Security Compliance and Governance Manager



Opportunity type:

  1. Permanent




  1. Cyber Security

Date posted:

09 Dec 2020

Opportunity reference:


Opportunity description

Role: Security Governance and Compliance Manager

Location: Berkshire, East Midlands, West Midlands, Manchester (full flexible working)

Type: Permanent

Security Governance and Compliance Manager

Stanton House are recruiting for a Security Governance and Compliance Manager, to join a UK leading Telecommunication business, who boast a £5bl turn over and a very strong customer brand.

This role sits in their Group Technology function will manage a team of Compliance and Governance Advisors.

Role responsibilities:

  • You will be accountable and responsible for providing compliance & governance guidance and advice for all areas of the business, excluding Finance
  • This role will include taking key decisions in compliance standard control mitigation, developing evidence scope with the business unit Director, and representing all departments at director level to ensure business units are ready for certification audits.
  • Carry out regular operational reviews of the business units in the division to ensure certification is maintained.
  • Work with business units to raise appropriate risks and ensure these are captured in the central register.

Specific requirements:

  • The ideal person will have strong knowledge of the governance / compliance standards, which include IS027001, CAS(T), PCI, etc
  • Strong stakeholder management experience and being able to strive in a complex matrix managed organisation
  • Identify and manage the actions required to ensure compliance to the required governance standards for each Business Unit
  • This person will operate the ISMS (information security management system) framework
  • Develops, implements, and monitors security policies and security controls in accordance with recognised best practice and in line with ISO27001
  • Provides subject matter expertise to the division and support projects across the division to ensure information security is embedded appropriately
  • Operates the information security management system framework
  • Responds to security incidents and breaches, conducts investigations, reports results and recommends mitigation strategies
  • Create a consistent approach to documentation, documentation repositories, evidence capture and compliance action management
  • Responsible for all new Operational process formatting and development.
  • Responsible for maintaining any compliance mitigation plans

Preferred education / qualifications / experience:

  • Certification to Lead / Implementer level for (ISO27001:2013, CAS-T, PCi or equivalent)
  • Internal compliance manager experience of at least 2 years