GRC CONSULTANT
REMOTE WORKING
INITIAL 6 MONTH CONTRACT
£600 PER DAY - OUTSIDE IR35
****Financial Services experience is essential for this contract****
We’re seeking a highly skilled GRC (Governance, Risk & Compliance) Consultant to support a leading cybersecurity consultancy in delivering strategic and technical guidance to enterprise clients.
This role is ideal for someone with deep expertise in ISO 27001 implementation and auditing, and MITRE ATT&CK framework application. Experience with NIST frameworks (especially NIST CSF or 800-53) is a strong advantage.
🔍 Role Overview:
You’ll help organisations enhance their cyber risk posture by aligning security policies, controls, and frameworks with industry standards and threat models. Working closely with stakeholders, you’ll design, assess, and optimise GRC frameworks in high-risk environments.
✅ Key Responsibilities:
* Lead and support ISO 27001 implementation, audits, and remediation plans.
* Apply the MITRE ATT&CK framework to threat modeling and control mapping.
* Contribute to the development and maturity of cybersecurity risk management processes.
* Align GRC initiatives with NIST, CIS, and other frameworks as applicable.
* Conduct gap assessments, risk assessments, and support policy development.
* Liaise with technical and non-technical teams to ensure security alignment.
🧠 Required Skills & Experience:
* Strong experience as a GRC Consultant or Cyber Risk Specialist.
* Proven ISO 27001 implementation and audit experience.
* Practical experience with the MITRE ATT&CK framework.
* Familiarity with NIST CSF, 800-53, or similar frameworks (ideal but not essential).
* Excellent written and verbal communication skills for client-facing work.
* Experience working in regulated or compliance-driven industries is a plus.
📍 Must-Haves:
* UK-based (with the right to work in the UK).
* Available to work remotely and independently as a contractor.
* Strong attention to detail and a structured approach to governance.