GRC Project Manager (contract)

In 2019, our founders were working as engineers solving complex cross domain problems within government organisations

TwinStream was formed to consolidate their collective expertise and experience into one business, providing technical excellence and exceptional service to their clients. We have teams working both on-site with clients and remotely from home.

Details:

Contract Length: 6 months (outside of IR35)

Location: Remote.

We are seeking a Governance, Risk, and Compliance (GRC) Project Manager to oversee, manage, and deliver key compliance and accreditation programmes. The role will have a particular focus on maintaining our ISO27001 and Defence Cyber Protection Partnership (DCPP) accreditations, while leading projects to achieve new certifications in ISO9001, ISO20000, and ISO14005. The successful candidate will be responsible for working with teams across the organisation to define the necessary policies or procedures required to meet the compliance standards, and ensuring that changes are implemented, adopted and embedded across the organisation.

• Accreditation Management
• Ensure continued compliance with ISO27001 & Cyber Essentials+ Information Security accreditations.
• Ensure continued compliance with the Defence Cyber Protection Partnership (DCPP) requirements.
• Project manage the organisation’s accreditation journey for ISO9001 (Quality Management), ISO20000 (IT Service Management), and ISO14005 (Environmental Management).
• Liaise with external auditors, certification bodies, and relevant stakeholders.
• Governance & Compliance
• Develop, implement, and monitor policies, processes, and controls that align with accreditation requirements.
• Coordinate internal and external audits, including preparation, evidence gathering, and follow-up of corrective actions.
• Ensure documentation is maintained to the highest standard, with clear audit trails.
• Monitor changes in regulatory and industry standards, advising the business on impacts and necessary adjustments.
• Facilitate risk assessments and ensure risk registers are up to date.
• Work with stakeholders to implement risk mitigation measures.
• Report on compliance and risk status to senior management and governance committees.
• Project Delivery
• Develop detailed project plans, timelines, and deliverables for accreditation projects.
• Oversee cross-functional working to deliver compliance initiatives on time and within scope.
• Track progress, resolve blockers, and report on project status.

• Proven experience as a GRC, Compliance, or IT Project Manager.
• Experience with ISO27001 implementation and certification projects.
• Hands-on experience leading accreditation or certification programmes.
• Excellent understanding of governance, risk management, and compliance frameworks.
• Strong organisational skills with the ability to manage multiple workstreams.
• Excellent communication and stakeholder management skills (technical and non-technical audiences).
• Analytical and detail-oriented approach to problem-solving.
• Strong report writing and presentation skills.
• Experience with ISO9001, ISO20000, ISO14005 implementation and certification projects.
• Understanding of ITIL frameworks and IT service management processes.
• Knowledge of environmental management systems and sustainability practices.
• Experience working in highly regulated industries (e.g., defence, financial services).

To meet the security requirements of certain clients and industries we serve, any job offer will be contingent upon the successful completion of a security screening process.

At TwinStream, we take pride in being an equal opportunity employer. We celebrate diversity and are committed to fostering an inclusive environment where all individuals are valued and respected. We welcome applications from qualified candidates regardless of race, religion, disability, age, sexual orientation, or gender.