I am currently recruiting for an Enterprise Governance, Risk & Compliance Advisor for a Global Consultancy on a permanent basis. The position can be based fully remote in the UK.

The role focuses on supporting security best practices across the EU in alignment with enterprise goals. This involves overseeing various functional areas such as Audit Lifecycle support, Security Policy Lifecycle Management, Client RFI/RFP/Questionnaires, and promoting Information Risk Management, Regulatory Compliance, and Security Awareness.

The role requires coordination of IT Security audits, policy review and modification, engagement with clients, identification of critical issues, staying updated on global regulations, providing guidance, acting as a security risk advisor, facilitating implementation of security controls, and driving security awareness programs.

Responsibilities:

• Coordinate IT Security audits, providing guidance to EU control owners, and ensuring alignment with global audit schedules.
• Oversee the annual review, modification, and approval of EU IT Security Policies, addressing regional requirements while aligning with global policies.
• Respond to prospect and client RFI's, RFP's, and other questionnaires.
• Identify and communicate critical issues affecting customer or corporate security objectives.
• Stay informed about changing global regulations and best practices, providing guidance internally.
• Act as a security risk advisor, meeting global and regional regulation timelines aligned with business demands and risk appetite.
• Provide guidance to functional teams regarding the implementation, monitoring, and reporting of security control processes, documentation, and compliance measures.
• Actively represent and promote security awareness within the organization.
• Acquire proficiency in working with existing GRC Tools, automation, and integration with other applications for evidence collection.

Qualifications:

• Bachelor's Degree or equivalent in Information Risk Management, Engineering, MIS, Audit, or related fields.
• 5+ years of cumulative professional experience, including 4+ years of working knowledge in information risk management, auditing, regulatory compliance, and information security in private and cloud IT environments.
• Professional certifications from ISACA, ISO, ISC2, or SANS GIAC are required.
• Working knowledge of Information Security and Technical Policy Lifecycle.
• Familiarity with frameworks like SOC 2, SOX, ISO 27001, and annual audit cycle processes is highly desired.
• Experience in auditing cloud-based technologies, preferably AWS and Azure, is preferred.
• Strong capabilities in control gap analysis, review, and validation of security and regulatory requirements.
• Experience in reviewing and responding to client security and compliance questionnaires.
• Familiarity with GRC methodologies, risk analytic tools, and development of information risk metrics.
• Excellent communication, presentation, teamwork, and client service skills.
• Integrity within a professional environment.
• Experience interacting with internal resources, management, external clients, and auditors.
• Self-learner with the ability to work in an agile and cross-functional environment.
• Strong presentation and project management skills.
• Results-oriented with multitasking and analytical/troubleshooting abilities.
• Aptitude to prioritize and manage sensitive projects concurrently.
• Strong organisational, time management, decision-making, and problem-solving skills.

Salary/package:

• £70,000 - £80,000 basic salary
• Discretionary bonus
• Remote working

Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent positions. Robert Half is committed to equal opportunity and diversity. Suitable candidates with equivalent qualifications and more or less experience can apply. Rates of pay and salary ranges are dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data

Security alert: scammers are currently targeting jobseekers. Robert Half do not ask candidates for a fee or request candidates to send applications through instant messaging services such as WhatsApp or Telegram. Learn how to protect yourself by visiting our website