The median GRC Manager salary in United Kingdom is £124K in 2026, with a typical range from £62K to £152K. Year-on-year movement is still building as more matched salary data is published. United Kingdom currently leads city pay at £124K.
What does A GRC Manager do?
A GRC Manager is responsible for leading the information security governance, risk, and compliance function, owning the risk framework, compliance programme, and policy estate, and reporting to the CISO on the organisation's risk posture.
Day-to-day responsibilities
- Managing the enterprise information security risk register and risk treatment plans
- Overseeing ISO 27001
- GDPR
- DORA
- NIS2
- SOC 2 compliance programmes
Very High demand+22% ISO 27001 Lead Implementer+24% DORA (Digital Operational Resilience Act)+19% GDPR and Data Protection