Position Title: Head of Governance, Risk and Compliance (GRC), Info Sec – 12 Month FTC Reports to: Global CISO
The role will work in collaboration with Information Technology, Group Risk and Compliance, HR, Facilities and a number of third parties.
Take overall responsibility of information security risk and compliance
Produce and maintain a the Information Security governance and oversight target operating model
Produce policies and supporting governance material
Take ownership for the Information Security Risk management processes
Provide specialist Information Security input to IT and business operations
Ensure information security initiatives are up to date and security risks are identified and managed
Adhere to company and regulatory policies, procedures together with mandatory training requirements.
Experience developing and maintaining written security controls, compliance monitoring, and defining treatment strategies
Experience of Information Security risk management concepts
Experience of Information Security transformation programmes
Experience of in building and support incident management frameworks.
Experience of naturing and retaining a talent
Excellent writing and communication skills
Ability to consider the implications of process change and potential impact upon the strategies of the global business
Ability to maintain the integrity of process and approach, as well as controls, for the whole incident management process including the ability to co-ordinate and manage major/highly sensitive investigations with potential for business wide impact/reputational damage