Head of Cybersecurity Governance Risk and Compliance

Head of Cybersecurity Governance Risk and Compliance

Mainly remote based working in the UK with travel to Oxford Cowley (OX4 2GQ) occasionally

70000 per annum plus car / car allowance 33 days holiday pension life assurance employee assistance programme wellbeing support and flexible benefits scheme

About the Job

As our Head of Cybersecurity Governance Risk and Compliance youll work closely with business and technology teams helping to articulate and communicate the InfoSec governance program identify risks and evaluate and help implement controls and improvements.

As part of your key responsibilities youll:

• Manage the day to day of the function and team
• Support the management of Information Security governance for the organisation ensuring adherence to Group policies and standards
• Ensure key Information Security risks and issues are identified addressed and resolved in a timely manner
• Work closely with the Director of Information Security to ensure Group security strategy is appropriately implemented and divisional requirements are understood and supported
• Assist in management of the Groups Information Security Management System including maintenance of the ISO 27001 certification
• Engage with the IT Security Operations team and assist the Director of Information Security in providing oversight and challenge to that function
• Participate in periodic security related testing activities (e.g. Crisis planning events DR exercises)
• Prioritise and manage response activities
• Drive the audit and client management aspects of the Information Security team including client due diligence questionnaires and help design more effective procedures in this space
• Improve and support relevant security metrics; analyse data identify trends and drive improvements to the control environment
• Assist in general Information Security related issues as required including potential interaction with the Security Operations team Technology teams and business stakeholders
• Working with the Security Architect ensure alignment of bid requirements with existing InfoSec standards and liaise with relevant teams for resolution where non-standard requirements are identified

About You

Wed love you to have the following skills and experience but please apply if you think youd be able to perform well in this role!

• Excellent written and verbal communication skills
• Previous experience within a GRC function IT Security/Cyber team Internal Audit or an IT environment
• Hands on practical experience of ensuring full compliance with legal & regulatory frameworks including ISO 27001
• Risk management
• Strong leadership and communication skills with the ability to motivate and manage a team

Our recruitment and selection process has been developed to ensure that it is consistent fair and provides equality of opportunity - all selection decisions are based solely on technical and behavioural competencies. We do not discriminate on the grounds of race colour or nationality ethnic or national origins sex gender reassignment sexual orientation marital or civil partnership status pregnancy or maternity disability religion or belief age or any other current or future protected characteristic as defined in the current Equality Act of England and Wales. As an organisation we also promote an environment which encourages diversity of characteristics and thought where you feel included safe and confident to be the best version of yourself and do your best work every day.

Required Experience:

Director