**Job title:** **Head of Cybersecurity & Security Operations*** Lead the GRC and Information Risk function, ensuring enterprise-wide visibility of cyber and information risks.* Maintain oversight of the IT & Cyber Risk Register, ensuring risks are documented, owned, and mitigated within defined tolerances.* Drive security governance through policy, process, and risk-based controls.* Chair internal cybersecurity governance forums to review risks, progress, and control effectiveness.* Ensure compliance with internal and external audit, regulatory, and policy requirements.* Own the policy, standards, and control environment for cybersecurity, ensuring alignment to corporate governance requirements.* Lead third-party and supplier assurance, ensuring contractual security obligations and oversight mechanisms are in place.* Lead, mentor, and develop the cybersecurity, GRC, and information-risk team, including the Security Operations Analyst.* Provide clear goals, performance measures, and career development for direct reports.* Promote a culture of shared accountability, awareness, and proactive engagement across the business.* Represent cybersecurity at senior forums, providing authoritative guidance on risk and resilience.* Build internal capability through education, communication, and recognition of best practice.* 10+ years in cybersecurity leadership within a complex, multi-region organisation. Demonstrated success combining governance, architecture oversight, and operational management.* Deep understanding of cyber threats, enterprise technology, risk management, and security architecture across cloud, identity, and endpoint ecosystems.* Skilled in aligning to recognised frameworks (ISO 27001, NIST CSF, CIS Controls) and tailoring them to organisational maturity.* Experienced in enterpise risk management, audit engagement, and assurance reporting. Understanding of data-protection and corporate-governance codes.* Strong executive presence with ability to influence across functions and manage both internal and external teams through accountability and collaboration.* Excellent communicator; capable of briefing senior executives and the Board on cybersecurity posture, risk, and mitigation priorities.* Certifications (preferred) - CISSP, CISM, CRISC, or equivalent. Cloud-security or Microsoft-security certifications advantageous.
#J-18808-Ljbffr