I am currently looking for a GRC Specalist to lead and strengthen my client's information security and data protection capabilities. You'll own the operation and continuous improvement of their Information Security, ensuring compliance with ISO 27001 & GDPR. This is a senior, hands-on role where you'll work closely with business and IT teams to embed secure, compliant ways of working across the organisation. Responsibilities / Duties - Own and evolve information security and data protection policies, standards, and procedures. - Design and support governance processes to ensure consistent security and compliance. - Lead and support information security and data protection risk management. - Lead or support internal and external audits (ISO 27001 / GDPR), including remediation planning and tracking. - Maintain clear, audit-ready compliance evidence and reporting. - Act as a senior subject matter expert for information security, governance, and data protection. - Work collaboratively with business, IT, and functional teams to balance security requirements with operational needs. - Promote security and data protection awareness through training and engagement. - Provide constructive challenge where security or compliance risks are unacceptable. - Support incident governance and GDPR breach response processes. - Assess supplier and third-party security and data protection risks. Ideal Background - Stron...