Step into a pivotal role at the forefront of cyber security, driving impact for our client base!
We're looking for an experienced Governance, Risk & Compliance Manager to join our dynamic team. This is your opportunity to take a leading role in shaping and delivering robust security strategies that protect our clients and strengthen their resilience against evolving cyber threats.
As our new GRC Manager, you will be the driving force behind the implementation of our Information Security Management System (ISMS) for assigned clients. Your expertise will help organisations understand their security challenges and enable them to enhance their security posture. You'll lead from the front, fostering a culture of compliance and risk awareness across Sopra Steria, while delivering tangible value to our clients. This is a chance to make a real impact at the forefront of cyber security.
This is an office-based role, requiring 4-5 days per week at our Hemel Hempstead site.
We can offer great career progression opportunities, ability to be based anywhere across the UK, benefits which you can flex to meet your needs and training and development opportunities.
Implement ISMS strategy, policies and practices for assigned clients.
Deliver services aligned with ISO27001 standards
Provide regular reporting on ISMS effectiveness and operational performance.
Manage security operations in line with organisational policy, standards and industry best practice.
Conduct security risk and threat assessments (operational and system).
Engage with internal stakeholders and third-party providers on security, risk and privacy matters.
Respond to security incidents promptly, ensuring early identification and resolution.
Oversee threat detection, vulnerability management and remediation activities.
Represent security considerations in IT and process change assessments.
Maintain ISMS, Operational Security and Risk Assurance documentation.
Lead monthly client Security Working Group meetings and stakeholder sessions.
Ensure audit readiness and support internal/external audits.
Drive continuous improvement initiatives within Sopra Steria's security function.
GRC/Operational Security Manager experience with solid understanding and experience with security policies and standards
Technical proficiency and knowledge across the spectrum of information security solutions and operations
Knowledge of IT security solutions and their integration and operation into business systems and processes
Experience of security maturity and developing roadmaps aligned to the priorities of clients
Experience of ISO/IEC 27001 Compliance and Certification
CISSP, CISA or CISM certified or equivalent degree in Information Security
Employment Type: Full-time, Permanent
Security Clearance Level: DV
Benefits: £5,400 car allowance, 25 days annual leave with the option to buy additional days, private medical, life assurance, pension, and generous flexible benefits fund
Although this role is advertised as full-time, we believe that flexibility at work can promote work/life balance, increase your motivation, reduce stress and improves performance and productivity. We support different ways of working and can offer a range of flexible working arrangements. Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
We embrace difference as a source of creativity, innovation and competitive advantage and are striving to become a more diverse organisation. We are committed to equality of opportunity for all and do not discriminate on the basis of race, religion, colour, gender, age, disability, sexual orientation or marital status. We have partnered with Vercida, the UK's largest diversity and inclusion focused careers site, where all our vacancies are available in an accessible format.
We participate in the Disability Confident scheme and are committed to offering an interview to any candidate with a disability, who meets the minimum criteria for the role.