Senior Governance, Risk & Compliance Specialist

Interested in shaping how organisations stay secure while working remotely in a constantly changing cyber landscape? As a Senior GRC Specialist, you’ll help us design and deliver governance, risk and compliance approaches that make a meaningful difference to our clients. You’ll be part of a supportive team within Sopra Steria’s Aerospace, Defence and Security business, where we focus on collaboration, continuous learning and creating innovative solutions that support national security missions. This is a remote role, giving you the flexibility to be based anywhere in the UK. We can offer great career progression opportunities, benefits you can flex to suit your needs, and plenty of development opportunities to help you shape your career. What you'll be doing: Supporting and sometimes leading security activities for client engagements, developing frameworks of security controls that align with objectives and contractual obligations. Building strong stakeholder relationships through positive engagement and clear communication. Identifying and understanding customer requirements, applying industry best practice to deliver the most appropriate solutions. Identifying potential cyber risks, assessing their impact and developing effective mitigation strategies. Delivering assessments, audits and contributing to security strategy using a wide range of technical and management principles. Implementing compliance measures aligned to relevant regulations, standards and frameworks. What you’ll bring: Experience in consultancy engagements such as ISMS implementation, risk assessments, compliance audits and strategy definition. Ability to select and apply the right standards, methods, tools and approaches to tackle complex challenges. Strong decision making that supports project success and team objectives. Confidence presenting complex technical information to both technical and non‑technical audiences. Good project management capability, with the ability to manage multiple priorities at once. A recognised cyber or information security qualification (CISSP, CISM, CCSP, ISO27001 Lead Auditor). It would be great if you had: Experience in cloud security implementation. Knowledge of Identity and Access Management (IDAM). Understanding of Operational Technology (OT). Awareness of security architecture principles. If you’re interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply, we’d love to hear from you! Employment Type: Full-time, Permanent. Security Clearance Level: SC cleared Referral fee: £1500 Although this role is advertised as full-time, we believe that flexibility at work can promote work/life balance, increase your motivation, reduce stress and improve performance and productivity. We support different ways of working and can offer a range of flexible working arrangements. So, if you’re interested and need to work flexibly, we encourage you to apply and talk to us about what might be possible. Loved reading about this job and want to know more about us? Sopra Steria’s Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client’s goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK’s most complex safety‑ and security‑critical markets.