Opportunity for a senior Governance, Risk and Compliance (GRC) Manager, for an AIM listed IT Managed Service Provider. You will be responsible for the GRC function, overseeing governance, risk, and Compliance initiatives for the organisation and its clients. This role requires a seasoned professional with extensive experience in managing GRC frameworks within the context of managed services, ensuring adherence to regulatory standards and industry best practices.
- Full time, Permanent role
- AIM listed IT Managed Service Provider
- Hybrid working - based from either London, Edinburgh or Manchester office
- Salary £55 - £60k
Key Responsibilities:
GRC Strategy Leadership: Develop and execute the GRC strategy for the organisation and it’s clients, aligning it with regularly requirements.
Client Engagement: Act as primary point of contact for clients regarding GRC matters, providing guidance, assessing needs, and delivering tailored GRC solutions.
Regulatory Compliance: Ensure the organisation and its clients adhere to relevant regulatory requirements (e.g., GDPR, NIS Directive, ISO standards) through continuous monitoring and adherence initiatives.
Policy and Procedure Oversight: Develop and enhance GRC policies, procedures, and controls for the MSP and its clients, ensuring alignment with industry best practices.
GRC Technology Integration: Evaluate, implement, and optimize GRC tools and technologies to streamline compliance processes and enhance risk management capabilities.
Stakeholder Collaboration: Collaborate with internal stakeholders, including senior management, legal, IT, and operations teams, fostering a culture of compliance and risk awareness.
Continuous Improvement Initiatives: Stay updated on emerging GRC trends, regulations, and technologies, proposing, and implementing enhancements to GRC frameworks.
Reporting and Documentation: Create comprehensive reports and documentation on GRC activities, compliance status, risk assessments, and mitigation strategies.
To be successful you must have at least 5 years experience within GRC management, ideally within an IT MSP or relevant industry, profound knowledge of industry relevant regulatory requirements and standards. Must have experience with ISO27001, ISO9001, CE & CE+