GRC Manager

About Us

At Polaris, we're on a mission to create a safer and fairer world. We provide software solutions that empower police forces and local authorities to enforce and track traffic and parking offences, manage permits and licenses, and control high-risk assets like firearms and tasers.

Since securing support from August Equity in May 2023, we've been on an exciting growth trajectory. We've expanded our reach both in the UK and internationally, acquired key companies like Farthest Gate and JML Software Solutions, along with Clarity and invested heavily in our operations.

Our goal is to build a data-driven, professionally managed organisation with robust systems and processes, poised for consistent growth and ready to seize new opportunities. We've united our legacy brands under the Polaris name, creating a dynamic new identity that reflects our vision for the future.

This is an exciting time to join Polaris. We're seeking ambitious, forward-thinking individuals who are eager to make a real impact and grow their careers in a rapidly evolving industry. If you're ready to be part of a team that's shaping the future of public safety and compliance technology, we want to hear from you.

GRC Manager – Governance, Risk and Compliance

London – hybrid – 3 days per week in office

Full time

Reporting to Director of Strategic Operations

Summary

We're looking for a proactive and detail-oriented GRC Manager to develop, implement, and maintain our governance, risk, and compliance framework. You'll play a key role in ensuring the Polaris operates responsibly, meets regulatory requirements, and effectively manages operational and information security risks.

This role sits at the intersection of InfoSec and Strategic Operations. An ideal role for someone who enjoys implementing business-appropriate structure & process improvement, whilst balancing strategic problem-solving.

Key Responsibilities:

Security

• Lead and manage customer questionnaires and client audits

• Oversight of vulnerability management and ensure remediation across environments is in line with company policy

• Oversight of applicable SIEM and monitoring process to ensure that security response is in line with company policy

• Ensure that system and security documentation is in line with company policy and is audit-ready

• Review and work with the team to evidence physical and logical security of customer environments is in line with company policy

• Continually review our contractual commitments against what we do to ensure that we are compliant

• Represent security capabilities and processes in customer meetings and sales engagements to strengthen trust and win new business

Compliance

• Perform regular control assessments and track deficiencies

• Act as a trusted advisor to both internal leadership and external customers regarding our contractual, security and legislative obligations

• Ensure ongoing compliance with legal, contractual, and regulatory requirements, including GDPR and domain-specific obligations

Governance

• Create and own a process mapping approach and system for core business processes

• Act as the central coordinator for data protection and GDPR compliance. Standardise policies, processes, and reporting for consistent compliance practices

• Provide governance advice to senior leadership and enable transparent, informed decision-making

• Coordinate external audit processes, including ISO 27001, ISO9001

• Oversight of the asset register for all customer environments to support audits and effective control

Risk Management

• Manage project compliance risks (including privacy, compliance and security risks), proactively identifying issues before they escalate

• Assess and mitigate third-party and supply chain security risks, ensuring partners meet robust standards in line with company policy

• Oversight of change management processes, ensuring major software or infrastructure changes are performed in line with company policy

• Partner with business units to embed risk management into day-to-day decision-making

• Maintaining the Risk Register, tracking remediation tasks and preparing risk reports

Customer Engagement

• Serve as the internal point of contact for supporting customers on  process and  compliance issues

• Document and prepare communication around sub-processor, process or supplier changes for distribution to customers

We are looking for someone who:

• Excellent attention to detail, documentation, and organisational skills

• Proven experience in a Governance, Risk, Compliance, or Security leadership role, ideally in SaaS or highly regulated industries

• Strong knowledge of ISO 27001, ISO9001, GDPR, and police/public sector compliance frameworks

• Demonstrated ability to work with customers, auditors, and regulators at all levels

• Practical experience in defining and oversight of vulnerability management,  and change management processes

• Excellent communication skills able to translate complex process requirements into clear business value

• A proactive, structured, and detail-oriented mindset, with the ability to influence cross-functional teams

• Market rate salary
• 25 days annual leave
• 2 Moment in Time Days
• 1 Community Day
• Life Assurance 4 x base salary
• Private Pension with Scottish Widows
• Health Care Cash Plan
• Hybrid working model
• Length of service additional time
• Income protection
• Car lease scheme

Our business is an equal opportunities employer. We make recruitment decisions based on qualifications, skill sets, and experiences. We consider all suitable candidates regardless of their age, sex, gender reassignment, race, religious beliefs (or lack thereof), marital status, disability, sexual orientation, or any other protected characteristics.

Please note that we can currently only consider candidates with an existing right to work in the UK.