GRC Consultant

Company Overview We have an exciting opportunity to join our GRC team as a GRC Consultant at a time of rapid growth and innovation at Cognisys. Cognisys is a leading cyber security company specialising in penetration testing, GRC consulting, and managed security services. We pride ourselves on our customer service, forward thinking approach and commitment to excellence. Team Overview Our Governance Risk and Compliance team is integral to our mission at Cognisys, ensuring our client's data is protected according to the highest standards of security and compliance. Due to our continued expansion, we are excited to announce this opportunity to further build our GRC team with an experienced, driven individual. Your contribution will be essential to the future growth within this team. Position: GRC Consultant Location: Leeds (Hybrid) Salary: £30,000 - £40,000 DOE. About the Role We are seeking a passionate, detail-orientated GRC Consultant to join our team. In this pivotal position, you will ensure our clients establish robust governance frameworks, manage risks effectively and maintain compliance with regulatory standards. You will also conduct thorough security audits to evaluate and improve the effectiveness of risk management, control and governance processes. Key Responsibilities • Conduct comprehensive internal and external audits, ensuring adherence to ISO27001 standard. • Conduct thorough risk assessments and develop risk management strategies. • Creating and maintaining security policies. • Leading governance activities, including reporting and continual process improvement. • Support and develop the knowledge of junior members of the team. What we Offer • A vibrant and supportive work environment where customer service and innovation are at the heart of everything we do. • Allocated budget for professional growth & development. • EMI Employee Share Schemes allowing all employees to share in our success. • A dedicated Employee Wellness Hub supported by Kara Connect, providing you with resources and support to maintain your health and well-being. • An opportunity to work alongside and learn from leading experts in cyber security and data protection, enriching your professional journey. • Regular social events with the team. • 22 days holiday rising to 25 days annual holiday on your birthday. Requirements • Minimum three years of experience in a similar lead GRC compliance or security role (including policy/documentation reviews & auditing). • Proven track record in successfully maintaining information security standards in a workplace environment (ISO27001, NIST, etc.). • Compliance or information security-related certification. • A strong desire to grow, develop and support junior members of the team. • Excellent written and oral communication skills for liaising with external stakeholders conveying complex compliance information. • Ability to analyse data, identify key issues, and develop practical solutions. • Plan, prioritise, and manage time efficiently. • Due to the nature of this role, having an eye for detail is crucial.