What you’ll be doing
as Head of Governance, Risk and Compliance (GRC)
1. Develop and implement the governance, risk, and compliance (GRC) strategy and framework across the Digital function, ensuring alignment with Thames Water’s regulatory obligations and organisational objectives.
2. Establish and monitor governance standards, processes, and controls across Digital to ensure compliance with regulatory requirements and internal policies.
3. Lead the identification, assessment, and mitigation of digital risks, ensuring appropriate controls are implemented, monitored, and regularly reviewed.
4. Schedule and oversee process audits, review audit outcomes, and support remediation activities to ensure continuous improvement in governance and compliance.
5. Embed and manage the Digital governance framework, including assurance monitoring, reporting, and performance tracking.
6. Develop, maintain, and communicate digital governance policies, standards, and procedures to ensure clarity and consistent adoption across teams.
7. Engage with internal and external auditors, regulators, and key stakeholders, representing the Digital function in all GRC-related matters.
8. Promote a culture of accountability, transparency, and continuous improvement within the Digital function by embedding GRC principles into everyday operations.
9. Support risk-informed decision making across the Digital function, contributing to investment decisions and ensuring risk positions are clearly understood.
10. Provide governance insights and reporting to the Digital Leadership Team and wider Thames Water leadership to support strategic planning and operational oversight.
Base location – Hybrid – Clearwater Court, Reading.
Working pattern – 36 hours Monday to Friday.
What you should bring to the role
11. Proven experience in governance, risk, and compliance within a digital or technology-led environment, ideally within a large and complex organisation.
12. Demonstrated ability to lead, influence, and engage senior stakeholders, translating complex governance and regulatory requirements into practical and effective solutions.
13. Experience managing teams and driving cultural change in relation to governance, risk awareness, and compliance practices.
14. Experience designing and implementing governance frameworks, policies, and processes from the ground up to support organisational and regulatory objectives.
Technical experience and skills
15. Strong knowledge of governance, risk, and compliance frameworks relevant to digital and technology environments.
16. Understanding of digital risk management methodologies, including risk identification, assessment, mitigation, and reporting processes.
17. Experience establishing governance controls, assurance monitoring, and audit processes within digital or IT environments.
18. Strong understanding of regulatory compliance requirements affecting digital and technology operations.
19. Ability to interpret regulatory expectations and translate them into effective operational policies and procedures.
Desirable qualifications and experience
20. Experience in vendor risk management and third-party assurance processes.
21. Familiarity with emerging technologies such as cloud computing, artificial intelligence, and cybersecurity trends and their implications for digital governance and compliance.
What’s in it for you?
22. Competitive salary up to £95,000 per annum, depending on experience.
23. Car allowance - £5,800
24. Annual Leave - 26 days holiday per year, increasing to 30 with the length of service. (plus bank holidays).
25. Performance-related pay plan directly linked to both company and individual performance measures and targets.
26. Generous Pension Scheme through AON.
27. Access to lots of benefits to help you take care of yourself and your family’s health and wellbeing, and your finances – from annual health MOTs and access to physiotherapy and counselling, to Cycle to Work schemes, shopping vouchers and life assurance.