GRC Cyber Consultant

Accenture -
London

Apply Now

Job details

Full-time

Qualifications

NIS
CISSP
Information security
CISM
NIST standards
Mentoring
Communication skills
CRISC

Full job description

GRC Cyber Consultant
Location: Any Accenture UK location
Career Level: Level 9 – Specialist

Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which typically requires 5 years continuous UK address history usually including no periods of 30 consecutive days or more spent outside of the UK and declaration of being a British passport holder with no dual nationalism at the point of application.
Note: The above information relates to a specific client requirement

Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all these services. With our thought leadership and culture of innovation, we apply industry expertise, diverse skill sets and next-generation technology to each business challenge.

We believe in inclusion and diversity and supporting the whole person. Our core values comprise of Stewardship, Best People, Client Value Creation, One Global Network, Respect for the Individual and Integrity. Year after year, Accenture is recognised worldwide not just for business performance but also for inclusion, diversity and a great place to work.

Summary

We are seeking experienced Information Security Consultants specialising in Governance, Risk and Compliance (GRC) to support largescale, complex and cutting-edge technology transformation programmes, and to provide such consultancy or work directly with external clients to provide specialist GRC and assurance expertise.

This is a consultancy focused , requiring professionals who can operate confidently in client environments, embed security into delivery from the outset, and provide pragmatic, risk-based advice that enables transformation rather than constraining it.

The will suit individuals who are comfortable acting as a trusted advisor, supporting clients to design, govern and assure modern digital, cloud and data driven services in line with regulatory, contractual and organisational requirements.

Key Responsibilities

Governance, Risk & Assurance Specialist

Design, implement and operate information security governance frameworks aligned to client programme and regulatory context.
Provide independent information security assurance across programmes, platforms and services.
Lead or support technology and information security risk assessments, including:
- Cloud and SaaS environments
- Enterprise platforms and data services
- Third-party and supply chain arrangements
Maintain and present risk positions clearly to senior stakeholders, boards and assurance forums, supporting formal risk owners and governance bodies.

Compliance & Regulatory Advisory

Advise clients on meeting industry standards and regulatory expectations, which may include:
- ISO/IEC 27001 and related standards
- NCSC guidance, CAF and UK regulatory frameworks
- Sector‑specific assurance requirements
Translate regulatory and policy requirements into practical, implementable security controls.
Support audits, assurance reviews and regulatory assessments, acting as the information security subject matter expert.

Secure by Design & Transformation Support

Embed Secure by Design principles into technology and digital transformation programmes from concept through to live service.
Provide security input during architecture design, solution selection, and delivery planning, ensuring risks are addressed early.
Support clients in aligning information security design with business objectives, user needs and regulatory expectations.
Support assurance activities across the delivery lifecycle, including design assurance, go‑live readiness and operational assurance.
Challenge designs constructively to ensure security controls are proportionate, effective and risk based.

Client Engagement & Consultancy Delivery

Work directly with external clients, either embedded within delivery teams or providing advisory support.
Build trusted relationships with client stakeholders, including technical leads, delivery managers and senior leadership.
Produce clear, high quality client deliverables, such as:
- Risk assessments and assurance reports
- Governance artefacts and information security strategies
- Secure by Design recommendations
Adapt quickly to different organisational cultures, risk appetites and delivery models.

Continuous Improvement & Capability Building

Contribute to the development of consulting methods, templates, playbooks and best practice.
Contribute to shaping work packages, estimates and delivery approaches within defined engagements.
Provide informal mentoring and knowledge sharing to more junior colleagues, supporting capability uplift within delivery teams.
Remain current with emerging threats, regulatory change and modern technology patterns.

Essential Skills and Experience

Proven experience in information security governance, risk and compliance (GRC), including working within at least one of the more common standards or certifications (ISO27001, NIST, NIS, CAF etc).
Experience conducting technology and security risk assessments in complex environments.
Strong understanding of modern technology risks, including cloud, identity, data and third-party services.
Excellent communication skills, with the ability to explain risk and information security concepts to nontechnical stakeholders.
Demonstrable experience applying Secure by Design principles within technology or digital delivery.
Experience working in client‑facing, consulting or advisory roles, or equivalent environments.

Qualifications and Professional Development

Essential / Strongly Preferred

One or more industry recognised information security certifications, such as:
- CISSP
- CISM
- Risk focused certifications (e.g. CRISC or equivalent)

Ongoing Development

A clear commitment to continuous learning and professional development.
Willingness to work towards:
- CIISec Full membership
- UK Cyber Security Council (UK CSC) Principal or Chartered professional registration

Personal Attributes

Strong consulting mindset with a pragmatic, outcomes focused approach.
Comfortable balancing security, delivery at pace and business needs.
Professional, trusted and ethical when handling sensitive information.
Confident working independently or as part of multi‑disciplinary client teams.
Curious, adaptable and motivated to work with emerging technologies and new delivery models.

What We Offer

Opportunity to work on high profile, innovative and nationally significant client engagements.
Exposure to a wide range of sectors, technologies and regulatory environments.
Clear pathways for career progression, extensive training opportunities, professional recognition and certification support.
A culture that values individuals, teamwork, quality consultancy and continuous improvement.

Closing date 30/06/2026

Apply Now

Jobseeker tools

Employer Tools

Browse

Stay Connected