IT Security Technical, Governance, Risk and Compliance Consultant

Phoenix enables digital transformation in the workplace, empowering UK organisations to innovate and transform with cloud and hybrid infrastructures, data, AI, security, and collaboration tools.

We are now looking for a Governance, Risk & Compliance (GRC) Consultant to join the team and help deliver a range of customer engagements.

• Scoping of customer requirements, working with the GRC Practice Lead and Business Development Manager to identify GRC opportunities
• Providing internal support to key business functions within the organisation around GRC
• Delivery of GRC consultancy projects to a range of customers across the public sector and corporate sector, this includes:
  • Security/maturity assessments
  • Cyber security strategy development
  • ISO services – from gap analysis, external auditing and implementation support around ISO27001, ISO22301 & ISO42001
  • AI governance workshops
  • Third party risk management
  • Incident response planning, including but not limited to Cyber Security Incident Response Plans (CSIRPs) and Tabletop Exercises, Business Impact Assessments, Disaster Recovery and Business Continuity Plans and support

At Phoenix, our philosophy is simple – we aim to be the UK’s leading IT solution and managed service provider and that means we recognise that it’s our people who are the heart of everything we do.

We do this by providing the encouragement, support and skill development that you need to be the very best you can be at work. We are proud of our culture, so much so that we have developed our Culture Blueprint which you can read.

The right person for this role will already have a track record and pedigree in delivering GRC consultant to a varied customer base. You will be comfortable in the consultant role with the commercial awareness to be excellent in customer-facing role such as this.

Those who have only an experience in an internal role or as an engineer will not be suitable for this position.

• A consistent track record and pedigree in delivering GRC consultancy to a varied customer base
• Ability to understand and succinctly explain the complex requirements of frameworks, standards and best practice including such as ISO27001/22301, CIS and Cyber Essentials
• Experience of creating CSIRP's or similar incident response documentation, and delivery of tabletop exercises
• Ability to create high quality reports and documentation, meeting deadlines
• Ability to translate technical content into simple and straightforward language, and deal with a range of technical and non-technical stakeholders
• Ability to form rapport and trust with customers quickly, and dedication to delivering outstanding work

Where is the role based?

Our HQ is in Pocklington (YO42) however this role can be largely remote with a visit once a month.

How many interviews?

Following a screen with the Recruitment Team you can expect a two-stage interview process.

What are the benefits?

You can read about the benefits on offer 😊

BPSS Check: As part of our recruitment process due to the nature of the work we do, all employees are required to undertake a check. While some employees require further security clearance, the BPSS check is a must-have requirement and all offers of employment are conditional pending the passing of this check.