Head of GRC
Salary:
Opportunity type:
- Permanent
Location:
Specialism:
- Cyber Security
Date posted:
Opportunity reference:
Opportunity description
This vacancy has now expired. Please see similar roles below...
Stanton House are partnered with an international Engineering giant who are in the process of establishing an Information and Cyber Security offering in the UK, and they are looking to recruit a talented Head of Governance, Risk & Compliance.
They are a $10billion organisation who boast circa 80,000 employees in 400+ locations globally, and are now looking to build on an already stellar reputation of superior customer service and excellent professional delivery, bringing this to the EMEA region in the Security space. They boast a whole host of high profile and nationally critical clients and are looking for this successful individual to head up the GRC operations for the business.
Responsibilities
- Responsible for governance risk and compliance across all jurisdictions, both internally within the business and across all live programmes with their client base in the EMEA region
- Design, establish and deliver a multi-generational Governance, Risk and Compliance strategy
- Provide strategic systems leadership and roadmap for GRC software solutions, initiating with technical vendor evaluation and selection
- Identify and establish process improvements and automation opportunities to simplify, standardise and improve compliance
- Ensure all changes to policies, procedures, projects and regulations are fully embedded within the business and, where appropriate, that the appropriate testing is undertaken
- Effectively communicate GRC program updates and progress to executive leadership, process leads and key stakeholders.
- Establish internal relationships with strategic business partners across both EMEA and America
- Develop and maintain the risk management and compliance functions of the ISMS
- Lead and manage a team of risk and compliance consultants
- Orchestrate external audits and facilitate internal audits
- Develop a process for addressing gaps, issues and findings for risk management including remediation of control deficiencies
- Responding to regulatory consultations to ensure that the implications of the proposal and any issues around implementation are understood
- Acting as the central point of reference for risk related queries
Qualifications/Requirements
- Extensive Governance, Risk, Compliance, and/or Audit experience within Information Security
- CISA, CRISC and/or CGEIT Certified
- Possess strong verbal & written communication skills including the ability to present technical subjects to non-technical audiences.
- Awareness of industry trends and developments
- Strong critical thinking and group facilitation skills, specifically in large or complex problem settings
- Proven ability to lead, motivate and build teams that deliver services and solutions that surpass client expectations
- Comprehensive knowledge of common information security frameworks, risk management, control audit, and reporting standards and practices including ISO27001, NIST, SOC2, CSA
- Thorough understanding or risk management principles and methodologies
- Proven experience working with document management and GRC tools
- Ability to transform abstract regulatory requirements into cohesive compliance actions
- Strong work ethics, attention to detail, and people management skills
- Ability to multi-task and manage priorities in a fast-paced environment
- Eligible for top level security clearance