Senior Information Security Consultant - GRC

My client is looking for a Senior Information Security Consultant - GRC to deliver governance, risk, and compliance services to clients across Europe. This role focuses on strengthening client security posture through risk management, policy development, compliance assessments, and training. You will also support internal initiatives, mentor junior colleagues, and contribute to my client’s wider security leadership.

Key Responsibilities

• Lead delivery of GRC and information security services to clients, including risk identification, remediation, and compliance with regulatory and data protection standards.
• Develop, implement, and review security and governance policies, frameworks, and operational procedures.
• Conduct ISMS assessments, internal audits, and compliance gap analyses against recognised standards.
• Advise on secure tool deployment, incident response procedures, and overall security posture enhancement.
• Define and implement tailored security tools, processes, and controls.
• Deliver training, awareness sessions, and security simulations to client teams.
• Produce executive-level reports and technical briefs for clients.
• Build and maintain strong client relationships, ensuring high-quality service delivery and long-term trust.
• Mentor and train junior colleagues, including providing line management support where required.
• Contribute to recruitment, staff development, and internal knowledge-building initiatives.
• Escalate operational issues, support continuous service improvement, and assist with team development planning.

Essential

• Relevant cybersecurity and GRC certifications (e.g., CISSP, CISA, CEH, Security+, CCNA, Network+, ISO 27001 Lead Implementer / Lead Auditor).
• Minimum 3 years’ experience in cybersecurity, information security, or GRC roles.
• At least 3 years of client-facing or managed services experience.
• Minimum 2 years in a leadership, management, or mentoring role.
• Proven experience delivering and managing multiple GRC or security projects independently.
• Experience maintaining compliance documentation and ISMS records.

Preferred

• Experience leading implementation projects with cross-functional teams.
• Strong knowledge of scaling GRC frameworks across varied organisations.
• Solid understanding of risk management, ISO standards, and industry best practices.
• Experience in staff development, internal training, and supporting recruitment activities.