Managing Information Security Consultant (GRC)

LRQA

Job Description

LRQA Cybersecurity is seeking a Managing Information Security Consultant specializing in Governance, Risk, and Compliance (GRC). As an award-winning global assurance provider, we work with high-stakes clients including central banks, government bodies, and critical national infrastructure.

This is a hybrid role based out of Birmingham or London, designed for a high-performing professional who can balance technical delivery with leadership and service development. You will be at the forefront of helping global organizations navigate the evolving threat landscape and complex regulatory requirements.

Role Overview

  • Position: Managing Information Security Consultant (GRC)

  • Locations: Birmingham (Trinity Park) or London (Moorgate)

  • Type: Employee Fixed Term

  • Category: Consulting

  • Working Pattern: Hybrid (Occasional travel to client sites/LRQA offices)

Key Pillars of Responsibility

1. Delivery Excellence

You will lead and execute complex GRC engagements, ensuring high client satisfaction and robust security outcomes.

  • Compliance & Certification: Guide clients toward ISO 27001, GDPR, NIST CSF, and PCI DSS compliance.

  • Auditing: Conduct independent ISO/IEC 27001:2022 audits.

  • Risk & Strategy: Facilitate risk assessment workshops and information asset discovery.

  • Resilience: Deliver business continuity tabletop exercises and stakeholder training.

2. Leadership & Mentoring

As a “Managing” Consultant, you move beyond execution into personnel and thought leadership.

  • Coaching: Mentor junior consultants to enhance their technical and advisory capabilities.

  • Thought Leadership: Contribute to the industry via white papers, webinars, and conference speaking.

  • Service Development: Standardize customer-facing collateral and develop new service offerings for emerging frameworks (e.g., DORA, NIS 2).

3. Pre-Sales & Growth

Collaborate with account managers to define project scopes and identify client needs.

  • Scoping: Attend client meetings to identify requirements and estimate effort for customized consultancy.

  • Consultative Selling: Identify cross-selling opportunities for LRQA’s broader cybersecurity portfolio (Red Teaming, Pen Testing, etc.).

What You’ll Need (Business Experience)

  • Education: Degree in Computer Science, Cyber Security, or IT (or 5+ years of relevant experience).

  • Framework Expertise: Minimum 2 years of experience delivering engagements using NIST, ISO, or similar methodologies.

  • Certifications: * Required: ISO 27001 Lead Auditor or Lead Implementer.

    • Preferred: CISSP or CISM.

  • Communication: Proven ability to translate complex technical risks into business impact for C-suite executives.

  • Regulatory Knowledge: Deep understanding of some or all: GDPR, PCI DSS, SOC 2, DORA, NIS 2, and HIPAA.

Why Join LRQA Cybersecurity?

We are a “people-focused, high-trust” team that actively encourages its consultants to challenge the status quo.

  • Skill Expansion: We encourage learning in domains not strictly related to your day job to keep our team versatile.

  • Community Engagement: We provide time for blogging, public speaking, and attending major Infosec conferences.

  • Global Impact: Work on a diverse international group of consultants protecting critical infrastructure and global retail giants.

  • Inclusive Culture: Join a mission-driven organization where diverse perspectives are considered a core business value.

Application & Pre-Employment

  • Checks: Successful candidates will undergo right to work, education, and criminal record verification.

  • D&I: LRQA is an equal-opportunity employer committed to creating an inclusive culture.

To apply for this job please visit uk.linkedin.com.

more related jobs

check more updates