Oliver James has partnered with a industry leader who are currently looking for a Information Security GRC Manager to join the team.
Experience Required:
Lead information security governance, risk, and compliance efforts, drawing on solid management experience.
Apply deep knowledge of key security frameworks and regulations (ISO 27001, NIST, GDPR) to guide compliance.
Develop and implement risk assessments and mitigation plans to address identified threats.
Create clear documentation and reports, including audits, assessments, and gap analyses.
Oversee compliance with standards such as ISO 27001 and PCI-DSS, ensuring ongoing monitoring and delivery.
Communicate effectively with stakeholders at all levels, translating complex security concepts into business terms.
Stay informed on legal and regulatory requirements relevant to security, particularly in the housing sector.
Establish and maintain effective policies, standards, and controls for managing information security.
Build strong relationships with senior leaders and support a security-first culture across the business.
Responsibilities:
Own and maintain the information security governance and risk frameworks.
Define and track KPIs to measure how well security controls are performing.
Assess security risks and implement action plans to manage and reduce them.
Lead both internal and external security audits.
Evaluate the effectiveness of security measures across suppliers, systems, and products.
Communicate security policies, standards, and regulatory requirements across the business.
Support budgeting, procurement, and tender processes with security input.
