Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cyber governance, risk, and compliance initiatives to ensure security and regulatory adherence.
- Company: Join SGN, a leader in innovative energy solutions and safety.
- Benefits: Enjoy competitive pension, enhanced parental leave, life assurance, and more.
- Why this job: Make a real impact in cyber security while driving change in the gas industry.
- Qualifications: Degree in relevant field and 5 years of cyber security experience required.
- Other info: Diverse backgrounds encouraged; we value unique perspectives and experiences.
The predicted salary is between 48000 - 84000 Β£ per year.
Overview
Head of Cyber Governance, Risk and Compliance
London | Hybrid | Full-time | Personal Contract
Competitive pension scheme β Enhanced maternity/paternity pay β Life assurance β HolidayPlus β Cycle2work Scheme & more
REQ5121
As a strategic leader in Governance, Risk and Compliance, you will guide SGN\βs cyber security and regulatory approach, ensuring our operations remain secure, resilient and fully compliant.
We deliver safety, warmth, and comfort to homes and businesses. Every role, whether in the office or on the front line, plays a key part in this mission. Here\\\βs how you will contributeβ¦
Governance, Risk & Compliance (GRC) Leadership
- Lead and manage the GRC team, aligning cyber and business goals while ensuring compliance with NIS-R, ISO27001/2, and NIST-2.
- Oversee delivery plans, resource allocation, and stakeholder engagement for GRC initiatives.
Training & Awareness
- Develop and maintain SGN\\\βs Information Security training and awareness materials.
- Integrate lessons learned from incidents and address feedback from training delivery.
Information Security Policy & ISMS
- Maintain a robust portfolio of security policies, standards, and procedures to support ISO27001, NIST, and NIS eCAF compliance.
- Ensure policies are current, reviewed regularly, and approved by key stakeholders.
- Manage SGN\\\βs Information Security Management System (ISMS) and policy exceptions.
Compliance & Assurance
- Monitor and report on compliance across SGN and third-party partners.
- Lead assurance reviews and support internal/external audits for ISO27001, NIST, and NIS.
- Own NIS submissions to OFGEM and support regulatory consultations and audits.
Risk Management
- Oversee risk assessments and reporting across Cyber, OT, and Gas Control.
- Establish and enforce risk management processes and reporting to the CISO.
Advisory & Stakeholder Engagement
- Provide expert advice on information security risks and controls.
- Maintain relationships with external bodies and represent SGN in relevant forums.
Performance & Reporting
- Oversee security performance indicators and ensure timely reporting to internal and external stakeholders.
- Manage bi-monthly phishing tests and remediation actions.
Regulatory & Funding Support
- Ensure compliance with legal and regulatory changes, advising on business impact.
- Support funding documentation for RIIO2 & RIIO3 programmes.
- Track and report on audit actions and outcomes
What you will need
Required Qualifications
- The individual should be educated to degree level in a relevant discipline. Must be one of CISM/CISSP/CISA/TOGAF/CRISC.
- Must have 5 years\\\β cyber security experience.
- Must have proven expertise in Compliance Management, Information Security Risk and Audit.
- Individual Competencies
- Excellent understanding and hands-on experience of working with Regulators and providing compliance updates for an OT environment.
- Excellent understanding of the NIS Regulations and the NCSC Cyber Assessment Framework.
- Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC security principles, NIST Framework, ISO 27001, ISO27005, IEC62443 etc.
- Excellent command of written English.
- Strong interpersonal and relationship building skills.
- The role will require Security Clearance.
Application guidance
Not sure you meet every requirement?
Research shows some people β particularly women and those from underrepresented backgrounds β may hesitate to apply unless they meet every criteria. At SGN, we value diverse backgrounds, experiences and perspectives.
If this role interests you but you\\\βre not sure you tick every box, we\\\βd still love to hear from you. You might be just who we\\\βre looking for β now or in the future.
Why SGN?
SGN is a leader in pioneering research and development toward a net-zero energy system. Our cutting-edge technologies and innovative thinking are driving change in the gas industry, all while keeping people safe and warm.
Accommodations
If you require any accommodations or support during the application process, reach out to us. We\\\βre here to help ensure an inclusive and accessible experience for everyone.
#J-18808-Ljbffr
Head of Cyber Governance, Risk and Compliance employer: SGN
Contact Detail:
SGN Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Head of Cyber Governance, Risk and Compliance
β¨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend events, and connect on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
β¨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their approach to Governance, Risk, and Compliance, and think about how your experience aligns with their goals. This will help you stand out as a candidate who truly gets them.
β¨Tip Number 3
Practice your pitch! Be ready to explain your experience in cyber security and compliance clearly and confidently. Highlight specific achievements that demonstrate your leadership skills and ability to manage risk effectively.
β¨Tip Number 4
Donβt forget to apply through our website! Itβs the best way to ensure your application gets seen. Plus, we love hearing from candidates who are genuinely interested in joining our mission to keep homes and businesses safe and secure.
We think you need these skills to ace Head of Cyber Governance, Risk and Compliance
Some tips for your application π«‘
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in Governance, Risk, and Compliance. We want to see how your skills align with our mission at SGN, so donβt hold back on showcasing your relevant achievements!
Showcase Your Leadership Skills: As a strategic leader, itβs crucial to demonstrate your ability to lead teams and manage projects effectively. Share examples of how you've successfully guided teams in the past, especially in cyber security contexts.
Be Clear and Concise: When writing your application, clarity is key! Use straightforward language and avoid jargon where possible. We appreciate well-structured applications that get straight to the point while still conveying your passion for the role.
Apply Through Our Website: We encourage you to submit your application through our website. Itβs the best way for us to receive your details and ensures youβre considered for the role. Plus, itβs super easy to do!
How to prepare for a job interview at SGN
β¨Know Your Cyber Frameworks
Make sure you brush up on your knowledge of NIS Regulations, ISO27001, and NIST frameworks. Be ready to discuss how you've applied these in past roles, as this will show your expertise and understanding of the compliance landscape.
β¨Showcase Leadership Skills
As a Head of GRC, you'll need to demonstrate your leadership capabilities. Prepare examples of how you've successfully led teams, managed resources, and aligned cyber goals with business objectives. This will highlight your strategic thinking and management style.
β¨Prepare for Scenario Questions
Expect scenario-based questions that assess your problem-solving skills in real-world situations. Think about past incidents you've handled, how you approached them, and what the outcomes were. This will showcase your practical experience in risk management and compliance.
β¨Engage with Stakeholders
Be ready to discuss how you've built relationships with external bodies and stakeholders. Share specific examples of how you've communicated complex information security risks and ensured alignment with regulatory requirements. This will demonstrate your interpersonal skills and ability to engage effectively.
