Information Security Consultant

We’re looking for a GRC Manager with strong experience across ISO
27001, Cyber Essentials, and 3rd Party Supplier Assurance, to support a range of ongoing governance and assessment activities. This is a hands‑on role focused on working with stakeholders to assess risk, gather evidence and drive remediation across multiple business areas.

You’ll work closely with security leadership and key stakeholders to deliver subsidiary assessments, expand certification scope, and ensure consistent reporting and control effectiveness across the organisation.

• Support delivery of ISO
  27001 and Cyber Essentials activities, including scope expansion and control assurance
• Conduct supplier security assessments, working directly with stakeholders to gather evidence and review controls
• Identify risks, issues and gaps, ensuring clear remediation actions and plans are defined
• Ensure outputs from ongoing GRC initiatives are tracked, reviewed and aligned to expectations
• Drive consistent reporting across weekly, bi‑weekly and monthly cadences
• Work across multiple initiatives, balancing priorities in a fast‑moving environment

Hybrid – London or Sheffield