Information Security GRC Manager

Contract role (Outside IR35)
Location: London (Remote)

iO Associates have collaborated with our consultancy division to help in their search for an Information Security GRC Manager.

You will work towards refining the entire GRC programme - frameworks, audits, risk assessments, stakeholder communication - across a regulated environment. You'll also work with vendors and internal teams to ensure compliance and strong governance.

Key Responsibilities:

Build and refine information security governance and risk frameworks
Lead audits (internal/external) and drive compliance (ISO 27001, GDPR, NIST)
Own vendor risk, supplier assurance, and contract governance
Communicate risks and policies across the business
Support KPI development and risk strategy planning

Requirements:

Degree in Computer Science/ IT or relevant industry certifications such as CISA, CRISC, CISMP, ISO 27001 Lead Auditor/Implementer
Working knowledge with legal/security needs in housing association sector and its regulatory environment
Solid grasp of ISO 27001, NIST, GDPR, and PCI-DSS
Proven experience in GRC leadership
Skilled in risk analysis, audit reporting, and policy writing
Excellent stakeholder management and communication skills
Understanding of cloud security and Microsoft tools

If you are interested, please apply immediately as first stage interviews will be taking place this week.

Alternatively, feel free to reach me directly on h.barmi @ ioassociates . co . uk.