Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead governance, risk, and compliance for information security in client organisations.
- Company: Join a dynamic team focused on enhancing information security practices across various industries.
- Benefits: Enjoy flexible working options, competitive pay, and opportunities for professional growth.
- Why this job: Make a real impact by advising senior leaders on security risks and compliance strategies.
- Qualifications: Industry certifications like CISSP/CISM/CRISC and relevant experience are essential.
- Other info: This role is based in Belfast and offers a chance to work with top-tier stakeholders.
The predicted salary is between 48000 - 84000 £ per year.
The Information Security GRC Manager will be responsible for overseeing and managing the governance, risk, and compliance functions within client organizations. This individual will play a key role in ensuring the company's information security practices adhere to legal, regulatory, and industry standards while helping senior leadership mitigate risks and improve overall security posture. The role will involve working closely with senior stakeholders, advising them on risk-related issues, and implementing strategies that align with business goals and regulatory requirements.
Governance & Risk Management: Lead and oversee the organization's information security governance framework, ensuring compliance with relevant standards such as ISO 27001, NIST, and GDPR. Identify, assess, and monitor security risks and ensure proper risk management strategies are implemented. Develop and maintain risk registers and facilitate risk assessments across the organization. Advise senior stakeholders (C-suite, department heads) on the potential impact of security risks and recommend appropriate mitigation strategies.
Compliance Management: Manage the organization's compliance with legal, regulatory, and contractual obligations related to information security (e.g., GDPR, CCPA, HIPAA, SOX). Ensure that appropriate internal controls, audits, and assessments are conducted regularly to verify compliance with external regulations and internal policies. Lead and coordinate internal and external audits to validate compliance and identify areas for improvement.
Stakeholder Management & Reporting: Regularly engage with senior stakeholders to communicate risk exposure, provide recommendations, and report on the status of the security program. Prepare and deliver executive-level reports and presentations on security risks, compliance status, and mitigation efforts to the Board of Directors and C-suite. Act as a liaison between technical teams, management, and external parties (e.g., regulators, auditors) on matters related to security governance, risk, and compliance.
Policy & Procedure Development: Develop, implement, and update information security policies, procedures, and guidelines to align with industry best practices and regulatory requirements. Promote a culture of security awareness across the organization, ensuring policies are understood and adhered to at all levels.
Incident & Crisis Management: Collaborate with the incident response team to ensure that information security incidents are properly managed, documented, and reported in line with governance frameworks. Assist in the identification of vulnerabilities and develop strategies for responding to and recovering from security incidents. Stay abreast of the latest information security threats, trends, and compliance requirements. Identify areas for continuous improvement in governance, risk management, and compliance processes and implement appropriate changes.
As an ideal candidate, you will have an industry certification such as CISSP/CISM/CRISC. You will also have a proven track record of delivering in a similar role. Please note: This role is based in Belfast.
Information Security GRC Manager employer: Barclay Simpson
Contact Detail:
Barclay Simpson Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security GRC Manager
✨Tip Number 1
Familiarise yourself with the key regulations and standards mentioned in the job description, such as ISO 27001, NIST, and GDPR. Being able to discuss these frameworks confidently during interviews will demonstrate your expertise and understanding of the role.
✨Tip Number 2
Network with professionals in the information security field, especially those who have experience in governance, risk, and compliance. Attend industry events or webinars to connect with potential colleagues and learn about the latest trends and challenges in the sector.
✨Tip Number 3
Prepare to discuss specific examples from your past experiences where you successfully managed risk or compliance issues. Highlighting your achievements in these areas will help you stand out as a candidate who can deliver results in this role.
✨Tip Number 4
Research StudySmarter's current initiatives and values related to information security. Tailoring your conversation to align with our mission and demonstrating how you can contribute to our goals will make a positive impression during the interview process.
We think you need these skills to ace Information Security GRC Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in governance, risk, and compliance. Emphasise any industry certifications like CISSP, CISM, or CRISC, and detail your achievements in managing information security frameworks.
Craft a Compelling Cover Letter: In your cover letter, explain why you are passionate about information security and how your skills align with the responsibilities outlined in the job description. Mention specific examples of how you've successfully managed compliance and risk in previous roles.
Highlight Stakeholder Engagement: Demonstrate your experience in engaging with senior stakeholders. Provide examples of how you've communicated risk exposure and compliance status to C-suite executives and how you've influenced decision-making in your past roles.
Showcase Continuous Improvement: Discuss your approach to continuous improvement in governance, risk management, and compliance processes. Highlight any initiatives you've led that resulted in enhanced security posture or compliance outcomes.
How to prepare for a job interview at Barclay Simpson
✨Understand the Regulatory Landscape
Familiarise yourself with key regulations such as ISO 27001, NIST, GDPR, and others relevant to the role. Be prepared to discuss how these standards impact governance, risk, and compliance in an organisation.
✨Showcase Your Stakeholder Engagement Skills
Highlight your experience in engaging with senior stakeholders. Prepare examples of how you've communicated risk exposure and provided recommendations to C-suite executives or department heads.
✨Demonstrate Incident Management Experience
Be ready to discuss your involvement in incident response and crisis management. Share specific instances where you managed security incidents and the strategies you implemented for recovery.
✨Prepare for Policy Development Questions
Expect questions about your experience in developing and implementing information security policies. Think of examples where you promoted a culture of security awareness and ensured compliance across various levels of an organisation.
