Cyber GRC Engineer

Salford City Council is undertaking a bold and transformative shift to become an AI-first organisation through our strategic initiative, Programme Halo. As part of this future-focused journey, we are committed to embedding emerging technologies responsibly, ethically, and securely across our services.

We are seeking a highly motivated, detail-oriented, and ethically grounded Cyber GRC Engineer to support this transformation, with a strong emphasis on governance, risk, and compliance (GRC) relating to both cyber security and AI governance.

This specialist role is pivotal in strengthening Salford City Council’s security posture. The Cyber GRC Engineer will lead on developing, implementing, and maintaining robust GRC frameworks and controls, ensuring compliance with evolving cyber and AI-specific regulations and guidance.

You will work across departments to ensure internal security policies, risk management strategies, and governance frameworks are aligned with legislative obligations and ethical AI practices.

• Design, implement and maintain comprehensive GRC frameworks (e.g. ISO/IEC 27001, Cyber Essentials Plus, NCSC guidance, NIST CSF, CAF).
• Undertake organisation-wide cyber risk assessments and develop appropriate mitigation strategies.
• Maintain the enterprise risk register and co-ordinate regular reviews.
• Develop and enforce information security and AI governance policies in collaboration with other departments.
• Ensure compliance with UK legislation (e.g. GDPR, Data Protection Act 2018) and track any regulatory changes impacting Council systems.
• Lead on the development of governance policies to ensure the safe and ethical use of AI within Council services.
• Identify and mitigate risks associated with algorithmic bias, discrimination, explainability, and accountability in AI systems.
• Conduct regular reviews of AI systems for ethical, bias, and security issues and co-ordinate remediation actions.
• Support internal and external audit processes and manage post-audit follow-ups.
• Implement and manage GRC tools and systems to automate processes and improve efficiency.
• Produce reports and dashboards to present the Council’s risk posture and AI governance metrics to senior leadership.
• Deliver staff training and awareness programmes on cyber security and responsible AI use.
• Oversee supplier risk assessments, including reviewing their use of AI technologies.

Education & Certifications

• A degree or equivalent experience in a related field (e.g. Cyber Security, Computer Science, Risk Management).
• Desirable certifications include: CISSP, CISM, CRISC, CISA, ISO 27001 Lead Implementer/Auditor, or BCS GRC qualifications.

Technical Competencies

• Solid understanding of security frameworks (e.g. ISO 27001, NIST, NCSC 10 Steps, CIS Controls).
• Practical experience with GRC platforms and cyber security tools.
• Strong working knowledge of UK compliance frameworks (e.g. GDPR, DPA 2018).
• Familiarity with AI governance and regulatory developments (desirable).

Professional Experience

• At least 3 years’ experience in cyber security, risk management, or GRC roles.
• Experience working collaboratively in multi-disciplinary teams and regulated environments.

• Curious and research-driven, with a passion for continuous improvement.
• Ethically grounded, with a commitment to inclusive and responsible technology use.
• Excellent communicator, able to explain technical concepts to non-specialist audiences.
• Results-oriented and passionate about improving public services through innovation.
• Analytical, detail-focused and confident in presenting complex data clearly.

• The opportunity to work at the forefront of ethical AI implementation in local government.
• A supportive and innovative working culture that values security, integrity, and inclusion.
• Flexible working arrangements and generous annual leave.
• Professional development support, including training and certification opportunities.

If you’re ready to shape the future of ethical, secure digital public services, we want to hear from you.

• Apply now and become a key driver in Programme Halo—helping Salford City Council lead the way as an AI-first organisation.