Information Technology Governance Manager in Preston

Lead the Governance, Assurance & Trust Strategy for a Growing Global Organisation. An exciting opportunity has arisen for an experienced Digital Trust Manager to join a rapidly growing international organisation and take ownership of its digital trust, governance, risk and assurance capability. This is a highly visible role where you'll be responsible for ensuring the organisation can demonstrate trust, compliance and security across its technology estate, supporting thousands of employees, multiple operational sites and a complex international footprint. You'll own the management systems, policies, audits, certifications and assurance activities that prove the business is secure, compliant and trusted by customers, regulators and stakeholders alike. If you're passionate about governance, risk management, compliance and building robust assurance frameworks that stand up to scrutiny, this could be the ideal next step in your career.

The Opportunity

Reporting into senior security leadership, you'll become the driving force behind the organisation's Digital Trust function, leading the design, implementation and continual improvement of governance, risk and assurance programmes. You'll work closely with teams across Technology, Security, Legal, Procurement, HR, Compliance and Operations, helping ensure security, privacy and trust remain embedded in every aspect of the business. This is an opportunity to shape and influence digital trust strategy while working within a fast-paced and highly collaborative environment.

Key Responsibilities

• Digital Trust & Governance
  • Own and continually improve the Digital Trust Management System.
  • Develop and maintain security policies, standards and governance frameworks.
  • Manage policy lifecycle processes, stakeholder engagement and exception management.
  • Drive security awareness, training and culture programmes across the organisation.
  • Support major transformation initiatives, system onboarding activities and organisational change programmes.
  • Own and manage the enterprise security risk register.
  • Lead risk identification, assessment, treatment and governance processes.
  • Translate technical and operational risks into meaningful business language.
  • Facilitate governance forums, risk reviews and decision-making processes.
  • Provide regular reporting and insight to senior leadership and governance stakeholders.
• Audit, Compliance & Certification
  • Manage audit and certification programmes across recognised industry standards and frameworks.
  • Coordinate internal and external audits, surveillance reviews and recertification activities.
  • Maintain audit-ready evidence repositories and compliance documentation.
  • Oversee remediation programmes and ensure timely closure of audit findings.
  • Drive continual improvement across governance and compliance activities.
• Third-Party Risk & Client Assurance
  • Lead supplier security and third-party risk management programmes.
  • Conduct supplier assessments and oversee security assurance activities.
  • Manage client security questionnaires and assurance requests.
  • Produce evidence packs, trust artefacts and compliance documentation for customers and stakeholders.
  • Partner with Procurement, Legal and operational teams to ensure security requirements are embedded throughout supplier lifecycles.
• Leadership & Stakeholder Engagement
  • Establish and maintain governance standards across the organisation.
  • Provide guidance and direction to operational teams delivering trust and compliance activities.
  • Build strong relationships across technology, security and business functions.
  • Communicate complex governance, compliance and risk matters in a clear and engaging way.
  • Represent the organisation with customers, auditors, suppliers and external stakeholders when required.

About You

You'll be an experienced governance, risk and compliance professional who enjoys creating structure, driving assurance and improving organisational trust. Experience in one or more of the following areas:

• Digital Trust Governance, Risk & Compliance (GRC)
• Information Security Compliance Assurance

Strong knowledge of frameworks and standards including:

• ISO 27001
• ISO 27701
• ISO 22301
• NIST CSF
• NIS2
• UK GDPR

Experience designing, managing or improving an ISMS or equivalent governance framework. Experience managing enterprise risk registers and governance processes. Experience supporting or leading internal and external audits. Experience managing third-party risk and supplier assurance programmes. Experience responding to client assurance and security questionnaire requests. Ability to influence stakeholders and coordinate delivery across multiple teams. Strong communication skills with the ability to translate technical risks into clear business language.

ISO 27001 Lead Auditor or Lead Implementer. CISSP, CISM, CRISC or equivalent certifications. Privacy qualifications such as CIPP/E or CIPM. Experience within regulated, infrastructure, utilities, telecoms or critical services environments. Experience using GRC, audit or risk management platforms. Experience leading enterprise-wide security awareness and culture programmes. Exposure to client assurance within highly regulated sectors.

Why Join?

This role offers the opportunity to become a key contributor to an organisation's trust, governance and compliance strategy at a time of significant growth and transformation. You'll have the chance to influence senior stakeholders, shape governance frameworks, drive certification programmes and help build a best‑in‑class digital trust capability that supports business growth and customer confidence.