Security GRC Specialist

Security GRC Specialist

Job Description

[Up to c. £250k Comp Package | Hybrid Working - 3 Days in Office]

Are you ready to make an impact shaping cybersecurity governance and risk in a globally respected financial technology environment? Our client - a leading force in high-performance trading and research - is seeking a Cybersecurity Governance & Risk Specialist to help strengthen their security frameworks, manage key risk areas, and support compliance activities. This is a rare opportunity to work alongside outstanding engineers, business teams, and leadership, embedding security into the heart of the organisation while navigating cutting-edge technology landscapes...

Key Responsibilities

• Create, update, and communicate cybersecurity policies, making them accessible and actionable across different teams
• Monitor compliance across the firm, track deviations, and partner with stakeholders to design practical risk reduction strategies
• Conduct control assessments to identify gaps, helping teams implement and embed security improvements
• Keep abreast of changing regulatory requirements and ensure security programmes stay compliant with evolving standards
• Evaluate third-party vendors for cybersecurity risks and support the ongoing success of the vendor risk management programme
• Support the development and automation of security metrics to drive more informed risk management decisions
• Help prepare for internal and external audits, contributing to evidence gathering and remediation initiatives
• Actively support broader cybersecurity team activities to ensure alignment and continuous improvement of overall security posture

What You Bring...

• 4+ years' experience working in cybersecurity governance, risk management, or compliance
• Solid experience developing, monitoring, and maintaining cybersecurity compliance programmes across internal policies and external regulatory requirements
• Hands-on experience working with audit processes, including preparing documentation and addressing findings
• Familiarity with third-party risk assessments and vendor governance practices
• Experience tracking risk acceptance, policy exceptions, and compliance status across different business areas
• Excellent written and verbal communication skills, able to clearly convey technical topics to both technical and non-technical audiences
• Highly collaborative, able to work cross-functionally and build strong working relationships across teams
• Organised, adaptable, and self-motivated with the ability to prioritise and deliver on multiple concurrent projects

...

Apply for this role

All fields marked with * are required.