GRC Project Manager
Details:
Day Rate: £500 - £600
Contract Length: 6 months (outside of IR35)
Location: Remote.
About the role
We are seeking a Governance, Risk, and Compliance (GRC) Project Manager to oversee, manage, and deliver key compliance and accreditation programmes. The role will have a particular focus on maintaining our ISO27001 and Defence Cyber Protection Partnership (DCPP) accreditations, while leading projects to achieve new certifications in ISO9001, ISO20000, and ISO14005. The successful candidate will be responsible for working with teams across the organisation to define the necessary policies or procedures required to meet the compliance standards, and ensuring that changes are implemented, adopted and embedded across the organisation.
Responsibilities
Accreditation Management
Ensure continued compliance with ISO27001 & Cyber Essentials+ Information Security accreditations.
Ensure continued compliance with the Defence Cyber Protection Partnership (DCPP) requirements.
Project manage the organisation’s accreditation journey for ISO9001 (Quality Management), ISO20000 (IT Service Management), and ISO14005 (Environmental Management).
Liaise with external auditors, certification bodies, and relevant stakeholders.
Governance & Compliance
Develop, implement, and monitor policies, processes, and controls that align with accreditation requirements.
Coordinate internal and external audits, including preparation, evidence gathering, and follow-up of corrective actions.
Ensure documentation is maintained to the highest standard, with clear audit trails.
Monitor changes in regulatory and industry standards, advising the business on impacts and necessary adjustments.
Risk Management
Facilitate risk assessments and ensure risk registers are up to date.
Work with stakeholders to implement risk mitigation measures.
Report on compliance and risk status to senior management and governance committees.
Project Delivery
Develop detailed project plans, timelines, and deliverables for accreditation projects.
Oversee cross-functional working to deliver compliance initiatives on time and within scope.
Track progress, resolve blockers, and report on project status.
Key Skills
Proven experience as a GRC, Compliance, or IT Project Manager.
Experience with ISO27001 implementation and certification projects.
Hands-on experience leading accreditation or certification programmes.
Excellent understanding of governance, risk management, and compliance frameworks.
Strong organisational skills with the ability to manage multiple workstreams.
Excellent communication and stakeholder management skills (technical and non-technical audiences).
Analytical and detail-oriented approach to problem-solving.
Strong report writing and presentation skills.
Desirable Skills
Experience with ISO9001, ISO20000, ISO14005 implementation and certification projects.
Understanding of ITIL frameworks and IT service management processes.
Knowledge of environmental management systems and sustainability practices.
Project management qualification (e.g., Agile, PRINCE2, PMP).
Experience working in highly regulated industries (e.g., defence, financial services).
About the job
Apply for this position
GRC Project Manager
Details:
Day Rate: £500 - £600
Contract Length: 6 months (outside of IR35)
Location: Remote.
About the role
We are seeking a Governance, Risk, and Compliance (GRC) Project Manager to oversee, manage, and deliver key compliance and accreditation programmes. The role will have a particular focus on maintaining our ISO27001 and Defence Cyber Protection Partnership (DCPP) accreditations, while leading projects to achieve new certifications in ISO9001, ISO20000, and ISO14005. The successful candidate will be responsible for working with teams across the organisation to define the necessary policies or procedures required to meet the compliance standards, and ensuring that changes are implemented, adopted and embedded across the organisation.
Responsibilities
Accreditation Management
Ensure continued compliance with ISO27001 & Cyber Essentials+ Information Security accreditations.
Ensure continued compliance with the Defence Cyber Protection Partnership (DCPP) requirements.
Project manage the organisation’s accreditation journey for ISO9001 (Quality Management), ISO20000 (IT Service Management), and ISO14005 (Environmental Management).
Liaise with external auditors, certification bodies, and relevant stakeholders.
Governance & Compliance
Develop, implement, and monitor policies, processes, and controls that align with accreditation requirements.
Coordinate internal and external audits, including preparation, evidence gathering, and follow-up of corrective actions.
Ensure documentation is maintained to the highest standard, with clear audit trails.
Monitor changes in regulatory and industry standards, advising the business on impacts and necessary adjustments.
Risk Management
Facilitate risk assessments and ensure risk registers are up to date.
Work with stakeholders to implement risk mitigation measures.
Report on compliance and risk status to senior management and governance committees.
Project Delivery
Develop detailed project plans, timelines, and deliverables for accreditation projects.
Oversee cross-functional working to deliver compliance initiatives on time and within scope.
Track progress, resolve blockers, and report on project status.
Key Skills
Proven experience as a GRC, Compliance, or IT Project Manager.
Experience with ISO27001 implementation and certification projects.
Hands-on experience leading accreditation or certification programmes.
Excellent understanding of governance, risk management, and compliance frameworks.
Strong organisational skills with the ability to manage multiple workstreams.
Excellent communication and stakeholder management skills (technical and non-technical audiences).
Analytical and detail-oriented approach to problem-solving.
Strong report writing and presentation skills.
Desirable Skills
Experience with ISO9001, ISO20000, ISO14005 implementation and certification projects.
Understanding of ITIL frameworks and IT service management processes.
Knowledge of environmental management systems and sustainability practices.
Project management qualification (e.g., Agile, PRINCE2, PMP).
Experience working in highly regulated industries (e.g., defence, financial services).