Rodeo
ResourcesPartnersSign in

Mishcon de Reya LLP

Senior GRC Consultant (6 Months - FTC)

London
Posted about 18 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Role purpose

We are seeking an experienced Senior GRC Consultant to join our consulting practice. The successful candidate will operate as a client-facing consultant across a portfolio of concurrent engagements, delivering governance, risk management, and compliance advisory services to multiple clients with the autonomy and rigour expected of a senior consulting professional. The Senior GRC Consultant will manage a diverse client book, with the firm itself representing a principal, but not exclusive engagement.

Across all assignments, the Senior GRC Consultant will be expected to maintain a consistently high standard of delivery, context-switching effectively between engagements and adapting to the specific regulatory, operational, and strategic requirements of each client environment. Working closely with senior stakeholders across client organisations, the Senior GRC Consultant will drive the maturation of GRC processes, ensure alignment with regulatory requirements and industry best practices, and provide expert advisory guidance on risk-related matters.

A key focus across engagements will be to assess, enhance, and uplift baseline GRC capabilities and processes, embedding sustainable improvements that raise the overall maturity of each client's GRC function. The Senior GRC Consultant will also be expected to define and track meaningful metrics and key performance indicators (KPIs) to measure the effectiveness of GRC activities and demonstrate progress against maturity objectives.

The Senior GRC Consultant will be supported by a Cyber GRC Analyst in the delivery of day-to-day GRC activities. In addition, the Senior GRC Consultant will be responsible for guiding, mentoring, and developing the analyst, fostering their professional growth and ensuring effective knowledge transfer across the GRC function.

Key Responsibilities

Governance

  • Assess, develop, and uplift governance frameworks, policies, and procedures across the firm and external client environments.
  • Ensure that governance structures are robust, clearly documented, and aligned with strategic objectives.
  • Facilitate governance forums and committees, preparing board-level and executive reporting as required.

Risk Management

  • Deliver enterprise-wide cyber risk assessments across the firm and client environments, including identification, analysis, evaluation, and treatment of key risks.
  • Maintain and enhance risk registers, ensuring risks are accurately captured, rated, and escalated in accordance with the applicable risk appetite framework.
  • Assess and uplift risk management methodologies, tools, and reporting mechanisms across stakeholder groups.
  • Provide subject-matter expertise and advisory guidance on emerging risks, threat landscapes, and risk mitigation strategies.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Compliance

  • Monitor and assess compliance posture against applicable laws, regulations, standards, and contractual obligations (e.g. GDPR, ISO 27001, SOC 2, PCI DSS, NIS2) across the firm and external client engagements.
  • Design and execute compliance assessment programmes, internal audits, and gap analyses.
  • Advise on and manage relationships with external auditors, regulators, and certification bodies.
  • Track regulatory developments and deliver clear, actionable guidance on the impact of new or amended requirements.

Stakeholder Engagement & Advisory

  • Act as a trusted adviser to senior leadership across the firm and client environments on GRC matters, translating complex risk and compliance topics into clear, actionable insights.
  • Collaborate with IT, Information Security, Legal, Data Protection, and operational teams to embed GRC principles into day-to-day operations and client delivery.
  • Deliver GRC awareness training and education programmes to promote a risk-aware culture across the firm and within client organisations.

Reporting & Metrics

  • Develop and maintain GRC dashboards, key risk indicators (KRIs), and key performance indicators (KPIs) to provide visibility of risk and compliance status across the firm and client engagements.
  • Define and track meaningful metrics to measure the effectiveness of GRC activities and demonstrate progress against maturity objectives.
  • Prepare regular reports for senior management, audit committees, and the board as required.

Qualifications

Required qualifications & experience

  • A minimum of five (5) years' experience in a GRC, risk management, information security, or compliance role, with demonstrable experience operating at a senior or lead level within a consulting or advisory capacity.
  • Strong working knowledge of governance and risk management frameworks (e.g. ISO 27001, ISO 31000, NIST CSF, COBIT).
  • Proven experience conducting risk assessments, compliance audits, and gap analyses.
  • Experience engaging with regulators, external auditors, and certification bodies. Excellent understanding of relevant regulatory landscapes (e.g. GDPR, NIS2, PCI DSS, FCA regulations, or sector-specific requirements).
  • Demonstrated ability to deliver GRC advisory services with the autonomy and rigour expected of a senior consulting professional.

Desirable Qualifications & Certifications

  • Professional certifications such as CRISC, CISA, CISM, CISSP, ISO 27001 Lead Auditor/Implementer, or equivalent.
  • Experience with GRC tooling platforms (e.g. ServiceNow GRC, OneTrust, Archer, or similar).
  • Prior experience in financial services, legal, defence, or other highly regulated sectors.
  • Familiarity with third-party risk management and supply chain assurance programmes.
  • Experience delivering GRC services to multiple clients simultaneously, managing competing priorities and maintaining consistent quality of delivery across engagements.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Skills

Key skills & competencies

  • Exceptional analytical and critical-thinking skills with the ability to assess complex risk scenarios.
  • Outstanding written and verbal communication skills, with the ability to present to executive and board-level audiences.
  • Strong client relationship management skills, with the ability to build trust and credibility across diverse stakeholder groups.
  • Proven ability to context-switch effectively across multiple concurrent engagements without compromising quality of delivery.
  • Strong stakeholder management and influencing skills.
  • Self-motivated and able to work independently, managing multiple priorities within a fast-paced consulting environment.
  • High attention to detail and a commitment to delivering quality outcomes.

Please note that this job profile is not an exhaustive list of duties but merely an outline of the key components of the role. You may be required by your line manager to take on additional responsibilities when requested.

About

About Mishcon de Reya LLP

Mishcon de Reya is an independent law firm, which now employs over 1400 people with more than 650 lawyers offering a wide range of legal services to companies and individuals. The firm has grown rapidly in recent years, showing more than 40% revenue growth in the past five years alone.

With presence in London, Oxford, Cambridge, Singapore, Hong Kong and UAE, the firm services an international community of clients and provides advice in situations where the constraints of geography often do not apply.

The work the firm undertakes is cross-border, multi-jurisdictional and complex, centred around three increasingly entwined and connected sectors: the Innovation Economy, Private Wealth and Capital, and Real Estate. The firm is known as a disputes powerhouse with a formidable capacity firmwide for dispute resolution.

We strive to create a fully diverse and inclusive workplace where all our people are empowered to fulfil their potential. We are proud of our agile working culture and are always happy to talk flexible working.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Governance
Risk Management
Compliance
Analytical Skills
Communication Skills
Client Relationship Management
Stakeholder Management
Mentoring
Reporting
Metrics Development
Regulatory Knowledge
Cyber Risk Assessment
GRC Frameworks
Training
Problem Solving
Attention to Detail

Location

London, England, United Kingdom

Sign up to applySee more jobs like this