Governance, Risk, and Compliance Manager

Location: Plymouth / Exeter / Weston-Super-Mare (Hybrid working)

Salary: £45,000 - £50,000 p.a. plus performance bonus

Contract Type: Permanent, Full-time (37 hours per week)

Are you ready to play a critical role in shaping how we protect, govern and deliver secure IT services that support public sector excellence? We’re looking for a highly experienced Governance, Risk and Compliance (GRC) Manager to join our Technology Office and lead a team dedicated to keeping our services compliant, resilient and aligned with customer and regulatory expectations. You’ll be at the heart of our efforts to build trust, manage cyber and operational risks, and support certifications such as ISO 27001, DSPT and Cyber Essentials Plus.

This role is ideal for a strategic thinker with a passion for structure, improvement and assurance – someone who’s as comfortable working with auditors and regulators as they are mentoring a team or designing control frameworks.

What You’ll Be Doing

• You’ll be responsible for owning and delivering Delt’s approach to governance, risk and compliance – both internally and for our partners. That includes:
• Leading the design and continuous improvement of GRC frameworks, policies and controls.
• Managing a team of specialists and providing strong leadership, mentoring and support.
• Maintaining and assuring our compliance with regulatory frameworks, contractual obligations and security standards (e.g. ISO 27001, GDPR, Cyber Essentials Plus).
• Owning the corporate and customer risk registers, driving mitigation plans and supporting service owners.
• Preparing for and coordinating internal and external audits, and tracking follow-up actions.
• Developing dashboards and delivering reporting to internal leadership and customer boards.
• Supporting resilience planning, continuity testing and vendor risk assessments.
• Building customer trust through collaborative risk mitigation and transparent communication.

What You’ll Bring

• We’re looking for someone who can hit the ground running, with the credibility to work across all levels of the business and the confidence to shape how Delt delivers secure services in a complex, regulated environment.
• You should have:
• Proven leadership experience within GRC, risk management or cybersecurity governance.
• Expertise in developing and implementing policies, controls and assurance frameworks.
• Strong knowledge of information security and regulatory frameworks such as ISO 27001, DSPT, GDPR, ITIL, COBIT and Cyber Essentials.
• Excellent communication skills – both written and verbal – with the ability to translate risk concepts for technical and non-technical audiences.
• Demonstrated success in preparing for and managing external audits and compliance reporting.
• Experience working across internal teams and customer environments.
• Ideally, professional certifications such as CISSP, CISM or CISA (or working towards them).

Why Delt?

Delt exists to make a difference. We are a publicly owned private company – agile, innovative, and deeply connected to the communities we serve. Everything we do supports public sector organisations to deliver better outcomes, faster.

You’ll be working in a business that values integrity, transparency and shared success – with flexible working, generous benefits and a real sense of purpose.

Benefits include:

• Generous holiday allowance of 25 days plus bank holidays
• Up to 12 flex leave days a year
• Matched contribution pension scheme up to 10% of salary
• Life assurance scheme
• Opportunities to buy and sell leave
• Employee shopping savings portal
• Opportunities for training to be funded by Delt
• EV salary sacrifice
• Performance Related Pay
• Employee assistance programme supporting mental and physical wellbeing

Deadline for applications: Applications will be considered on a rolling basis, so please apply early. We reserve the right to withdraw this vacancy as suitable candidates are identified.