Cissp jobs in Glasgow
Governance, Risk & Compliance Consultant
Often replies in 1 daySword GroupGlasgow- Annual leave
- Company pension
- As a GRC Consultant, you will advise and support our clients across governance, risk management and regulatory compliance.
- IEC 62443 for OT/ICS security.
- SThreeGlasgow
- Annual leave
- Employee discount
- Private dental insurance
- Paid volunteer time
- Private medical insurance
- The Cyber Security Engineering Lead acts as the technical authority across all domains of cloud and endpoint security, taking full ownership of hardening,…
- OFGEMGlasgow
- Annual leave
- Company pension
- Flexible schedule
- OFGEM - Corporate Services - Digital, Data and Technology Services (DDSS).
- At Ofgem, secure-by-design principles are central to ensuring that digital…
- View all OFGEM jobs - Glasgow jobs - CyberSecurity Architect jobs in Glasgow
- Salary Search: Principal Security Architect salaries in Glasgow
- See popular questions & answers about OFGEM
- AmentumGlasgow
- Employee assistance programme
- Paid volunteer time
- In addition to the benefits you’d expect, UK employees also receive free single medical cover and digital GP service, family-friendly benefits such as enhanced…
Senior Consultant- Digital Business Architect
Often replies in 1 dayCapgeminiGlasgow- Working with leading architects, technology consultants and business sector experts, you will be instrumental in delivering profitable outcomes in business- and…
- View all Capgemini jobs - Glasgow jobs - Software Architect jobs in Glasgow
- Salary Search: Senior Consultant- Digital Business Architect salaries in Glasgow
- See popular questions & answers about Capgemini
- Robertson GroupStirling FK9 4TZ
- Annual leave
- Company pension
- Cycle to work scheme
- Discounted gym membership
- Free flu jabs
- The Information Security Manager will champion the Robertson IT and Information Security initiative across all Robertson companies to assure the security of our…
Agile Business Analyst - Consultant/Senior Consultant - Digital Excellence
Often replies in 1 dayCapgeminiGlasgow- In 2026 we are seeking experienced individuals across all sectors and we are particularly interested to hear from candidates with relevant experience in UK…
- Morgan StanleyGlasgow
- We're seeking someone to join our PKI and Secrets Management team as a Cybersecurity Engineer with a strong focus on both engineering and operations in Data…
- View all Morgan Stanley jobs - Glasgow jobs - CyberSecurity Engineer jobs in Glasgow
- Salary Search: Cybersecurity Engineer (Cryptography) salaries in Glasgow
- See popular questions & answers about Morgan Stanley
- Morgan StanleyGlasgow
- We're seeking someone to join our PKI and Secrets Management team as a Cybersecurity Engineer with a strong focus on both engineering and operations in Data…
- View all Morgan Stanley jobs - Glasgow jobs - CyberSecurity Engineer jobs in Glasgow
- Salary Search: Cybersecurity Engineer (Cryptography) salaries in Glasgow
- See popular questions & answers about Morgan Stanley
- Morgan StanleyGlasgow
- Lead and conduct digital forensic investigations.
- Collect, preserve, and analyse digital evidence from a variety of sources.
- View all Morgan Stanley jobs - Glasgow jobs - Forensic Analyst jobs in Glasgow
- Salary Search: Digital Forensics & Insider Risk Analyst salaries in Glasgow
- See popular questions & answers about Morgan Stanley
- SiemensGlasgow
- Company pension
- Private medical insurance
- The Senior Cyber Security Engineer plays a key role in this, bringing expertise in both product and end-to-end solution security within Operational Technology…
- View all Siemens jobs - Glasgow jobs - Senior CyberSecurity Engineer jobs in Glasgow
- Salary Search: Senior Cyber Security Engineer salaries in Glasgow
- See popular questions & answers about Siemens
- Royal LondonGlasgow
- Annual leave
- Company pension
- Private medical insurance
- Job Title: Data Loss Prevention Specialist.
- We monitor and manage potential and real data loss events in key business areas.
- View all Royal London jobs - Glasgow jobs - Loss Prevention Officer jobs in Glasgow
- Salary Search: Data Loss Prevention Specialist salaries in Glasgow
- See popular questions & answers about Royal London
- Methods Business and Digital TechnologyGlasgow
- Annual leave
- Employee assistance programme
- Company pension
- Private medical insurance
- Season ticket loan
- Cycle to work scheme
- Security Operations (SOC Analysts & Engineers) – detection, response, threat hunting.
- Industrial & OT Security (IACS / OT Cyber) – protecting operational and…
- Chemify LtdGlasgow
- Glasgow, Scotland • Hybrid • Full-Time.
- This role will drive the business towards achieving and maintaining regulatory standards such as SOC 2 and ISO 27001.
- Bermuda Monetary AuthorityHamilton
- This is a key role for the Authority and the postholder will be responsible for but not limited to:
- Reviewing regulated cyber risk entity submissions for both…
Job Post Details
Governance, Risk & Compliance Consultant - job post
Job details
Job type
- Full-time
Location
Benefits
Pulled from the full job description
- Annual leave
- Company pension
Full job description
Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, dedicated to driving transformational change for our clients. We leverage proven technology, specialist teams, and extensive domain expertise to create robust technical foundations across platforms, data, and business applications. Our mission is fueled by a passion for technology as a means to solve complex business problems and achieve our clients' objectives.
About the Role:
As a GRC Consultant, you will advise and support our clients across governance, risk management and regulatory compliance. The role focuses on aligning cyber, information security, operational resilience and wider risk frameworks to UK‑specific regulatory, safety and operational requirements.
You will work closely with client stakeholders to assess maturity, design and implement control frameworks, and provide pragmatic, risk‑based guidance that supports safe, secure and resilient operations.
Deliver governance, risk and compliance consulting engagements for a variety of clients and industries, including UK Oil & Gas (operators, service companies and joint ventures). CNI, Finance and Public Sector
- Lead or support GRC maturity assessments, gap analyses and audits against relevant standards and regulations
- Interpret and apply UK specific regulatory requirements, translating them into practical, implementable controls
- Design and implement GRC frameworks covering risk management, policy, assurance and reporting
- Support compliance activities aligned to various regulations and assurance requirements
- Develop and maintain risk registers, control libraries and assurance plans
- Facilitate risk workshops, control reviews and senior stakeholder briefings
- Support cyber and information security governance aligned to ISO 27001, NCSC guidance and sector best practice
- Provide advisory input into operational resilience, business continuity and third party risk management
- Produce clear, evidence based client deliverables including reports, executive summaries and remediation roadmaps
- Support pre audit, regulatory inspection and client assurance activities
Requirements
Essential
- Good experience and background of producing high quality documentation and solution artefacts
- Proven experience in Governance, Risk and Compliance roles within regulated or critical infrastructure environments
- Strong understanding of the UK Oil & Gas and finance regulatory landscape
- Working knowledge of key frameworks and standards, such as:
-
- ISO/IEC 27001
- ISO 22301 (Business Continuity)
- UK NIS Regulations and NCSC guidance
- NIST CSF
- UK GDPR
- Data Protection Act
- DORA
- Experience conducting risk assessments, control gap analyses and assurance activities
- Proven ability to drive adoption, stakeholder buy-in and embedding change
- Strong background in end-end to delivery (from design to implementation and embedding)
- Ability to engage confidently with technical, operational and executive stakeholders
- Strong written communication skills with experience producing client facing reports
- Strong ability to translate technical and GRC concepts into clear, business-friendly language
- Experience working in consulting or advisory environments
Desirable / Valuable
- Knowledge of:
-
- IEC 62443 for OT/ICS security
- Operational Technology (OT) and industrial control environments
- Familiarity with NCSC Cyber Assessment Framework (CAF) or sector‑specific assurance models
- Experience supporting regulatory audits (HSE, NIS competent authority, client audits)
Certifications such as:
- ISO 27001 Lead Implementer / Lead Auditor
- CISM, CRISC or CISSP
- IRM or ISO risk management qualifications
- Understanding of supply‑chain and third‑party risk in Oil & Gas, CNI and finance ecosystems
- Familiarity with GRC tooling such as OneTrust or Archer
- Ability to contribute to business development or service offering development
Benefits
At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here's what you can expect as part of our benefits package:
- Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth.
- Flexible working: Flexible work arrangements to support your work-life balance. We can’t promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can.
- A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well-being, and insurance schemes.
At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don’t tick all the boxes but feel you have some of the relevant skills and experience we’re looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.
If we can do anything to help make the hiring process more accessible, please let our talent acquisition team know when you apply so we can support any adjustments.