Job title: InformationSecurityManager: Governance, Risk and Compliance (GRC) Location: London or Newcastle Salary: London: Up to £80,000 per annum, Newcastle: Up to £70,000 per annum Type of contract: Full Time, permanent Working arrangement: Hybrid, on-site at London or Newcastle office 2 days per week minimum About the role We are seeking … an experienced InformationSecurityManager: GRC to lead our Governance, Risk, and Compliance functions. This role involves managing the NAO's certified ISMS, developing security policies, and transforming our security posture to support our strategic objectives. Key Responsibilities Leadership: Manage and develop the GRC team, build stakeholder relationships, and promote a positive security culture. GRC Management: Oversee security controls, ensure compliance, and manage third-party security assessments. ISMS: Maintain and improve the InformationSecurity Management System, certifications (ISO27001, Cyber Essentials Plus), and security policies. Risk Management: Identify, assess, and treat informationsecurity risks, maintaining the risk register and ensuring risk-aware decision More ❯
Company: Want to work for a global logistics leader that's seriously committed to informationsecurity? Whether it's powering global deliveries or enabling supply chains for some of the world's most renowned brands, they are here to stay. As an InformationSecurityRiskManager, you help enable all of this to happen … they play a critical role in international trade and modern e-commerce, meaning you will gain experience in industries that will remain relevant forever. Responsibilities: You will deal with risk management topics - assessments, analyses, planning, monitoring, reporting, etc. You will manage informationsecurity projects You will collaborate with technical IT teams to ensure company-wide compliance You … will aid with the improvement of the IT security architecture and implement IT security guidelines You will internally consult and advise on security best practices Required Skills: You have Professional English language skills You are experienced in (ISMS-based) risk management You have previously managed informationsecurity projects You have a solid understanding of More ❯
This position offers a unique opportunity to shape and lead the security strategy of a forward-thinking company. You will be at the forefront of protecting our digital assets in a rapidly evolving threat landscape, ensuring compliance with international standards, and fostering a culture of security awareness. You'll work closely with IT, compliance, and executive teams to … align security measures with business objectives. Responsibilities Risk Assessment: Conduct thorough risk assessments to identify vulnerabilities, threats, and potential impacts on information security. Strategy Development: Develop and implement risk management strategies, policies, and procedures to mitigate identified risks. Compliance: Ensure adherence to GDPR, ISO 27001, and other relevant regulatory requirements. Incident Management: Lead the response … to security incidents, including root cause analysis and the implementation of corrective measures. Stakeholder Communication: Regularly report on security risks, incidents, and compliance to senior management and board members. Training: Oversee security awareness programs to educate employees about security best practices. Vendor Management: Assess third-party security risks and manage security in vendor relationships. More ❯
