At a Glance
- Tasks: Lead cyber security and IT governance, ensuring robust risk management and compliance.
- Company: Join TwiningsOvO, a part of the ABF Group, known for its commitment to security excellence.
- Benefits: Competitive salary, professional development opportunities, and a dynamic work environment.
- Other info: Opportunity to work with cutting-edge technologies and drive transformation initiatives.
- Why this job: Make a significant impact on cyber security strategy in a leading organisation.
- Qualifications: Extensive leadership experience in cyber security and IT governance required.
The predicted salary is between 80000 - 100000 £ per year.
Responsibilities Lead cyber security and IT governance, risk and compliance (GRC) for Twinings Ov O and set the local roadmap, priorities and investment case within ABF Group standards.
Own Twinings Ov O’s cyber risk posture; maintain a single, prioritised cyber risk register with named owners and tracked remediation.
Give the GM and Leadership Team clear visibility of risk exposure and control effectiveness.
Coordinate local response to security incidents, with rapid escalation to and alignment with the ABF Group security function.
Drive vulnerability, patch and exposure management in line with Group expectations.
Own the IT control environment, including ITGCs across SAP S/4HANA and other core applications.
Operate IT GRC in BAU: governance forums, policy adoption and exceptions, control testing and continuous compliance against ABF and regulatory expectations.
Lead audit readiness and remediation; act as single point of contact for Internal Audit and external auditors on IT and security, and close findings on time.
Govern identity, access and segregation‑of‑duties controls for critical systems.
Embed proportionate security and control requirements into Biz TX delivery standards and the project lifecycle.
Provide security assurance across the transformation portfolio from initiation through to go‑live.
Requirements Significant leadership experience in cyber security and IT governance, risk and compliance.
Proven track record embedding or maturing security and control capability in a complex organisation.
Strong grasp of IT control environments, ITGCs, audit and risk frameworks, applied pragmatically rather than dogmatically.
Credible with senior leadership; challenges honestly and translates technical risk into commercial, decision‑ready terms.
Comfortable owning local accountability while operating within Group governance – diplomatic with the centre, decisive locally.
Experience as a Head of Cyber Security, BISO, divisional / business security lead, or in a senior IT GRC leadership role (desirable).
SAP / ERP, cloud (RISE), AI governance and major transformation experience (desirable).
Familiarity with ISO 27001, NIST CSF and CIS Controls (desirable).
Hard Skills Cyber Risk Management ITGCs Control Testing Vulnerability Management Patch Management Security Assurance Risk Frameworks Incident Response Transformation Portfolio Management Commercial Risk Translation Soft Skills Diplomatic Communication Decisive Leadership Credibility With Senior Leadership Honest Challenge Certifications