Job Description
Information Security GRC Manager
Location: Fully Remote
Salary: £60,000 per annum
(Fully Remote, UK)
I'm partnered with a specialist technology business who are now hiring their first dedicated Information Security GRC leader. This isn't stepping into legacy, this is creating the blueprint. Security, compliance and trust will be embedded into the core product, and this person will define that foundation from day one.
The Impact
You'll be the person who architects the entire governance and risk framework, sets direction, embeds secure-by-design into engineering, ensures regulatory alignment (ISO27001 / GDPR / HIPAA), and shapes how this company scales safely into regulated global markets. This is one of those roles where the work you do now becomes the future operating model.
What you'll lead
- Defining and implementing the full Information Security Governance & Risk framework
- Leading enterprise-wide risk assessment + risk register + mitigation ownership
- Certification readiness & compliance maturity uplift
- Policy + audit + vendor assurance lifecycle
- Driving adoption of secure engineering culture across product / platform / ops
You'll suit this if you're
- Someone who's done GRC but wants more ownership, more influence, more build
- Strong in ISO27001, NIST, GDPR etc - but commercially mature enough to balance risk vs value
- Comfortable in fast-moving tech, lower bureaucracy, high autonomy and senior access
- This is the role you do when you want to actually design how security is done - not maintain someone else's legacy.
- If this resonates, drop me a message and we'll run through the detail.
If you would like more information on this Information Security GRC Manager role, please get in touch.