7 of 7 GRC Jobs in the Thames Valley

you possess the following?: Proven related experience in cybersecurity risk management in organizations of a similar scale. Experience in the identification and evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber More ❯

implementation of data classification methodologies to ensure appropriate protection based on sensitivity and importance. The role will be based in Reading and will report directly to the Head of Governance, Risk and Compliance, working to deliver the company's goals for a fit-for-purpose critical asset and classification framework. This is a role that requires independence, a proactive approach … risk management practices. Desirable Technical Skills & Qualifications: Industry Certifications: Certifications such as CISSP, CISM, or CISA. Key Relationships & Interactions: CISO direct reports: Security Operations Manager, Security Architecture Manager, Security Governance Manager, Cyber Security Programme Manager, Cyber Resilience Manager CIO and CIO Direct Reports: Operational Technology, Enterprise Architects, PMO and Programme Delivery, Business Change and Engagement Key Business Stakeholders Service Owners More ❯

packaging solutions, paper products and recycling services in more than 30 different countries across EMEA with over 30,000 colleagues. About the role Reporting to Head of I&T GRC, Governance and Risk Lead will be responsible for driving information and cyber security awareness, delivering security awareness training including phishing and facilitation of cyber scenario desktop simulations across central and … risk register, tools, process, reporting and review. You will take responsibility for managing a subset of aspects of ISO 27001 related documentation and control activities. As the I&T Governance and Risk Lead you will have the responsibility of aspects of the I&T GRC scope, delegated and assigned by the Head of I&T GRC. Key Accountabilities Engage with More ❯

various tools and activities. Manage and improve Three's Security Exception process. Work effectively with Enterprise risk and compliance functions to escalate enterprise-level Technology and Security risks. Operate GRC tools for Risk Management to record, track, and monitor risks and controls. Support ongoing education and awareness activities related to Security policies, Risk management frameworks, and governance across the company. More ❯

with senior leadership and DTS teams to identify and address emerging threats. Represent the organisation in external networks and vendor relationships to share best practices and influence product development. Governance, Risk & Compliance Ensure technical security risks are documented and managed within the risk register. Own and manage services/processes in line with ITSM best practices. Maintain and review operational More ❯

with senior leadership and DTS teams to identify and address emerging threats. Represent the organisation in external networks and vendor relationships to share best practices and influence product development. Governance, Risk & Compliance Ensure technical security risks are documented and managed within the risk register. Own and manage services/processes in line with ITSM best practices. Maintain and review operational More ❯

cyber threats. What You'll Do: Own and lead the BCP Transformation - designing and delivering a fit-for-purpose Cyber Resilience Framework embedded across the business. Work closely with Governance, Risk & Compliance (GRC) teams and run the workstream responsible for outlining and validating disaster recovery and incident response plans. Drive cross-functional collaboration with technology, legal, data privacy, crisis management … recovery plans , not just high-level frameworks. Ability to bring cyber and BCP worlds together - ideally with experience in organisations with complex or regulated environments. Confident working closely with GRC and other business-critical teams to align resilience planning with compliance and governance. A gregarious, articulate style - able to engage, influence, and gain trust across diverse stakeholders. A roll-up More ❯