Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cyber governance, risk, and compliance initiatives to ensure security and regulatory adherence.
- Company: Join SGN, a leader in innovative energy solutions and net-zero research.
- Benefits: Enjoy a competitive pension, enhanced parental leave, life assurance, and more.
- Why this job: Make a real impact in cyber security while driving change in the gas industry.
- Qualifications: Degree in a relevant field and 5 years of cyber security experience required.
- Other info: Diverse backgrounds encouraged; we value unique perspectives and experiences.
The predicted salary is between 80000 - 100000 £ per year.
As a strategic leader in Governance, Risk and Compliance, you will guide SGN’s cyber security and regulatory approach, ensuring our operations remain secure, resilient and fully compliant.
- Governance, Risk & Compliance (GRC) Leadership: Lead and manage the GRC team, aligning cyber and business goals while ensuring compliance with NIS-R, ISO27001/2, and NIST-2. Oversee delivery plans, resource allocation, and stakeholder engagement for GRC initiatives.
- Training & Awareness: Develop and maintain SGN’s Information Security training and awareness materials. Integrate lessons learned from incidents and address feedback from training delivery.
- Information Security Policy & ISMS: Maintain a robust portfolio of security policies, standards, and procedures to support ISO27001, NIST, and NIS eCAF compliance. Ensure policies are current, reviewed regularly, and approved by key stakeholders. Manage SGN’s Information Security Management System (ISMS) and policy exceptions.
- Compliance & Assurance: Monitor and report on compliance across SGN and third-party partners. Lead assurance reviews and support internal/external audits for ISO27001, NIST, and NIS. Own NIS submissions to OFGEM and support regulatory consultations and audits.
- Risk Management: Oversee risk assessments and reporting across Cyber, OT, and Gas Control. Establish and enforce risk management processes and reporting to the CISO.
- Advisory & Stakeholder Engagement: Provide expert advice on information security risks and controls. Maintain relationships with external bodies and represent SGN in relevant forums.
- Performance & Reporting: Oversee security performance indicators and ensure timely reporting to internal and external stakeholders. Manage bi-monthly phishing tests and remediation actions.
- Regulatory & Funding Support: Ensure compliance with legal and regulatory changes, advising on business impact. Support funding documentation for RIIO2 & RIIO3 programmes. Track and report on audit actions and outcomes.
Required Qualifications: The individual should be educated to degree level in a relevant discipline. Must be one of CISM/CISSP/CISA/TOGAF/CRISC. Must have 5 years’ cyber security experience. Must have proven expertise in Compliance Management, Information Security Risk and Audit.
Individual Competencies: Excellent understanding and hands‑on experience of working with Regulators and providing compliance updates for an OT environment. Excellent understanding of the NIS Regulations and the NCSC Cyber Assessment Framework. Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC security principles, NIST Framework, ISO 27001, ISO27005, IEC62443 etc. Excellent command of written English. Strong interpersonal and relationship building skills. The role will require Security Clearance.
Not sure you meet every requirement? Research shows some people – particularly women and those from under‑represented backgrounds – may hesitate to apply unless they meet every criterion. At SGN, we value diverse backgrounds, experiences and perspectives. If this role interests you but you’re not sure you tick every box, we’d still love to hear from you. You might be just who we’re looking for – now or in the future.
Why SGN? SGN is a leader in pioneering research and development toward a net‑zero energy system. Our cutting‑edge technologies and innovative thinking are driving change in the gas industry, all while keeping people safe and warm.
If you require any accommodations or support during the application process, reach out to us. We’re here to help ensure an inclusive and accessible experience for everyone.
Head of Cyber Governance, Risk and Compliance in London employer: Cornerstone
Contact Detail:
Cornerstone Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of Cyber Governance, Risk and Compliance in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend events, and connect on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their approach to Governance, Risk, and Compliance, and think about how your experience aligns with their goals. This will help you stand out as a candidate who truly gets them.
✨Tip Number 3
Practice your pitch! Be ready to explain your experience in cyber security and compliance clearly and confidently. Highlight specific achievements that demonstrate your leadership and expertise in the field.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love hearing from candidates who are genuinely interested in joining our team at SGN.
We think you need these skills to ace Head of Cyber Governance, Risk and Compliance in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Head of Cyber Governance, Risk and Compliance role. Highlight your experience with compliance management and cyber security frameworks like ISO27001 and NIST. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber governance and how your background makes you a perfect fit for SGN. We love seeing genuine enthusiasm and a clear understanding of the role.
Showcase Your Achievements: Don’t just list your responsibilities; showcase your achievements in previous roles. Whether it’s leading a successful compliance initiative or improving security policies, we want to know how you’ve made an impact in your past positions.
Apply Through Our Website: We encourage you to apply through our website for the best experience. It’s straightforward and ensures your application gets to the right people. Plus, you’ll find all the info you need about us and the role!
How to prepare for a job interview at Cornerstone
✨Know Your Frameworks
Make sure you’re well-versed in the key frameworks mentioned in the job description, like NIS, ISO27001, and NIST. Brush up on their principles and how they apply to cyber governance, risk, and compliance. This will show that you’re not just familiar with the terms but can also discuss them intelligently.
✨Showcase Your Leadership Skills
As a Head of GRC, you’ll need to lead a team effectively. Prepare examples of how you’ve successfully managed teams in the past, particularly in high-pressure situations. Highlight your ability to align cyber security goals with business objectives, as this is crucial for the role.
✨Prepare for Scenario Questions
Expect scenario-based questions that test your problem-solving skills in real-world situations. Think about past incidents you’ve handled and be ready to discuss what you did, what worked, and what you learned. This will demonstrate your practical experience and strategic thinking.
✨Engage with Stakeholders
The role involves significant stakeholder engagement, so be prepared to discuss how you’ve built relationships with external bodies or regulators. Share specific examples of how you’ve communicated complex information security risks to non-technical stakeholders, showcasing your interpersonal skills.