Job Description
Company Overview
We have an exciting opportunity to join our GRC team as a GRC Consultant at a time of rapid growth
and innovation at Cognisys.
Cognisys is a leading cyber security company specialising in penetration testing, GRC consulting, and
managed security services. We pride ourselves on our customer service, forward thinking approach
and commitment to excellence.
Team Overview
Our Governance Risk and Compliance team is integral to our mission at Cognisys, ensuring our
client's data is protected according to the highest standards of security and compliance.
Due to our continued expansion, we are excited to announce this opportunity to further build our
GRC team with an experienced, driven individual. Your contribution will be essential to the future
growth within this team.
Position: GRC Consultant
Location: Leeds (Hybrid)
Salary: £30,000 - £40,000 DOE.
About the Role
We are seeking a passionate, detail-orientated GRC Consultant to join our team. In this pivotal
position, you will ensure our clients establish robust governance frameworks, manage risks
effectively and maintain compliance with regulatory standards. You will also conduct thorough
security audits to evaluate and improve the effectiveness of risk management, control and
governance processes.
Key Responsibilities
• Conduct comprehensive internal and external audits, ensuring adherence to ISO27001
standard.
• Conduct thorough risk assessments and develop risk management strategies.
• Creating and maintaining security policies.
• Leading governance activities, including reporting and continual process improvement.
• Support and develop the knowledge of junior members of the team.
What we Offer
• A vibrant and supportive work environment where customer service and innovation are at
the heart of everything we do.
• Allocated budget for professional growth & development.
• EMI Employee Share Schemes allowing all employees to share in our success.
• A dedicated Employee Wellness Hub supported by Kara Connect, providing you with
resources and support to maintain your health and well-being.
• An opportunity to work alongside and learn from leading experts in cyber security and data
protection, enriching your professional journey.
• Regular social events with the team.
• 22 days holiday rising to 25 days + annual holiday on your birthday.
Requirements
• Minimum three years of experience in a similar lead GRC compliance or security role
(including policy/documentation reviews & auditing).
• Proven track record in successfully maintaining information security standards in a
workplace environment (ISO27001, NIST, etc.).
• Compliance or information security-related certification.
• A strong desire to grow, develop and support junior members of the team.
• Excellent written and oral communication skills for liaising with external stakeholders
conveying complex compliance information.
• Ability to analyse data, identify key issues, and develop practical solutions.
• Plan, prioritise, and manage time efficiently.
• Due to the nature of this role, having an eye for detail is crucial.