Governance, Risk and Compliance Specialist

Bring your SOC expertise to a global stage—collaborate, protect, and make a real-world impact

Work shouldn't just be something we do; it should have purpose. At Envision, we believe in creating life-changing outcomes through the work we do with our clients, giving back to our communities, while creating a company culture where our people thrive. We know that our success depends on employees who feel valued, appreciated, and supported, both professionally and personally. We believe success starts with a workplace where everyone feels valued, supported, and empowered to grow.

Being part of a collaborative team means there's no limit to what you can achieve. With us, you can be a part of a growing company you want to work for.

Our Vision: To unleash the power of combined intelligence to accelerate patient access to life-changing treatments.

Our Mission: Delivering smarter and faster solutions to create, communicate, and commercialize value for our clients.

Our Values: Excellence, People, Growth 

The opportunity

We're looking for a Governance, Risk & Compliance (GRC) Specialist to support the delivery of key initiatives that strengthen our global information security framework. Working alongside the GRC Lead, you'll partner with teams across the business to provide risk guidance, advise on compliance requirements, and help ensure consistent application of policies, processes, and procedures. This is a collaborative, global role where you'll play a vital part in enhancing Envision's security posture.

This great role can be based from either the UK, Serbia, Hungary or Portugal!

How will you make an impact at Envision Pharma Group?

Role responsibilities

• Support the GRC Lead in maintaining existing compliance accreditations and pursuing new ones as needed
• Monitor compliance with Envision's information security policies and standards
• Collate monthly information security reports, including KPIs and KRIs, to identify risks and opportunities
• Help implement and maintain GRC policies, processes, and procedures across the organisation
• Conduct risk assessments, track and report on information security risks
• Work with the GRC Lead to manage the information security risk register and meet regularly with risk owners
• Promote a risk-aware culture across Envision by enabling teams to manage security risks effectively
• Collaborate on third-party supplier information security assessments
• Assist in responding to RFPs and client security requirements

Do you have what we are looking for?

Skills & expertise

• Hands-on experience conducting audits against standards such as ISO 9001, ISO 27001, and SOC 1 & 2
• Strong understanding of compliance frameworks and regulations including GDPR, ISO 27001/9001, CIS, and others
• Familiarity with information security risk management methodologies, including ISO 27005 and ISO 31000
• Relevant security certifications (e.g. CISSP, CRISC, CIPP/E) - desired
• Proven ability to coordinate and maintain compliance programs across diverse teams and global functions
• Strong communication and presentation skills – both written and verbal
• Collaborative, flexible, and confident working with stakeholders at all levels, internally and externally
• Passionate about helping teams understand the value of compliance and how it supports the business

We offer an attractive total compensation benefits package designed to reward and support our people.

#TogetherWeDiscover

We turn vision into reality. Our people are integral to our success and our values reflect the Envision philosophy where our teamwork helps us all grow and our enthusiasm inspires each other.

Our Envisionary culture is a special environment that gives every employee a voice the space to invent and the chance to excel. A place where, every day, people laugh, think, take risks, and are excited about the possibilities the day brings.

Explore your place at Envision. If you have the experience highlighted above, we would love to hear from you!