Rodeo
ResourcesPartnersSign in

Sword Group

Governance, Risk & Compliance Consultant

Glasgow
Posted 26 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, dedicated to driving transformational change for our clients. We leverage proven technology, specialist teams, and extensive domain expertise to create robust technical foundations across platforms, data, and business applications. Our mission is fueled by a passion for technology as a means to solve complex business problems and achieve our clients' objectives.

About the Role

As a GRC Consultant, you will advise and support our clients across governance, risk management, and regulatory compliance. The role focuses on aligning cyber, information security, operational resilience, and wider risk frameworks to UK-specific regulatory, safety, and operational requirements.

You will work closely with client stakeholders to assess maturity, design and implement control frameworks, and provide pragmatic, risk-based guidance that supports safe, secure, and resilient operations.

Deliver governance, risk, and compliance consulting engagements for a variety of clients and industries, including UK Oil & Gas (operators, service companies, and joint ventures), CNI, Finance, and Public Sector.

  • Lead or support GRC maturity assessments, gap analyses, and audits against relevant standards and regulations
  • Interpret and apply UK-specific regulatory requirements, translating them into practical, implementable controls
  • Design and implement GRC frameworks covering risk management, policy, assurance, and reporting
  • Support compliance activities aligned to various regulations and assurance requirements
  • Develop and maintain risk registers, control libraries, and assurance plans
  • Facilitate risk workshops, control reviews, and senior stakeholder briefings
  • Support cyber and information security governance aligned to ISO 27001, NCSC guidance, and sector best practice
  • Provide advisory input into operational resilience, business continuity, and third-party risk management
  • Produce clear, evidence-based client deliverables including reports, executive summaries, and remediation roadmaps
  • Support pre-audit, regulatory inspection, and client assurance activities

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Requirements

Essential

  • Good experience and background of producing high-quality documentation and solution artefacts
  • Proven experience in Governance, Risk, and Compliance roles within regulated or critical infrastructure environments
  • Strong understanding of the UK Oil & Gas and finance regulatory landscape
  • Working knowledge of key frameworks and standards, such as:
    • ISO/IEC 27001
    • ISO 22301 (Business Continuity)
    • UK NIS Regulations and NCSC guidance
    • NIST CSF
    • UK GDPR
    • Data Protection Act
    • DORA
  • Experience conducting risk assessments, control gap analyses, and assurance activities
  • Proven ability to drive adoption, stakeholder buy-in, and embedding change
  • Strong background in end-to-end delivery (from design to implementation and embedding)
  • Ability to engage confidently with technical, operational, and executive stakeholders
  • Strong written communication skills with experience producing client-facing reports
  • Strong ability to translate technical and GRC concepts into clear, business-friendly language
  • Experience working in consulting or advisory environments

Desirable / Valuable

  • Knowledge of:
    • IEC 62443 for OT/ICS security
    • Operational Technology (OT) and industrial control environments
    • Familiarity with NCSC Cyber Assessment Framework (CAF) or sector-specific assurance models
    • Experience supporting regulatory audits (HSE, NIS competent authority, client audits)
  • Certifications such as:
    • ISO 27001 Lead Implementer / Lead Auditor
    • CISM, CRISC, or CISSP
    • IRM or ISO risk management qualifications
    • Understanding of supply-chain and third-party risk in Oil & Gas, CNI, and finance ecosystems
    • Familiarity with GRC tooling such as OneTrust or Archer
    • Ability to contribute to business development or service offering development

Benefits

At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here's what you can expect as part of our benefits package:

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job
  • Personalised Career Development: We create a development plan customized to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth.
  • Flexible working: Flexible work arrangements to support your work-life balance. We can't promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can.
  • A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family-friendly benefits, pension scheme, access to private health, well-being, and insurance schemes

At Sword, we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don't tick all the boxes but feel you have some of the relevant skills and experience we're looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.

If we can do anything to help make the hiring process more accessible, please let our talent acquisition team know when you apply so we can support any adjustments.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Governance
Risk Management
Compliance
Cyber Security
Information Security
Operational Resilience
Risk Assessments
Control Frameworks
ISO 27001
NCSC Guidance
UK GDPR
Data Protection
Business Continuity
Stakeholder Engagement
Documentation
Advisory

Location

Glasgow, Scotland, United Kingdom

Sign up to applySee more jobs like this