Senior GRC Consultant - AI Governance (UK) - Dionach by Nomios

This role offers flexibility to work remotely, with occasional visits to client sites. Alternatively, you can choose a hybrid arrangement and work from our offices in Oxford or Glasgow, if preferred.

Why join Dionach by Nomios?

Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally.

Dionach by Nomios holds impressive certifications, including CREST, Cyber Scheme, CHECK, PCI QSA, SWIFT CSCF and ISO 27001. With our focus on enhancing customers' security and fostering team development,be joining a company that prioritizes both your growth and the safety of our clients.

We're in an exciting phase of expansion and are looking for self-motivated individuals ready to thrive in a fun, flexible environment. At Dionach by Nomios, your contributions will have a genuine impact on the business, and you'll find opportunities for both interesting work and career development.

Benefits

Our employees are the heart of our business. We value our employees and invest in their growth and well-being. Here's what we offer:

• Hybrid Working: Flexibility to work remotely or use our UK offices around client visits.

• Professional Growth: Access to training labs, certification sponsorship, and time for skill development.

• Well-being Focus: Private health insurance, eye care plan, income protection, EAP scheme, and well-being platform.

• Additional Perks: Employee benefits and discounts platform.

Our Commitment to Diversity and Inclusion

At Dionach by Nomios, we believe that diversity fuels innovation. We're dedicated to creating an inclusive workplace where everyone feels valued and respected. We welcome applications from all backgrounds, perspectives, and experiences, and we're committed to being an equal opportunity employer. We do not discriminate based on race, religion, gender, age, disability, or any other legally protected status.

We encourage candidates from underrepresented groups to apply and are committed to providing a supportive and accessible environment for all our employees. If you require accommodations during the application process, let us know, and we'll work to meet your needs.

As a Senior AI Governance Consultant within our highly skilled Cyber Security Team, you will be at the forefront of our new and exciting AI governance service. This will involve advising clients on developing and implementing robust AI governance frameworks, conducting AI risk assessments, and creating policies for the secure and ethical use of AI. While the primary focus is on AI, you will also apply your expertise to broader GRC projects, including information security assessments, ISO 27001 audits, and general information security consulting. The ability to be adaptable and work on a variety of projects is essential.

Essential experience and skills:

• A strong foundation in traditional GRC, demonstrated by significant experience in auditing and implementing Information Security Management Systems.

• A recognised ISO 27001 qualification (e.g., Lead Auditor or Lead Implementer) is essential. You must be able to apply this rigorous mindset to new challenges.

• Demonstrable, hands-on experience applying AI governance principles. This must include practical work such as conducting AI risk assessments, advising on ethical implications, and developing operational policies for clients.

• A strong understanding of key AI governance standards and regulations (e.g., NIST AI RMF, EU AI Act), ideally demonstrated by a professional qualification such as ISO 42001 or IAPP AIGP. We value practical experience and are committed to supporting the right candidate in gaining certification.

• Excellent report writing and communication skills, with the ability to explain complex AI and security risks to non-technical senior stakeholders.

• Proven project management experience in executing compliance or governance projects within complex organisation

  Desirable qualifications and experience:

• Information security qualifications such as CISSP, CISA, or CISM.

• Familiarity with GRC cloud-based systems.

• Experience of PCI DSS or a PCI QSA.

• Experience auditing SWIFT CSCF.

• Developing and providing training.

• Writing policies and technical documents.

• Managing a team or leading teams.

If you are keen to join a growing company and feel you will be a great candidate for this role, please do apply!