GRC Specialist - Information Security, ISO 27000, NIST, GDPR, CISM, CISSP - London
£80,000 - £90,000 + bonus / 2 days WFH
A leading London Market Specialty Insurer is seeking a Security GRC Specialist to join their collaborative security team. You will support the Head of Security GRC in strengthening governance, risk, and compliance across the organisation, ensuring security frameworks, data protection, and secure-by-design principles are embedded across the business.
Key Responsibilities:
* Maintain and update security policies, standards, and procedures.
* Support risk assessments, control testing, and audit evidence preparation.
* Assist with incident response, data protection compliance, and third-party risk assessments.
* Produce GRC metrics and reports to track compliance and control maturity.
Requirements:
* 5+ years’ experience in Information Security, GRC, or IT Risk/Compliance.
* Knowledge of security frameworks (ISO 27000, NIST CSF) and GDPR.
* Strong analytical, organisational, and communication skills.
* Relevant certifications (CISM, CISSP, ISO 27001) are advantageous.
This is an excellent opportunity to join a well respected Insurance business on a huge period of growth.