Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Governance, Risk and Compliance Consultant image - Rise Careers
Job details

Governance, Risk and Compliance Consultant

Overview of the role 

Phoenix enables digital transformation in the workplace, empowering UK organisations to innovate and transform with cloud and hybrid infrastructures, data, AI, security, and collaboration tools.  

We are now looking for a Governance, Risk & Compliance (GRC) Consultant to join the team and help deliver a range of customer engagements. 

 

What will you be doing? 

  • Scoping of customer requirements, working with the GRC Practice Lead and Business Development Manager to identify GRC opportunities 
  • Providing internal support to key business functions within the organisation around GRC 
  • Delivery of GRC consultancy projects to a range of customers across the public sector and corporate sector, this includes: 
    • Security/maturity assessments 
    • Cyber security strategy development 
    • ISO services – from gap analysis, external auditing and implementation support around ISO27001, ISO22301 & ISO42001 
    • AI governance workshops 
    • Third party risk management 
    • Incident response planning, including but not limited to Cyber Security Incident Response Plans (CSIRPs) and Tabletop Exercises, Business Impact Assessments, Disaster Recovery and Business Continuity Plans and support 

 

Why you should apply? 

At Phoenix, our philosophy is simple – we aim to be the UK’s leading IT solution and managed service provider and that means we recognise that it’s our people who are the heart of everything we do. 

We do this by providing the encouragement, support and skill development that you need to be the very best you can be at work. We are proud of our culture, so much so that we have developed our Culture Blueprint which you can read here. 

 

What are we looking for? 

The right person for this role will already have a track record and pedigree in delivering GRC consultant to a varied customer base. You will be comfortable in the consultant role with the commercial awareness to be excellent in  customer-facing role such as this. 

Those who have only have experience in an internal role or as an engineer will not be suitable for this position.  

Key skills/experience: 

  • A consistent track record and pedigree in delivering GRC consultancy to a varied customer base 
  • Ability to understand and succinctly explain the complex requirements of frameworks, standards and best practice including such as ISO27001/22301, CIS and Cyber Essentials 
  • Experience of creating CSIRP’s or similar incident response documentation, and delivery of tabletop exercises 
  • Ability to create high quality reports and documentation, meeting deadlines 
  • Ability to translate technical content into simple and straightforward language, and deal with a range of technical and non-technical stakeholders 
  • Ability to form rapport and trust with customers quickly, and dedication to delivering outstanding work 

 

Practical stuff 

Where is the role based? 
Our HQ is in Pocklington (YO42) however this role can be largely remote with a visit once a month. 

How many interviews? 
Following a screen with the Recruitment Team you can expect a two-stage interview process. 

What are the benefits? 
You can read about the benefits on offer here 😊 

 

*Important* BPSS Chec

As part of our recruitment process due to the nature of the work we do, all employees are required to undertake a Baseline Personal Security Standard (BPSS) check. While some employees require further security clearance, the BPSS check is a must-have requirement and all offers of employment are conditional pending the passing of this check 

 

Have you made it this far? 
 
If you’re still reading, we think there’s a strong chance you might be our kind of person. 
 

Here’s the thing, though — research suggests that 60% of women and underrepresented people might have already talked themselves out of applying. Even if you don’t check every box above, we want to encourage you to introduce yourself. 
 
We believe a diversity of perspectives and experiences makes a team stronger — and the stronger our team, the more successful we will be. 

Average salary estimate

$70000 / YEARLY (est.)
min
max
$60000K
$80000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Governance, Risk and Compliance Consultant, Phoenix Software

At Phoenix, we're on a mission to empower UK organizations with cutting-edge digital transformation, and we're looking for a talented Governance, Risk and Compliance (GRC) Consultant to join our dynamic team. In this role, you'll be the driving force behind shaping comprehensive GRC strategies and delivering valuable consultancy services across both the public and corporate sectors. As a GRC Consultant, your days will be filled with exciting challenges; from scoping customer requirements alongside the GRC Practice Lead, to conducting thorough security assessments and formulating effective cyber security strategies. You'll also have the opportunity to facilitate AI governance workshops and manage third-party risks, ensuring that our clients are well-prepared for any incident. Your expertise will shine as you provide adept support for ISO standards, conduct maturity assessments, and help clients create robust incident response plans. What’s unique about working at Phoenix is our commitment to our people — we invest in your professional growth and foster a positive culture that prioritizes teamwork and support. You’ll be working remotely most of the time, with just a monthly visit to our HQ in Pocklington. If you’re ready to take your GRC expertise to the next level and make a real difference for our clients, this is the place for you. So if you’re passionate about delivering high-quality consultancy and building strong relationships, we’d love to hear from you and hope you’ll consider joining us on this journey!

Frequently Asked Questions (FAQs) for Governance, Risk and Compliance Consultant Role at Phoenix Software
What are the primary responsibilities of a Governance, Risk and Compliance Consultant at Phoenix?

As a Governance, Risk and Compliance Consultant at Phoenix, your main responsibilities include scoping customer requirements, delivering GRC consultancy projects, conducting security assessments, and developing cybersecurity strategies. You'll also lead workshops on AI governance, manage third-party risks, and create essential documentation for incident response planning, helping clients navigate complexities in compliance and security effectively.

Join Rise to see the full answer
What qualifications are needed for the Governance, Risk and Compliance Consultant role at Phoenix?

To be considered for the Governance, Risk and Compliance Consultant position at Phoenix, you should have a proven track record in delivering GRC consultancy, familiarity with frameworks such as ISO27001, and experience with incident response documentation like Cyber Security Incident Response Plans (CSIRPs). The ability to translate complex technical requirements into straightforward terms is crucial, along with excellent customer-facing skills.

Join Rise to see the full answer
How does Phoenix support the professional development of its Governance, Risk and Compliance Consultants?

At Phoenix, we prioritize your professional growth as a Governance, Risk and Compliance Consultant. We offer supportive mentoring, access to training programs, and opportunities to work on diverse projects that enhance your skills. Our Culture Blueprint reflects our commitment to fostering an engaging environment where you're encouraged to excel and innovate.

Join Rise to see the full answer
Is remote work an option for the Governance, Risk and Compliance Consultant at Phoenix?

Yes! The Governance, Risk and Compliance Consultant position at Phoenix is primarily remote, allowing you flexibility while contributing to impactful projects. You'll only need to visit our Pocklington HQ occasionally, fostering a great work-life balance while remaining connected with your teammates and clients.

Join Rise to see the full answer
What does the interview process look like for the Governance, Risk and Compliance Consultant role at Phoenix?

The interview process for the Governance, Risk and Compliance Consultant position at Phoenix involves an initial screening with our Recruitment Team, followed by a two-stage interview process. This allows us to understand your fit for the role better while giving you a chance to learn more about our team and culture.

Join Rise to see the full answer
Common Interview Questions for Governance, Risk and Compliance Consultant
Can you describe your experience with ISO standards related to governance, risk, and compliance?

In preparing for this question, you should provide specific examples of your experience with ISO standards like ISO27001 and ISO22301. Discuss scenarios where you implemented these standards, the challenges you faced, and the outcomes achieved to demonstrate your capability in GRC consultancy.

Join Rise to see the full answer
How do you approach scoping customer requirements in GRC engagements?

Sharing your methodology for understanding client needs is crucial here. Discuss how you gather information, communicate with stakeholders, and outline their specific compliance needs. Highlight your ability to translate their requirements into actionable GRC solutions to showcase your consulting skills.

Join Rise to see the full answer
What strategies have you used in developing cybersecurity strategies for clients?

In your response, emphasize your analytical skills and detail how you've identified security challenges and tailored strategies for specific clients. Showcase your understanding of emerging threats and compliance requirements, demonstrating your comprehensive approach to cybersecurity.

Join Rise to see the full answer
How would you explain complex GRC concepts to a non-technical stakeholder?

Your answer should reflect your communication skills. Discuss techniques such as using analogies or simple language, along with how you gauge their knowledge level. This question tests your ability to make complex information accessible to diverse audiences.

Join Rise to see the full answer
Can you provide an example of a successful incident response plan you developed?

Detail a past experience providing a specific incident response plan you created. Discuss the steps you took in developing the CSIRP and how it was executed during a particular incident, along with the lessons learned that improved future responses.

Join Rise to see the full answer
What experience do you have with conducting tabletop exercises?

Outline your past experience facilitating tabletop exercises, focusing on how you set up scenarios, engaged participants, and evaluated their responses. Highlight how these exercises strengthened your clients' incident response capabilities.

Join Rise to see the full answer
How do you stay updated on changes in compliance regulations and industry best practices?

Talk about your commitment to continuous learning, such as attending industry conferences, participating in webinars, or engaging with professional organizations related to GRC. This reflects your proactive approach to staying informed.

Join Rise to see the full answer
What challenges do you anticipate in the Governance, Risk and Compliance sector, and how would you address them?

In your response, demonstrate your awareness of current trends and challenges, like evolving regulations and cybersecurity threats. Share strategies for adapting to those challenges, showing your forward-thinking mindset as a consultant.

Join Rise to see the full answer
Describe a time when you had to build rapport with a difficult client. How did you manage it?

This question assesses your interpersonal skills. Provide an example of when you turned a challenging relationship into a successful collaboration through active listening, empathy, and clear communication. Emphasize your problem-solving mindset.

Join Rise to see the full answer
Why are you passionate about working in governance, risk, and compliance?

Express your genuine interest in GRC and its importance in today's digital landscape. Share personal motivations, such as the desire to safeguard organizations and support them in their compliance journeys. This enthusiasm will resonate with interviewers.

Join Rise to see the full answer
Similar Jobs
Photo of the Rise User
Phoenix Software Remote No location specified
Posted 9 days ago
Photo of the Rise User
Posted 4 days ago
Posted 11 hours ago
Photo of the Rise User
Posted 4 days ago
Customer-Centric
Empathetic
Feedback Forward
Transparent & Candid
Reward & Recognition
Collaboration over Competition
Posted 14 days ago
Posted 2 days ago
Photo of the Rise User
Posted 11 days ago
Photo of the Rise User
Posted 3 days ago
Photo of the Rise User
Inclusive & Diverse
Rise from Within
Mission Driven
Diversity of Opinions
Family Medical Leave
Maternity Leave
Paternity Leave
Lactation Facilities
Family Coverage (Insurance)
Medical Insurance
Dental Insurance
Vision Insurance
Mental Health Resources
Life insurance
Disability Insurance
Health Savings Account (HSA)
Flexible Spending Account (FSA)
401K Matching
Paid Time-Off
Paid Volunteer Time

Phoenix Software International, Inc., (https://www.phoenixsoftware.com/) is a systems software development company providing advanced software applications to enterprises around the globe. The company offers a wide range of solutions to modern bus...

11 jobs
MATCH
Calculating your matching score...
FUNDING
DEPARTMENTS
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
EMPLOYMENT TYPE
Full-time, hybrid
DATE POSTED
March 16, 2025

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
LATEST ACTIVITY
Photo of the Rise User
10 people applied to Sustainability Analyst at EcoVadis
A
Someone from OH, Lewis Center just viewed 34505367634 - Fraud Analyst at Activate Talent
Photo of the Rise User
Someone from OH, Dublin just viewed Senior Third-Party Risk Analyst at Fenergo
Photo of the Rise User
Someone from OH, Columbus just viewed US Product Designer at Praxent
Photo of the Rise User
Someone from OH, Cleveland just viewed Accounting Co-Op (Part-Time) at Avery Dennison
Photo of the Rise User
121 people applied to Mindset/Life Coach at Upwork
Photo of the Rise User
Someone from OH, North Ridgeville just viewed Product Manager at ShiftCare
Photo of the Rise User
Someone from OH, North Ridgeville just viewed Product Operations at Binance
Photo of the Rise User
Someone from OH, Mentor just viewed Sales & Service Lead - Pinecrest at Alo Yoga