Information Security GRC Specialist

Information Security GRC Specialist - 12m Contract

London, UK - 3 days on site [non-negotiable]

Inside IR35

• Must be CISSP Certified

We're looking for an experienced Information Security GRC Specialist to join a leading organisation undergoing major technology change.

This is a hands‑on role within a growing Information Security team helping to shape and embed GRC strategy across new systems, platforms, and processes.

You’ll play a key part in defining and implementing security governance, risk, and compliance frameworks, ensuring alignment with industry standards and upcoming regulations. The role combines policy development, risk management, and compliance oversight with strong technical awareness across infrastructure and cloud environments.

• Develop and maintain cybersecurity policies, procedures, and controls
• Conduct and support risk assessments, mitigation, and reporting
• Ensure compliance with regulatory and internal standards
• Partner with technology teams to integrate security across platforms and workflows
• Support incident response and post‑incident reviews
• Promote security awareness and best practice across the organisation

You’ll have a technical background (infrastructure, systems, or cloud) and have transitioned into information security, giving you a strong understanding of how security integrates into technology delivery.

• At least 7+ years’ experience in Information Security / GRC
• Hands‑on technical foundation in networks, operating systems, or cloud environments
• Strong understanding of frameworks such as NIST and ISO/IEC 27001
• Knowledge of regulatory environments (FCA, DORA, SEC, MAS)

Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers.

By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.