Overview
We are looking for experienced Governance, Risk & Compliance (GRC) Consultants with active SC or DV Clearance to support a critical Defence programme. In this role, you will collaborate with various stakeholders to deliver security governance and risk management solutions, ensuring compliance with UK Government security standards within complex environments. Your expertise will be essential in guiding security assurance efforts and promoting effective information security practices.
Responsibilities
- Deliver GRC support across secure government programmes.
- Conduct risk assessments, security reviews, and compliance audits.
- Support the development and maintenance of security documentation including Risk Management & Accreditation Documentation Sets (RMADS) and Security Operating Procedures (SyOPs).
- Ensure compliance with JSP 440, JSP 604, NIST, ISO 27001 CAF, and Secure by Design principles.
- Collaborate with Accreditor, Security Assurance Coordinators, and technical teams.
- Identify, assess, and manage information security risks.
- Support governance forums and security working groups.
- Assist with audit preparation and evidence gathering activities.
Requirements
- Active SC or DV Clearance.
- Proven experience in GRC, Information Assurance, or Cyber Security within MOD or UK Government environments.
- Strong understanding of UK Government security frameworks and policies.
- Experience producing and reviewing RMADS and associated accreditation documentation.
- Knowledge of risk management methodologies and security assurance processes.
- Familiarity with ISO 27001, NIST Cyber Security Framework, and MOD security policies.
- Ability to communicate effectively with both technical and non-technical stakeholders.
- Experience working within highly regulated or classified environments.