Information Security GRC Lead - NIS2

We are seeking an experienced NIS2 GRC Lead to drive regulatory readiness and uplift across a global organisation. This role will translate NIS2 requirements into a clear, practical compliance programme with demonstrable outcomes.

Key Responsibilities

  • Consolidate existing assessments (NIS2, ISO 27001, risk, supplier, BC/DR) into a validated NIS2 compliance baseline.
  • Confirm scope and entity classification (Essential/Important) and map critical services, systems and suppliers.
  • Translate regulatory obligations into clear controls, evidence requirements and reporting expectations.
  • Develop and deliver a prioritised compliance roadmap across governance, process, technology and third parties.
  • Implement incident reporting processes (24h early warning, 72h notification, 1-month final report).
  • Strengthen supplier risk management and contractual security requirements.
  • Establish governance, KPIs, board reporting and audit readiness for regulator engagement.

Required Experience

  • Proven delivery of NIS2, NIS, DORA, ISO 27001 or comparable regulatory compliance programmes.
  • Strong ability to convert assessments into actionable remediation plans.
  • Deep understanding of risk management, incident response, supplier risk and operational security controls.
  • Confident working cross-functionally across Technology, Security, Legal, Procurement and Operations.

Deliverables

  • Consolidated NIS2 compliance baseline
  • Defined scope, classification and critical asset mapping
  • Detailed compliance roadmap (priorities, timelines, RACI, budget)
  • Incident reporting workflows and templates
  • Enhanced supplier security framework
  • Board-level dashboard and assurance plan
Apply Now
Apply Now

Job Details

Company
Barclay Simpson
Location
London Area, United Kingdom
Posted