GRC Risk Manager
Whitehall Resources are looking for a GRC Risk Manager. This role is hybrid working, with 2 days per week required onsite in Cambridge, for an initial 3 month contract.
***Inside IR35***
Responsibilities:
* Expertly navigate and enhance the clients Information Security Risk Management Framework within ServiceNow IRM, applying qualitative and quantitative risk management principles to empower risk-informed decision-making.
* Lead third-party cyber risk management. Conduct structured assessments, review contracts, and oversee ongoing supplier monitoring.
* Run post-incident reviews: identify root causes, extract systemic insights, and ensure lessons learned are fed back into the control environment and risk register.
* Develop Key Risk and Key Control Indicators to monitor security control effectiveness: guide design and assessment approaches across critical assets and third-party domains.
* Collaborate cross-functionally to reduce risk, ensure accountability and tracking of remediation and improve visibility at speed.
Required Skills and Experience :
* Holds certifications such as CRISC, CISM, CISSP or FAIR. Although experience, impact and the courage to challenge matter more than acronyms.
* Must have hands on experience with risk assessment methodologies, risk quantification and ServiceNow IRM.
* Deep knowledge of security technologies and control frameworks such as ISO 27001, NIST CSF and NIST SP800-53.
* Experience in third-party security risk management-comfortable leading assessments, influencing decisions, and challenging skilfully.
* Confident working with metrics, risk and control indicators and data, drawing conclusions, and using dashboards to inform decisions.
* Champion of AI and Automation.
* Advanced communicator: able to translate technical risks into actionable insights and business impact and articulate these to senior leadership.
* Experience with globally distributed teams, large-scale vendor ecosystems and fast-moving, dynamic environments.
All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description.
Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.