InfoSec Manager (Governance, Risk and Compliance) - £55-60k
Posted 6 days 1 hour ago by Exalto Consulting
InfoSec Manager (Governance, Risk and Compliance)
Are you a skilled professional in information security governance, risk, and compliance looking for a new challenge? We're seeking a Governance, Risk and Compliance Manager to lead and enhance our governance framework within our IT and Digital Directorate, based in Manchester.
About the Role:
As the Governance, Risk and Compliance Manager, you'll support the strategic goals of our IT and Digital Directorate, overseeing information security, risk management, and compliance initiatives. You'll develop, implement, and maintain policies and frameworks that ensure our compliance with relevant legal, regulatory, and industry standards.
Key Responsibilities:
- Develop and own IT governance, risk, and compliance strategies, policies, and processes.
- Lead risk assessments, audits, and compliance checks to identify and mitigate potential security risks.
- Oversee a team of Information Security GRC Analysts, guiding them in implementing best practices and driving continuous improvement.
- Act as a central contact for enterprise IT governance, policy, and risk management, coordinating with internal and external stakeholders.
- Manage relationships with third-party suppliers to ensure compliance with IT security requirements.
- Qualifications: Relevant certifications such as CISSP, CISM, CRISC, CISA, or a degree in a related field.
- Experience: Extensive experience in IT audit, risk management, and/or cybersecurity. Demonstrated ability to manage relationships at strategic levels and lead audits.
- Knowledge: Strong understanding of audit standards, risk management, and control frameworks (ISO, NIST, COBIT, etc.).
- Skills: Exceptional communication, strategic planning, and team leadership skills, with the ability to convey complex security concepts to varied audiences.
- £55-60k + Excellent Pension
- Opportunities for professional growth in a supportive environment.
- A role within a team committed to safeguarding information assets and driving security excellence.