Overview of the role
Phoenix enables digital transformation in the workplace, empowering UK organisations to innovate and transform with cloud and hybrid infrastructures, data, AI, security, and collaboration tools.
We are now looking for a Governance, Risk & Compliance (GRC) Consultant to join the team and help deliver a range of customer engagements.
What will you be doing?
- Scoping of customer requirements, working with the GRC Practice Lead and Business Development Manager to identify GRC opportunities
- Providing internal support to key business functions within the organisation around GRC
- Delivery of GRC consultancy projects to a range of customers across the public sector and corporate sector, this includes:
- Security/maturity assessments
- Cyber security strategy development
- ISO services – from gap analysis, external auditing and implementation support around ISO27001, ISO22301 & ISO42001
- AI governance workshops
- Third party risk management
- Incident response planning, including but not limited to Cyber Security Incident Response Plans (CSIRPs) and Tabletop Exercises, Business Impact Assessments, Disaster Recovery and Business Continuity Plans and support
Why you should apply?
At Phoenix, our philosophy is simple – we aim to be the UK’s leading IT solution and managed service provider and that means we recognise that it’s our people who are the heart of everything we do.
We do this by providing the encouragement, support and skill development that you need to be the very best you can be at work. We are proud of our culture, so much so that we have developed our Culture Blueprint which you can read here.
What are we looking for?
The right person for this role will already have a track record and pedigree in delivering GRC consultant to a varied customer base. You will be comfortable in the consultant role with the commercial awareness to be excellent in customer-facing role such as this.
Those who have only have experience in an internal role or as an engineer will not be suitable for this position.
Key skills/experience:
- A consistent track record and pedigree in delivering GRC consultancy to a varied customer base
- Ability to understand and succinctly explain the complex requirements of frameworks, standards and best practice including such as ISO27001/22301, CIS and Cyber Essentials
- Experience of creating CSIRP’s or similar incident response documentation, and delivery of tabletop exercises
- Ability to create high quality reports and documentation, meeting deadlines
- Ability to translate technical content into simple and straightforward language, and deal with a range of technical and non-technical stakeholders
- Ability to form rapport and trust with customers quickly, and dedication to delivering outstanding work
Practical stuff
Where is the role based?
Our HQ is in Pocklington (YO42) however this role can be largely remote with a visit once a month.
How many interviews?
Following a screen with the Recruitment Team you can expect a two-stage interview process.
What are the benefits?
You can read about the benefits on offer here 😊
*Important* BPSS Check
As part of our recruitment process due to the nature of the work we do, all employees are required to undertake a Baseline Personal Security Standard (BPSS) check. While some employees require further security clearance, the BPSS check is a must-have requirement and all offers of employment are conditional pending the passing of this check
Have you made it this far?
If you’re still reading, we think there’s a strong chance you might be our kind of person.
Here’s the thing, though — research suggests that 60% of women and underrepresented people might have already talked themselves out of applying. Even if you don’t check every box above, we want to encourage you to introduce yourself.
We believe a diversity of perspectives and experiences makes a team stronger — and the stronger our team, the more successful we will be.
