Job Advert
Head of Cybersecurity Governance, Risk, and Compliance
Mostly remote working within the UK, with occasional travel to Oxford, Cowley (OX4 2GQ).
Salary: £70,000 per annum, plus car/car allowance, 33 days holiday, pension, life assurance, employee assistance programme, wellbeing support, and flexible benefits scheme.
About the Job
As the Head of Cybersecurity Governance, Risk, and Compliance, you will collaborate closely with business and technology teams to articulate and communicate the InfoSec governance program, identify risks, and evaluate and implement controls and improvements.
Your key responsibilities will include:
1. Managing the daily operations of the function and team.
2. Supporting the management of Information Security governance, ensuring adherence to Group policies and standards.
3. Identifying, addressing, and resolving key Information Security risks and issues promptly.
4. Working with the Director of Information Security to implement the Group security strategy and support divisional requirements.
5. Assisting in managing the Group’s Information Security Management System, including maintaining ISO 27001 certification.
6. Engaging with the IT Security Operations team and providing oversight and challenge.
7. Participating in security testing activities such as crisis planning and disaster recovery exercises.
8. Prioritizing and managing response activities.
9. Driving audit and client management activities related to Information Security, including client due diligence questionnaires.
10. Developing and analyzing security metrics to identify trends and improve controls.
11. Addressing general Information Security issues, liaising with Security Operations, Technology teams, and stakeholders.
12. Aligning bid requirements with existing InfoSec standards in collaboration with the Security Architect.
About You
We are looking for candidates with:
* Excellent written and verbal communication skills.
* Experience in a GRC function, IT Security/Cyber team, Internal Audit, or IT environment.
* Practical experience ensuring compliance with legal and regulatory frameworks, including ISO 27001.
* Risk management expertise.
* Strong leadership and communication skills, with the ability to motivate and manage a team.
Our recruitment process is designed to be fair and equal, based solely on competencies. We promote diversity and an inclusive environment where everyone feels safe and confident to perform at their best.
#J-18808-Ljbffr