Internal Controls & GRC Lead
SKILLS
FULL DESCRIPTION
Internal Controls & GRC Lead
Greater London, England, United Kingdom
Risk, Security and Controls | Full-time
Apply with Linkedin
Apply with Indeed
About Us
[Employer hidden — view at passion-project.co.uk] Consulting is an independent risk and security consultancy that brings together people, protection, and performance to help organisations achieve Digital Enterprise Resilience. For more than 20 years, [Employer hidden] has enabled the world’s leading companies to understand and optimise their risk and security landscape through assessment-based road mapping, organisational empowerment, and expert application of market-leading technologies. [Employer hidden] is headquartered in London with offices across Asia, Australia, Europe, and North America.
About You
We are seeking an experienced internal controls lead with a strong foundation in Governance, Risk and Compliance (GRC) systems and associated controls, proficiency in SAP environments, and awareness of financial regulatory frameworks.
Key Responsibilities
- Design, implement, and assess internal controls frameworks, primarily within SAP-enabled environments.
- Lead client conversations on GRC strategy, compliance challenges, and controls optimisation (ITGC, ITAC, and key ICFR controls coverage).
- Provide insight on Sarbanes-Oxley (SOX) and UK Corporate Reform (Provision 29), helping communicate regulatory obligations and actionable solutions.
- Manage and mentor junior consultants and analysts to aid a high-performance team culture.
- Support business development activities, including scoping, proposal development, and client pitches throughout the sales lifecycle.
- Build long-term relationships with clients as a trusted advisor in controls and compliance.
Required core behaviours
- Ability to focus on the “why” of our solutions, not just the how.
- Demonstrable experience in prioritising the client’s objectives
- Passionate about improving the perception of the industry towards a more business growth enabling function.
- Demonstrable ability to build productive relationships with both internal and external stakeholders in a hybrid working environment.
Required Skills & Experience
- Strong experience designing and executing GRC controls, ideally within SAP ERP systems.
- Strong experience of ITGC and ITAC controls (implementation and testing)
- Knowledge of financial compliance requirements such as SOX and UK Provision 29 (UK Corporate Reform).
- Knowledge of key financial processes and associated ICFR controls.
- Demonstrated ability to lead engagements and communicate effectively with senior stakeholders.
- Proven track record in team management and mentoring.
- Familiarity with the consulting sales lifecycle, including opportunity identification and bid support.
- Excellent analytical, presentation, and organizational skills.
Preferred Qualifications
- Professional certifications such as CISA, ACA, ACCA or equivalent.
- Experience in risk advisory or Big Four consultancy environment.
- Exposure to emerging technologies in risk and controls, such as automation, data analytics, AI etc.
Reports to: RSC Director
Salary: £76,300 - £85,000 depending on a combination of factors including level of experience and expertise, in addition to an OTE bonus.
Benefits include:
- Pension:on joining, employees will be automatically enrolled in our workplace pension scheme
- Holiday Entitlement: employees receive 25 days per holiday year plus all statutory bank and public holidays in England and Wales
- Private Medical Insurance: employees will be enrolled on to the company BUPA healthcare scheme
- Insurances: Life Insurance and Critical Illness cover are provided to all employees
- Carbon Offset:Employees will be enrolled onto the company carbon offset scheme which is committed to offsetting at least 50% of all employee personal carbon emissions. All [Employer hidden] employees are entitled to £40 worth of carbon credits each year, which can offset 7 tonnes of carbon. Options are available to increase carbon credit amounts which would be treated as a benefit in kind.