Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead information security governance and ensure compliance across the organisation.
- Company: Join Open Cosmos, tackling global challenges from space with innovative solutions.
- Benefits: Flexible working options, competitive salary, and opportunities for professional growth.
- Other info: Collaborative culture with a focus on continuous improvement and integrity.
- Why this job: Make a real impact on security practices while working in a dynamic environment.
- Qualifications: Strong knowledge of information security frameworks and data protection principles.
The predicted salary is between 60000 - 80000 £ per year.
At Open Cosmos we are solving the world’s biggest challenges from space, providing businesses, governments and researchers access to more readily available information than ever before - ready for the challenge? Then read on…
Working in our Chief Operating Office (COO), our COO Teams are the engine that powers Open Cosmos’ operations. This division brings together mission management, supply chain, and quality & product assurance to make sure every mission is delivered smoothly, reliably, and to the highest standards. They turn plans into action, keeping us efficient and mission-ready at all times.
We’re looking for an Information Security GRC Lead to take ownership of how security is defined, embedded and continuously improved across the business. This role sits at the intersection of technology, operations and compliance, ensuring that what we build and how we operate remains secure, resilient and aligned with regulatory expectations.
What will you be doing?
- Defining and evolving our information security governance framework so it is clear, practical and aligned with how we operate.
- Owning and shaping security policies, standards and controls so they are understood, usable and consistently applied.
- Working closely with Engineering, Product and business teams to embed security into day-to-day decisions and workflows.
- Building and driving a strong security culture across the organisation through relevant, engaging awareness initiatives.
- Owning the risk register, ensuring risks are identified, assessed and actively managed.
- Partnering with teams to prioritise and track mitigation actions in a way that supports delivery.
- Defining and operating our approach to vendor and supply chain security, ensuring third-party risks are understood and controlled.
- Ensuring data is handled appropriately, particularly where data sovereignty and regulatory requirements apply.
- Leading our approach to certifications such as ISO 27001, SOC 2 and Cyber Essentials Plus.
- Acting as the main point of contact for audits, coordinating evidence, stakeholders and outcomes.
- Running internal assessments to identify gaps early and continuously improve our security posture.
What You’ll bring
- A strong understanding of information security governance, risk and compliance, and how these translate into real-world practices.
- Practical knowledge of security frameworks such as ISO 27001, SOC 2 or NIST, and how to apply them effectively.
- A clear understanding of data protection principles, including GDPR and data sovereignty considerations.
- The ability to design policies and controls that are both robust and usable in a fast-moving environment.
- Confidence working across technical and non-technical teams, bringing clarity to complex topics.
- The ability to assess risk pragmatically and make decisions that balance security with business needs.
- Strong ownership, with the drive to take initiatives from definition through to delivery.
- A collaborative approach, building trust and alignment across teams.
- Confidence to challenge where needed, ensuring risks are surfaced and addressed appropriately.
- A mindset focused on continuous improvement, always looking to strengthen how things are done.
- High levels of integrity when working with sensitive information and regulatory requirements.
For this role you can be based in any of our locations.
Information Security Governance Risk and Compliance Lead in Harwell employer: Open Cosmos
Contact Detail:
Open Cosmos Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Governance Risk and Compliance Lead in Harwell
✨Tip Number 1
Network like a pro! Reach out to people in the industry, attend events, and connect on LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their mission and values, especially how they relate to information security. This will help you tailor your answers and show you're genuinely interested.
✨Tip Number 3
Practice common interview questions related to governance, risk, and compliance. Be ready to discuss real-world scenarios where you've successfully implemented security measures or managed risks.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re serious about joining our team at Open Cosmos.
We think you need these skills to ace Information Security Governance Risk and Compliance Lead in Harwell
Some tips for your application 🫡
Tailor Your CV: Make sure your CV speaks directly to the role of Information Security GRC Lead. Highlight your experience with security frameworks like ISO 27001 and your understanding of data protection principles. We want to see how your skills align with what we’re looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about information security and how you can contribute to our mission at Open Cosmos. Keep it engaging and relevant to the job description.
Showcase Your Achievements: Don’t just list your responsibilities; showcase your achievements in previous roles. Did you lead a successful audit or implement a new security policy? We love to see concrete examples of how you’ve made a difference!
Apply Through Our Website: We encourage you to apply through our website for a smoother process. It helps us keep track of applications and ensures you get the best experience possible. Plus, it shows you’re keen on joining our team!
How to prepare for a job interview at Open Cosmos
✨Know Your Security Frameworks
Make sure you brush up on your knowledge of security frameworks like ISO 27001 and SOC 2. Be ready to discuss how you've applied these in real-world scenarios, as this will show your practical understanding and ability to implement them effectively.
✨Showcase Your Collaborative Spirit
This role requires working closely with various teams, so be prepared to share examples of how you've successfully collaborated across technical and non-technical groups. Highlight any initiatives where you built trust and alignment, as this will demonstrate your ability to bridge gaps.
✨Demonstrate Risk Management Skills
Be ready to talk about your approach to risk management. Share specific instances where you've identified, assessed, and managed risks, and how you balanced security needs with business objectives. This will showcase your pragmatic decision-making skills.
✨Emphasise Continuous Improvement
Highlight your mindset focused on continuous improvement. Discuss any past experiences where you've identified gaps in security practices and taken the initiative to enhance them. This will show that you're proactive and committed to strengthening security measures.