Director of Trust, Risk, Assurance and Compliance
Director of Trust, Risk, Assurance and Compliance
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
The Information Security (InfoSec) team at Informa is dedicated to protecting the organisations information assets and ensuring the confidentiality integrity and availability of data. The team is responsible for implementing and maintaining robust security measures policies and procedures to safeguard against cyber threats and vulnerabilities. The InfoSec team works collaboratively with our business to embed security practices and awareness ensuring that security is an integral part of Informas business operations.
The Director of Trust Risk Assurance and Compliance (TRAC) is a senior position within the Information Security team and will lead Informas trust risk assurance compliance and security culture initiatives / advocacy. This role will contribute to the companys digital transformation and customer engagement initiatives under One Informa. This role will be responsible for developing implementing and maintaining a comprehensive information security governance framework risk management processes compliance to protect our data and systems and will act to increase engagement effectiveness and the embedding of security into the company culture. The Director will ensure that Informas security framework aligns with customer expectations regulatory requirements and industry standards while also managing risks and reporting status to management teams and relevant forums
Key Areas of Responsibility/Accountability
- Strategic Execution: Execute strategic initiatives that align to One Informa InfoSec strategy and the TRAC goals with Informas broader business objectives. Foster a culture of shared purpose and accountability across all TRAC teams.
- Stakeholder Engagement: Act as a liaison between the CISO and other functions facilitating communication and cooperation across Informa. Strengthen cross-functional partnerships to TRAC practices and awareness throughout the organisation.
- Governance: Develop and implement the principles policies standards and procedures relating to information security governance. Ensure that the organisations security framework aligns with regulatory & compliance requirements and industry standards.
- Risk Management: Implement a robust risk management and escalation process through quantitative and qualitative measures. Ensure stakeholders are aware of any risks/issues and delays on security initiatives and their impact. Track and measure the performance and benefits of the security portfolio using key performance indicators metrics and dashboards.
- Compliance: Ensure that the organisation delivers within its risk appetite to relevant regulatory & compliance requirements and industry standards. Conduct regular reviews / audits and assessments to identify and address any compliance gaps.
- Reporting and Metrics: Own and execute the reporting for executive leadership. Develop or enhance key risk indicators (KRIs) for governance risk and compliance initiatives and ensure consistent reporting cycles that provide actionable insights on InfoSec performance. Implement and deliver Objectives and Key Results (OKR) for the TRAC pillar.
Key Outputs and Outcomes:
- Strengthen business engagement and TRAC value.
- Improve decision-making efficiency and outcomes.
- Enhance reporting cycles and quality.
- Lead the delivery of TRAC projects with excellence.
- Optimise resource allocation and demand management within the pillar.
- Drive data-driven decision-making through metrics reporting.
- Ensure successful realisation of the Group InfoSec & TRAC vision.
- Improved audit readiness and control maturity through automation and rationalisation of controls.
Measures of Success:
- Alignment with Group InfoSec Strategy & Goals: Ensure that all TRAC initiatives are delivered in alignment with the Group and InfoSec strategy and goals.
- Delivery Time Cost & Quality: Successfully deliver TRAC projects within the agreed timeframes budget and quality standards.
- Commercial & Financial Measures: Demonstrate the commercial and financial impact of TRAC initiatives through improved cost efficiency revenue protection and risk mitigation.
- Enhanced Security Culture: Foster a strong security culture within Informa evidenced by increased employee engagement awareness and adherence to security policies and practices.
- Compliance: Manage and achieve a measurable reduction in compliance risk through proactive risk management and mitigation strategies. Then maintain compliance with relevant regulatory requirements and industry standards as evidenced by successful audit outcomes and minimal compliance gaps.
- Stakeholder Satisfaction: Ensure high levels of satisfaction among internal and external stakeholders through effective communication collaboration and delivery of TRAC initiatives.
- Innovation and Continuous Improvement: Drive innovation and continuous improvement within the TRAC pillar evidenced by the adoption of new technologies processes and best practices.
Qualifications :
What were looking for
Experience
The ideal candidate profile will include the following points:
- Experience in a similar role in a large international organisation
- In-depth understanding of strategic business risks and wider security and data protection landscape.
- The ability to interact with Informa colleagues build good relationships at all levels and across all business units and organisations and the ability of influence stakeholders of all levels
- Excellent verbal written and interpersonal communication skills. Listens and communicates technical subjects to both technical and nontechnical audiences flexes style to suit the needs of the audience.
- Strong skills as a negotiator to facilitate commitment to and sign-off on appropriate levels of residual risk from senior leadership.
- Ability to work with others effectively with 3rd parties internal teams and international business units promoting knowledge sharing within and across teams.
- Demonstrable experience of leading and motivating cross-functional interdisciplinary teams to achieve tactical and strategic goals in a matrixed organisational structure.
- Highly self-motivated and directed with keen attention to detail.
- A good understanding of Security & regulatory frameworks including ISO27001/NIST/SANs/SOX.
- Candidates should be working in the security industry or certified if one or several areas of security ideally including Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Systems Security Certified Professional (SSCP)
Key Competencies:
- Strategic Thinking.
- Leadership and Team Management.
- Project Management.
- Stakeholder Engagement.
- Communication and Reporting.
- Resource Management.
- Change Management.
- Risk Management.
- Financial Management.
If you are passionate about information security and have a strong background in governance risk management and compliance we encourage you to apply and join our team in protecting Informas critical assets and information.
Additional Information :
We work hard to make sure Life at Informa is rewarding supportive and enjoyable for everyone. Heres some of what you can expect when you join us. But dont just take our word for it see what our colleagues have to say at
Our benefits include:
- Freedom & flexibility: colleagues rate us highly for the flexibility and trust they receive and most of us balance time in the office with time working remotely
- Great community: a welcoming culture with in-person and online social events our fantastic Walk the World charity day and active diversity and inclusion networks
- Broader impact: take up to four days per year to volunteer with charity match funding available too
- Career opportunity: the opportunity to develop your career with bespoke training and learning mentoring platforms and on-demand access to thousands of courses on LinkedIn Learning. When its time for the next step we encourage and support internal job moves
- Time out: 25 days annual leave rising to 27 days after two years plus a birthday leave day and the chance to work from (almost!) anywhere for up to four weeks a year
- A flexible range of personal benefits to choose from plus company funded private medical cover
- A ShareMatch scheme that allows you to become an Informa shareholder with free matching shares
- Strong wellbeing support through EAP assistance mental health first aiders a healthy living subsidy access to health apps and more
- Recognition for great work with global awards and kudos programmes
- As an international company the chance to collaborate with teams around the world
Were not solely focused on a checklist of skills. We champion energy and ambition and look for colleagues who will roll their sleeves up join in and help make things happen. If it sounds like a match and you have most although not all of the skills and experience listed we welcome your application. At Informa youll find inclusive experiences and environments where all perspectives and backgrounds are welcomed. As part of this approach and our diversity and inclusion commitments we are also formally an Equal Opportunities Employer. This means we base decisions on relevant qualifications and merit and do not discriminate on the basis of key characteristics and statuses including all of those protected by law. Ask us or see our website for full information. See how Informa handles your personal data when you apply for a job here
Remote Work :
No
Employment Type :
Full-time
Employment Type
Full-time
