i6 - GRC Manager - 12 month FTC

Remote - UK$27k - $27k3w ago

Remote Senior EMEA Cybersecurity Cloud Computing Auditor General Manager Risk Management Documentation Board Support Stakeholder Management AWS GCP Governance Reporting Circom Document Management CAIA ITIL

Requirements

• As a guide a GRC Manager at i6 would typically have 5-10+ years experience in GRC, Information Security, IT Audit, Risk Management or Compliance. • Proven ownership of ISO 27001 programmes: risk assessments, ISMS management, audit cycles • Hands-on SOC 2 Type 2 experience: evidence collection, control monitoring, external auditor co-ordination • Strong working knowledge of ISO 9001, ISO 14001, Cyber Essentials and broader security governance frameworks • Experience implementing or administering Vanta (or similar GRC/trust platform such as ISMS Online, Drata, Tugboat Logic) — strongly preferred • Incident investigation experience: root cause analysis, CAPA, continuous improvement • Stakeholder management across engineering, operations, HR, commercial and senior leadership • Understanding of cloud and IT security concepts (AWS/GCP, IAM, MFA/SSO, vulnerability management) — sufficient to work effectively alongside the technical security function • Experience managing or guiding junior audit staff • Relevant professional certification preferred: ISC2 CISSP, ISACA CISM, ISO 27001 Lead Auditor or Lead Implementer, CRISC, or ITIL Foundation • Experience with AI-assisted compliance tooling is an advantage • Aviation or regulated industry sector experience is desirable but not essential

Responsibilities

• GRC strategy: design, maintain and communicate i6's compliance framework across ISO 9001, ISO 14001, ISO 27001, SOC 1, SOC 2 and Cyber Essentials • Compliance tooling: own, implement and develop Vanta (or equivalent) as the single source of truth for compliance evidence, controls monitoring and audit history • Operating model assurance: ensure the business follows its own documented processes and procedures; identify and resolve gaps • Policy & document management: own the review cycle for all compliance-related policies and procedures; own the process mapping activities and associated toolset (Lucid, Process Accelerator) • Internal audit programme: manage and guide James Platt in the execution of the internal audit schedule; report findings to senior leadership • Audit leadership: lead all external audit engagements and certification renewals; manage the auditor relationship • RFP & tender support: provide security and compliance input to commercial bids and customer security questionnaires • ESG / Net Zero: lead the Board Net Zero reporting programme (supported by ESG & Supply Chain Specialist) • Training & awareness: deliver compliance training; ensure 100% completion • Reporting: provide timely, accurate executive reporting on compliance posture and audit readiness • Deputy CISO: support the CISO function (currently fulfilled by the Managing Director)