Risk And Compliance jobs in United Kingdom

Location: UK (Hybrid / Remote)

Salary: £50 - £60K (DOE)

We have an exciting opportunity to join our GRC team as an Information Security Manager at a time of rapid growth and innovation at Cognisys.

Cognisys is a leading cybersecurity company specialising in Penetration Testing, GRC Consulting, and Managed Security services. We pride ourselves on our customer service, forward-thinking approach, and commitment to excellence. Our small but mighty team works with some of the best-known companies in the world, covering over 30 countries worldwide!

About the Role

We’re looking for an Information Security Manager to join our fast-growing consultancy. This is a pivotal role for someone who thrives in a fast-paced environment, solving complex problems at speed, and working directly with clients to deliver high-value outcomes.

You’ll lead and deliver a variety of cyber security governance, risk, and compliance (GRC) engagements from ISO27001 and SOC2 consultancy and internal audits to broader regulatory and standards-based frameworks, including ISO42001, PCI-DSS, GDPR, and other emerging or bespoke requirements.

As a senior leader, you’ll shape our consulting methodologies, mentor junior consultants, and play a key role in scaling our capability as the company grows. You’ll need to be a confident communicator who can engage with C-level stakeholders, translate complex frameworks into clear guidance, and apply strategic thinking to deliver exceptional results.

Key Responsibilities

• Lead and deliver a range of client engagements, including readiness assessments, internal audits, and ongoing advisory work across multiple frameworks.
• Act as a trusted advisor, providing expert guidance on ISO27001, SOC2, and other standards or regulatory requirements such as GDPR, PCI-DSS, ISO42001, NIST CSF, ISO22301, DORA, and NIS2.
• Rapidly understand new or bespoke frameworks/regulations and apply a logical, intelligent approach to consultancy and audit delivery.
• Manage and develop a team of consultants, including:
  • Mentoring, training, and supporting junior team members.
  • Conducting performance reviews and supporting career development.
• Lead client workshops and present findings, strategies, and recommendations to executive and senior leadership teams.
• Drive continuous improvement of internal processes, methodologies, and service delivery.
• Represent the company professionally at all times, acting as a role model for the team and maintaining high standards of client service.
• Undertake occasional travel to client sites as needed.

Requirements

We’re looking for someone who’s not only highly skilled but also adaptable, proactive, and driven by solving problems. You’ll bring a balance of technical expertise and strategic thinking, able to quickly make sense of new requirements and deliver exceptional outcomes in a rapidly changing environment.

Essential Attributes:

• Proven experience delivering cyber GRC consultancy and audit services, ideally across multiple frameworks.
• Strong working knowledge of ISO27001 and SOC2.
• Ability to quickly understand and apply new frameworks or regulatory requirements.
• Exceptional problem-solving skills and the ability to think critically under pressure.
• Excellent client-facing skills, including the ability to lead workshops and engage with C-suite stakeholders.
• Strong leadership skills with experience mentoring or managing teams.
• Organised, able to manage shifting priorities, and comfortable working at pace.
• Excellent verbal and written communication skills.

Desirable (Nice-to-Have):

• Experience in data protection or PCI engagements.
• Relevant certifications such as CISA, CISM, CISSP, ISO Lead Auditor, or PCI QSA.
• Exposure to industry-specific compliance frameworks (e.g., financial services, healthcare).

If you think you can deliver but don't match the criteria above, please don't be put off. We are very open-minded and focus on ability and attitude above skills.

What We Offer

• Annual Leave: 25 days per year, plus UK bank holidays.

• Additional Leave: 1 day of paid leave on your Birthday!

• Heath & Wellbeing: Access to Westfield Health Care Cash Plan and our Employee Mental Health and Wellbeing platform.

• Professional Development: £2,000 annual training budget to support your continued learning and career growth.

• Share Scheme: Eligibility to participate in our EMI share scheme after 18 months of continuous service (subject to company discretion).

• A dynamic and supportive work environment where customer care and innovation drive everything we do.

• Frequent team social events and celebrations.

• Refer a friend bonus scheme, up to £2,000!

Why Join Us?

At Cognisys, you will be part of a collaborative and innovative team that values your input and shares support. You'll have the opportunity to work on challenging projects that make a real impact on our clients. We'd love to hear from you if you want to challenge, lead and innovate!

We're not just about the work; we're about the people. Join a team where innovation is celebrated and your contributions are valued. We foster a collaborative environment where fresh ideas thrive and professional growth is encouraged.

Applications

Please feel free to reach out to Dom, our Head of Talent Acquisition, if you would like any further information, to discuss accessibility requirements, or if you require this information provided in an alternative format – hiring@cognisys.co.uk

We welcome applications from candidates from diverse backgrounds and can make various reasonable adjustments to accommodate individual needs.

NO RECRUITMENT AGENCIES, PLEASE