GRC & Cyber Risk Manager - ServiceNow IRM

Join a Leading Semiconductor Company as a GRC & Cyber Risk Manager !

Our client is at the forefront of secure, scalable computing. As part of our Enterprise Security team, you’ll play a pivotal role in shaping how we manage cyber risk across their global operations and supply chain. This is a high-impact contract role for a technical risk expert who thrives in complexity and values innovation.

Contract Details

• Contract Length: 6 months (with potential extension)
• Daily Rate: £700 per day (inside IR35)
• Location: Cambridge (hybrid – twice per week on-site)

Key Responsibilities

• Lead and enhance Arm’s Information Security Risk Management Framework within ServiceNow IRM.
• Act as technical SME for ServiceNow IRM, embedding frameworks and best practices.
• Oversee third-party cyber risk assessments, contract reviews, and supplier monitoring.
• Conduct post-incident reviews and integrate lessons learned into the control environment.
• Develop and monitor Key Risk and Control Indicators to inform decision-making.
• Collaborate across Enterprise IT and Engineering to identify and manage service security risks.
• Support AI and automation initiatives to streamline GRC processes.

Key Requirements

• Proven hands-on experience with ServiceNow IRM and risk quantification methodologies.
• Strong knowledge of ISO 27001, NIST CSF, and NIST SP800-53.
• Certifications such as CRISC, CISM, CISSP, or FAIR are desirable.
• Excellent stakeholder management and communication skills.
• Experience in third-party cyber risk management and post-incident analysis.
• Background in large-scale technical environments (e.g., semiconductors); consultancy or financial sector backgrounds not preferred.

Start Date: ASAP