, click apply now.