Group Head of Governance, Risk & Compliance
The Group Head of Governance, Risk & Compliance (GRC) is responsible for leading the organisation’s global GRC strategy, ensuring effective risk management, compliance with applicable regulations, and robust governance frameworks.
The role requires a strategic leader with deep expertise in ITGC, enterprise risk, internal controls, and regulatory compliance, capable of influencing senior stakeholders and embedding a strong risk culture across the group. You will oversee the creation of risk and information security policies, lead the operationalisation of risk management processes, and help establish a company-wide risk-aware culture. You will drive the creation and maintenance of a robust, accurate, and actionable risk register, and set risk and security goals and obligations that demonstrate regulatory compliance.
Location: BL9 8RR
Working: Monday-Friday, 40 hours
What You’ll Be Doing (Responsibilities)
* Build and apply repeatable methodologies to monitor and manage the effectiveness of JD Sports’ information security function in response to evolving good practice and the threat landscape.
* Monitor Systems Integrator and third-party performance against contractual information security obligations and oversee all implementation activity.
* Define and implement the Group-wide GRC strategy, policies, and frameworks.
* Promote a strong risk and compliance culture throughout the organization.
* Ensure governance structures are effective, transparent, and aligned with industry best practices.
* Report regularly to executive management, the Audit Committee, and the Board on GRC performance, emerging risks, and ITGC effectiveness.
* Identify and drive opportunities for service improvements.
* Build and lead a high-performing GRC function, including compliance, risk, and ITGC specialists.
* Foster cross-functional collaboration with IT Security, Finance, Internal Audit, and Legal.
* Understand, manage, and mitigate risks while ensuring regulatory compliance and safeguarding information, IP, people, customers, shareholders and brand.
What We’re Looking For (Qualifications)
* Develop, communicate, and agree on an information security operations strategy to optimise investment and resources.
* A proven track record in team or departmental leadership.
* Understanding of measures and processes needed to enable large retail organisations to remain compliant with relevant laws and regulations.
* Strong analytical and problem-solving skills.
* Bachelor’s degree.
* 12+ years of progressive experience in governance, risk, compliance, or audit, with at least 5 years in a senior leadership role.
* Relevant certifications such as CISA, CRISC, CISM, CIA, or CISSP are strongly desirable.
About the Company & Benefits
The JD Group is a leading omnichannel retailer of Sports Fashion, Outdoors and Gyms with over 60,000 colleagues across 3,400 stores in over 30 markets. We are an equal opportunities employer and value an inclusive workplace culture. We offer benefits including: incremental holiday allowance, staff discount, exclusive colleague bike discount, discounted gym membership, personal development opportunities, and access to apprenticeships and accredited qualifications.
Seniority level
* Executive
Employment type
* Part-time
Job function
* Finance and Sales
* Industries
* Retail
Referrals increase your chances of interviewing at JD Sports.
Location: Devon, England, United Kingdom (as listed)
#J-18808-Ljbffr