Governance, Risk & Compliance (GRC) Consultant | 6 Month Contract
We are supporting a large public sector organisation within the education and research sector as they strengthen their cyber governance, compliance, and operational resilience capabilities across complex technology environments.
This role will support a broad range of governance, risk, and compliance initiatives, including certification activities, cyber risk management, policy development, and security governance across enterprise and research platforms.
Responsibilities
- Support cyber governance, risk, and compliance activities across complex enterprise environments
- Assist with certification and recertification programmes across recognised security and compliance frameworks
- Conduct gap assessments and provide practical remediation recommendations
- Support development and maintenance of risk registers, risk reporting processes, and governance documentation
- Contribute to policy development and compliance alignment across security, operational resilience, and technology governance initiatives
- Assist with audit preparation, evidence gathering, and compliance documentation
- Support cyber risk assessments relating to cloud platforms, AI technologies, and research environments
- Work closely with technical, operational, and senior stakeholder groups across the organisation
- Contribute to vulnerability management, governance processes, and security improvement initiatives
- Support onboarding, mentoring, and knowledge transfer activities within internal governance and security teams
- Help strengthen internal GRC operating models, procedures, and documentation standards
Requirements
- Proven experience within Governance, Risk & Compliance (GRC), cyber governance, or information security environments
- Experience working within the public sector, higher education, research, or similarly complex regulated organisations
- Strong understanding of cybersecurity governance frameworks and compliance standards
- Experience supporting certification, audit, or assurance programmes
- Familiarity with risk management methodologies, policy development, and operational governance processes
- Experience working across technical and non-technical stakeholder groups
- Understanding of cloud security environments and modern technology governance challenges
- Experience supporting vulnerability management, compliance remediation, or security improvement programmes
- Strong documentation, stakeholder engagement, and communication skills
Desirable Experience
- Experience with frameworks such as ISO 27001, NIST CSF, PCI-DSS, or similar security standards
- Exposure to AI governance, research security, or critical infrastructure environments
- Experience within enterprise or complex multi-stakeholder technology environments
- Professional certifications such as CISSP, CISA, CRISC, ISO 27001, or similar
This opportunity would suit an experienced GRC professional looking to contribute to a broad cyber governance and compliance programme within a complex public sector environment.
”, “datePosted”: “2026-05-20”, “hiringOrganization”: { “@type”: “Organization”, “name”: “Bestman Solutions”, “sameAs”: “https://uk.whatjobs.com/pub_api__cpl__436953995__4861?utm_campaign=publisher&utm_medium=api&utm_source=4861&geoID=33” }, “jobLocation”: { “@type”: “Place”, “address”: { “@type”: “PostalAddress”, “addressLocality”: “London” } } }Governance, Risk & Compliance (GRC) Consultant | 6 Month Contract
We are supporting a large public sector organisation within the education and research sector as they strengthen their cyber governance, compliance, and operational resilience capabilities across complex technology environments.
This role will support a broad range of governance, risk, and compliance initiatives, including certification activities, cyber risk management, policy development, and security governance across enterprise and research platforms.
Responsibilities
- Support cyber governance, risk, and compliance activities across complex enterprise environments
- Assist with certification and recertification programmes across recognised security and compliance frameworks
- Conduct gap assessments and provide practical remediation recommendations
- Support development and maintenance of risk registers, risk reporting processes, and governance documentation
- Contribute to policy development and compliance alignment across security, operational resilience, and technology governance initiatives
- Assist with audit preparation, evidence gathering, and compliance documentation
- Support cyber risk assessments relating to cloud platforms, AI technologies, and research environments
- Work closely with technical, operational, and senior stakeholder groups across the organisation
- Contribute to vulnerability management, governance processes, and security improvement initiatives
- Support onboarding, mentoring, and knowledge transfer activities within internal governance and security teams
- Help strengthen internal GRC operating models, procedures, and documentation standards
Requirements
- Proven experience within Governance, Risk & Compliance (GRC), cyber governance, or information security environments
- Experience working within the public sector, higher education, research, or similarly complex regulated organisations
- Strong understanding of cybersecurity governance frameworks and compliance standards
- Experience supporting certification, audit, or assurance programmes
- Familiarity with risk management methodologies, policy development, and operational governance processes
- Experience working across technical and non-technical stakeholder groups
- Understanding of cloud security environments and modern technology governance challenges
- Experience supporting vulnerability management, compliance remediation, or security improvement programmes
- Strong documentation, stakeholder engagement, and communication skills
Desirable Experience
- Experience with frameworks such as ISO 27001, NIST CSF, PCI-DSS, or similar security standards
- Exposure to AI governance, research security, or critical infrastructure environments
- Experience within enterprise or complex multi-stakeholder technology environments
- Professional certifications such as CISSP, CISA, CRISC, ISO 27001, or similar
This opportunity would suit an experienced GRC professional looking to contribute to a broad cyber governance and compliance programme within a complex public sector environment.
…