Senior GRC Consultant (UK) - Dionach by Nomios

This role offers flexibility to work remotely, alongside office work and visits to client sites in Glasgow.

Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally.

Dionach by Nomios holds impressive certifications, including CREST, Cyber Scheme, CHECK, PCI QSA, SWIFT CSCF and ISO 27001. With our focus on enhancing customers' security and fostering team development, be joining a company that prioritizes both your growth and the safety of our clients.

We're in an exciting phase of expansion and are looking for self‑motivated individuals ready to thrive in a fun, flexible environment. At Dionach by Nomios, your contributions will have a genuine impact on the business, and you'll find opportunities for both interesting work and career development.

Our employees are the heart of our business. We value our employees and invest in their growth and well‑being. Here's what we offer:

• Hybrid Working: Flexibility to work remotely or use our UK offices around client visits.
• Professional Growth: Access to training labs, certification sponsorship, and time for skill development.
• Well‑being Focus: Private health insurance, eye care plan, income protection, EAP scheme, and well‑being platform.
• Additional Perks: Employee benefits and discounts platform.

At Dionach by Nomios, we believe that diversity fuels innovation. We're dedicated to creating an inclusive workplace where everyone feels valued and respected. We welcome applications from all backgrounds, perspectives, and experiences, and we're committed to being an equal opportunity employer. We do not discriminate based on race, religion, gender, age, disability, or any other legally protected status.

We encourage candidates from underrepresented groups to apply and are committed to providing a supportive and accessible environment for all our employees. If you require accommodations during the application process, let us know, and we'll work to meet your needs.

As a Senior GRC Consultant within our highly skilled Cyber Security Team you will be responsible for contributing to our information security consultancy, with opportunities to work on information security assessments within sizeable projects, conduct ISO 27001 audits, help implement aspects of ISO 27001, and engage in risk management. Furthermore, there is potential for growth into such diverse fields as PCI DSS, privacy, and business continuity.

• Recognized ISO 27001 Lead Auditor qualification.
• Significant experience in auditing ISO 27001 based Information Security Management Systems.
• Significant experience in consulting and implementing Information Security Management Systems.
• Strong knowledge of regulatory frameworks such as the GDPR.
• Significant previous IT experience.
• Ability to assess the impact of regulatory changes and advise clients on best practices.
• Experience working as a lead auditor or consultant and in teams.
• Outstanding verbal communication skills.
• Excellent report writing skills with the ability to explain information security risks to non‑technical senior stakeholders.
• Proven project management experience in executing GRC projects within complex organizations.
• Ability to handle multiple projects and deadlines, ensuring timely delivery of compliance programs.

• Experience of AI governance and auditing or implementing an ISO 42001 AIMS.
• Information security qualifications such as CISSP, CISA, or CISM.
• Familiarity with GRC cloud‑based systems.
• Experience of PCI DSS or a PCI QSA.
• Experience auditing SWIFT CSCF.
• Developing and providing training.
• Writing policies and technical documents.
• Managing a team or leading teams.

If you are keen to join a growing company and feel you will be a great candidate for this role, please do apply!