Senior GRC Consultant (UK) - Dionach by Nomios

3 days ago Be among the first 25 applicants.

The role offers flexibility to work remotely, alongside office work and visits to client sites in Glasgow.

Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally.

Dionach by Nomios holds impressive certifications, including CREST, Cyber Scheme, CHECK, PCI QSA, SWIFT CSCF and ISO 27001. With our focus on enhancing customers' security and fostering team development, you are joining a company that prioritizes both your growth and the safety of our clients.

We're in an exciting phase of expansion and are looking for self‑motivated individuals ready to thrive in a fun, flexible environment. At Dionach by Nomios, your contributions will have a genuine impact on the business, and you'll find opportunities for both interesting work and career development.

• Hybrid Working: Flexibility to work remotely or use our UK offices around client visits.
• Professional Growth: Access to training labs, certification sponsorship, and time for skill development.
• Well‑being Focus: Private health insurance, eye care plan, income protection, EAP scheme, and well‑being platform.
• Additional Perks: Employee benefits and discount platform.

At Dionach by Nomios, we believe that diversity fuels innovation. We're dedicated to creating an inclusive workplace where everyone feels valued and respected. We welcome applications from all backgrounds, perspectives, and experiences, and we're committed to being an equal opportunity employer. We do not discriminate based on race, religion, gender, age, disability, or any other legally protected status.

We encourage candidates from underrepresented groups to apply and are committed to providing a supportive and accessible environment for all our employees. If you require accommodations during the application process, let us know, and we'll work to meet your needs.

As a Senior GRC Consultant within our highly skilled Cyber Security Team you will be responsible for contributing to our information security consultancy, with opportunities to work on information security assessments within sizeable projects, conduct ISO 27001 audits, help implement aspects of ISO 27001, and engage in risk management. There is also potential for growth into such diverse fields as PCI DSS, privacy, and business continuity.

• Recognized ISO 27001 Lead Auditor qualification.
• Significant experience in auditing ISO 27001 based Information Security Management Systems.
• Significant experience in consulting and implementing Information Security Management Systems.
• Strong knowledge of regulatory frameworks such as the GDPR.
• Significant previous IT experience.
• Ability to assess the impact of regulatory changes and advise clients on best practices.
• Experience as the lead auditor or consultant and working in teams.
• Outstanding verbal communication skills.
• Excellent report writing skills with the ability to explain information security risks to non‑technical senior stakeholders.
• Proven project management experience in executing GRC projects within complex organizations.
• Ability to handle multiple projects and deadlines, ensuring timely delivery of compliance programmes.

• Experience of AI governance and auditing or implementing an ISO 42001 AIMS.
• Information security qualifications such as CISSP, CISA, or CISM.
• Familiarity with GRC cloud‑based systems.
• Experience of PCI DSS or a PCI QSA.
• Experience auditing SWIFT CSCF.
• Developing and providing training.
• Writing policies and technical documents.
• Managing a team or leading teams.

If you are keen to join a growing company and feel you will be a great candidate for this role, please do apply!

Seniority level: Mid‑Senior level. Employment type: Full‑time. Job function: Consulting, Information Technology and Sales. Industries: Computer and Network Security.