Join a Leading Semiconductor Company as a GRC & Cyber Risk Manager!
Our client is at the forefront of secure, scalable computing. As part of our Enterprise Security team, you’ll play a pivotal role in shaping how we manage cyber risk across their global operations and supply chain. This is a high-impact contract role for a technical risk expert who thrives in complexity and values innovation.
Contract Details
* Contract Length: 6 months (with potential extension)
* Daily Rate: £700 per day (inside IR35)
* Location: Cambridge (hybrid – twice per week on-site)
Key Responsibilities
* Lead and enhance Arm’s Information Security Risk Management Framework within ServiceNow IRM.
* Act as technical SME for ServiceNow IRM, embedding frameworks and best practices.
* Oversee third-party cyber risk assessments, contract reviews, and supplier monitoring.
* Conduct post-incident reviews and integrate lessons learned into the control environment.
* Develop and monitor Key Risk and Control Indicators to inform decision-making.
* Collaborate across Enterprise IT and Engineering to identify and manage service security risks.
* Support AI and automation initiatives to streamline GRC processes.
Key Requirements
* Proven hands-on experience with ServiceNow IRM and risk quantification methodologies.
* Strong knowledge of ISO 27001, NIST CSF, and NIST SP800-53.
* Certifications such as CRISC, CISM, CISSP, or FAIR are desirable.
* Excellent stakeholder management and communication skills.
* Experience in third-party cyber risk management and post-incident analysis.
* Background in large-scale technical environments (e.g., semiconductors); consultancy or financial sector backgrounds not preferred.
Start Date: ASAP