At a Glance
- Tasks: Shape and enhance security governance practices while managing risks and compliance.
- Company: Established housing organisation investing in cyber security and governance.
- Benefits: Competitive salary, professional development, and a chance to influence key policies.
- Other info: Dynamic role with opportunities for career growth in a growing security function.
- Why this job: Join at an exciting stage to make a real impact on security practices.
- Qualifications: Experience in GRC and recognised frameworks like ISO 27001 or NIST CSF.
The predicted salary is between 45000 - 55000 £ per year.
I'm currently partnering with a well-established housing organisation that is investing heavily in its cyber security and governance capabilities and is looking to appoint a GRC Specialist to join the team. This opportunity has arisen as part of a planned succession, offering the chance to play a key role in shaping and maturing security governance practices across the organisation. You'll be joining at an exciting stage, with the opportunity to influence policy development, strengthen controls, enhance compliance activities and support the evolution of the organisation's wider security posture.
What you’ll be doing:
- Developing and maintaining security policies, standards and procedures
- Supporting governance, risk and compliance activities across the business
- Identifying and managing information security risks and vulnerabilities
- Working with stakeholders to improve security awareness and embed best practice
- Contributing to compliance initiatives, assurance activities and security programmes
- Reviewing existing processes and controls to ensure they remain effective and fit for purpose
- Supporting Cyber Essentials initiatives, awareness campaigns and continuous improvement efforts
- Helping drive governance and controls enhancements within a growing security function
What we’re looking for:
We're keen to speak with security professionals who bring a broad GRC background and have experience implementing or operating against recognised frameworks such as:
- ISO 27001 / ISO 27002
- ISO 27005
- NIST CSF
- NCSC CAF
- CIS Controls
- PCI DSS
Experience with risk management, controls mapping, assessments, assurance activities and supporting security programmes would be highly beneficial. Candidates who have contributed towards an ISMS, worked within ISO 27001-aligned environments or been involved in framework implementation projects are encouraged to apply.
Information Security Specialist in Worcester employer: James Adams
Join a forward-thinking housing organisation that prioritises cyber security and governance, offering a dynamic work environment where your contributions will directly shape security practices. With a strong commitment to employee development, you will have access to continuous training and growth opportunities, all while working in a collaborative culture that values innovation and best practices. This role not only allows you to influence key policies but also positions you at the forefront of enhancing the organisation's security posture in a meaningful way.