Head of IT Risk & Compliance

Direct message the job poster from ISS Facility Services UK

Head of Executive Recruitment – Omni RMS

Head of IT Risk & Compliance

Hybrid Role

ISS have a new and exciting role for an experienced Head of IT Risk and Compliance to lead our UK & Ireland organisation in managing and mitigating IT-related risks while ensuring compliance with all relevant regulations and standards. As a newly created role within the business, this position offers the opportunity to engage in various projects across a large and complex organisation.

The ideal candidate will have a strong background in IT security, risk management, and regulatory compliance, with the ability to develop and implement effective strategies aligned with Global Policies and Standards.

This role is crucial in protecting digital assets, maintaining the integrity of IT systems, and ensuring the continuity, quality, and overall business effectiveness of the Risk and Compliance function.

Key Responsibilities:

• Ensure compliance with IT regulations, standards, and policies, including ISO 27001, NIS2, and DORA.
• Implement and maintain IT General Controls to protect digital assets.
• Monitor and report compliance status and issues to senior management.
• Coordinate IT activities for internal and external audits, including finance and ISO 27001 audits.
• Standardise and maintain IT process documentation.
• Conduct regular assessments and audits to ensure compliance.
• Support IT demand processes for new solutions, assurance evidence, and documentation.
• Manage and improve the IT risk management framework for the UK & Ireland.
• Oversee the Information Security Management System and support security policies, vulnerability management, and incident responses.
• Manage customer assurance requests, review contractual security schedules, and support the commercial team during the bid process.

Professional and Personal Competencies/Qualifications:

• Extensive experience leading IT risk management and compliance within a complex global organisation.
• Strong knowledge of IT regulations, standards, and best practices.
• Strong knowledge of IT General Controls and Information Security Management Systems.
• Experience with regulatory requirements and standards, including ITIL, GDPR, ISO27001, PCI, NIS2, and DORA.
• Proven ability to manage and coordinate audit activities.
• Ideally have previous experience within the Facilities Management industry, however this isn’t essential.

Seniority level

Mid-Senior level

Employment type

Full-time

Job function

Information Technology and Management

Industries

Facilities Services and IT Services and IT Consulting

Referrals increase your chances of interviewing at ISS Facility Services UK by 2x.

#J-18808-Ljbffr