Back to job search

Cyber Governance, Risk and Compliance (GRC) Consultant

  • Location:

    City of London

  • Sector:

    Cyber Security

  • Job type:


  • Contact:

    Octavian Donnelly

  • Contact email:

  • Contact phone:


  • Job ref:


  • Published:

    about 2 months ago

  • Expiry date:


​Our Client

Our client is a challenger cyber security firm with a global footprint that offers managed security and consultancy services to its customers. For more than 15 years, the firm has been building long-standing relationships with their clients, continuously defending their people, property and data against cyber security threats.

With a close-knit team of 70 people, our client is about to grow tremendously, thanks to solid funding, ambitious goals and an impressive track record. They are now looking to build out the Professional Services department, for which they will need talented individuals who think ahead of the curve, have an entrepreneurial spirit and are not afraid to speak their mind.

Please note that we can only consider UK-based candidates for this role.

The Role

The role is to lead the firm's Cyber Governance, Risk and Compliance capability as they are embarking on an exciting period of growth. In this capacity you will design, shape, build and deliver all aspects of this capability. You will be working as a lead member of the firm's Professional Services team and will have responsibility for both the growth and management of the team: delivery of client assignments; and assistance in sales opportunities to help further grow the client base.

You will bring a mix of creativity and proactivity to help the firm define and deliver market-leading propositions. You will be an excellent coach that will help more junior members of the team develop and flourish.

Providing leadership, direction and guidance in assessing and evaluating information security risks, monitoring compliance to security standards and appropriate policies (SANS, CIS, NIST, ISO27001, Cyber Essentials, etc.) for the business' clients.


  • Leadership, ownership and growth of the cyber governance, risk and compliance team.

  • Ownership of the team skill development including support to existing staff as well as identifying and attracting new talent to the business.

  • Develop and expand the Governance Risk and Compliance capability.

  • Bring strong experience delivering cyber advisory roles at board level of major organisations.

  • Instil a strong consultative approach across the team to ensure they build long-standing client relationships.

  • To help win major client assignments that will further grow professional and managed services businesses.

  • Lead the delivery or significant client engagements as well as supporting as a team member where required.

  • Clear understanding of ethics, and rules of engagement/scope.

Work Context

  • Bring passion and creativity to the development of our Cyber Governance, Risk and Compliance capability

  • Able to work with impact at the most senior levels of our client organisations

  • Strong team work ethic to work across the different areas of the firm

  • Develop, coach, train and mentor more junior consultants

  • Client relationship building to ensure longstanding sustainable business

  • Strong ethics, clear understanding of penetration-testing rules-of-engagement, scope limits, etc.

Your Profile

  • Proactive, "can do" attitude

  • Able to demonstrate responsibility and leadership

  • Must be self-sufficient, but also able to work in a team

  • Natural coaching and teaching style

  • Problem solving skills

  • Excellent communication skills, extending to clear report writing skills

  • Ethical

  • Professional

Key qualifications and skills


  • 5+ years leading governance, risk and compliance advisory roles (whether in house or as a consultant)

  • Strong experience of cyber maturity tools (e.g. NIST, ISO27001, CIS)

  • Aptitude in coaching, developing more junior team members

  • Demonstrate impact and gravitas when working C-Level

  • Recognised qualification in Information Security at practitioner level, or equivalent experience

  • Ability to hold UK Security Clearance


  • Experience in growing business through existing and new clients

  • Industry experience that will help us attract wider clients

About Rutherford

Rutherford is a boutique search firm located in London. Our consultants are the executive specialists in compliance recruitment, and also in financial crime, legal and cyber security, all within the financial and professional services sectors in the United Kingdom and New York. We use our carefully curated relationships, networks and market knowledge to find the best fit for the clients in hand. We work with a wide range of clients, spanning from advisors, management consultants, corporate and commercial banks, brokers, exchanges, MTFs and financial tech, through to global investment managers, hedge funds, private equity firms, investment banks and technology firms. We began as a compliance recruitment firm in London and expanded to offer new resourcing expertise across legal and cyber recruitment. We have been a leading legal and compliance search agency in London for a decade and are excited about bringing our expanded offering into the technology area.

​Remote Working

We are currently looking for regionally-located Cyber Security professionals (Cyber Risk, IDAM, GDPR, Digital Trust, Solutions Architects, Pentesters) from across the United Kingdom who would be interested in working for London firms on an interim WFH basis: Kent, East Sussex, Essex, Cambridgeshire, Suffolk. Bedfordshire, Buckinghamshire, Hertfordshire, Oxfordshire, Berkshire, Wiltshire, Surrey or Hampshire.

We are also interested in hearing from candidates in Manchester, Birmingham, Oxford, Winchester and Salisbury.