Security GRC Lead in Farnborough

Description and Requirements

Join Lenovo’s Solutions & Services Group (SSG) as a Sr. Manager, Cyber Security Governance, Risk & Compliance. In this leadership role, you will drive global security compliance, risk management, and governance initiatives across Lenovo’s managed services and solutions. The position is open to candidates across Europe, with a preference for the UK, and offers a hybrid / remote work model with occasional travel to operational sites or events. You will lead a diverse, international team and collaborate with stakeholders at all levels, including C‑suite, to ensure Lenovo’s solutions meet evolving global cybersecurity standards and regulations.

Key Responsibilities

• Lead the development and execution of Lenovo’s cyber security governance, risk, and compliance (GRC) strategy across global managed services and solutions
• Oversee compliance with international, regional, and national cybersecurity regulations, translating requirements into actionable business processes
• Direct and conduct ongoing risk analysis and management, ensuring alignment with Lenovo’s risk appetite and business objectives
• Develop, implement, and maintain security policies, frameworks, and controls, including third‑party and supply‑chain risk management
• Guide and mentor a multi‑location team, including direct and indirect reports, fostering a culture of security and compliance excellence
• Collaborate with business leaders, product teams, and technical stakeholders to ensure secure design, delivery, and operation of services
• Manage and support internal and external audits, certifications ISO27001, SOC 2, GDPR), and regulatory assessments
• Represent Lenovo in cross‑functional and international forums, building strong relationships with stakeholders and ensuring effective communication of risks, gaps, and compliance status

Position Requirements

• Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field
• Professional certification such as CISSP, CISM, CRISC, or CISA (or equivalent)
• Proven experience managing cyber security and risk in fast‑paced, global technology or managed services environments
• Demonstrated expertise in implementing and maintaining compliance with standards such as ISO27001, NIST, CIS, GDPR, and SOC 2
• Strong knowledge of security frameworks, policies, and risk management methodologies
• Excellent English communication skills (written and verbal); additional languages are an advantage
• Outstanding interpersonal and stakeholder management skills, with the ability to work effectively across cultures and geographies
• Strategic thinker with strong analytical, problem‑solving, and decision‑making abilities

We Offer

• An international team with a high focus on Gender Diversity.
• Employee Assistance Program, for psychological, legal & financial consultancy
• You are joining a company that prioritizes sustainable solutions like CO₂ Offset, Asset Recovery Services, and the Lenovo Certified Refurbished portfolio.
• Access to training for personal development – Internal E‑learning Development Platform available for employees
• Mentorship program