Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead a team to execute global security policies and manage risk assessments.
- Company: Join one of the world's fastest-growing SaaS scale-ups, recently gone public.
- Benefits: Enjoy a hybrid work model, competitive salary, bonuses, and RSUs.
- Why this job: Be part of a dynamic environment that promotes career growth and challenges you daily.
- Qualifications: Strong experience in Cyber Security risk assessments and First Line of Defence required.
- Other info: Experience with FEDRAMP is a plus; this role reports directly to the CISO.
The predicted salary is between 80000 - 120000 £ per year.
Presenting a Global Head of GRC position at one of the worlds fastest growing SaaS scale-up companies. This is an extremely important hire reporting directly to the CISO as part of the security leadership team.
This is a hybrid position (3 days in the office) in London, with a base salary of 100k – 120k per year, plus bonus and RSUs.
You will lead a team of 4 and be responsible for executing global security policies and procedures, manage company security certifications and help achieve new ones, perform both internal and 3rd party risk management, oversee vulnerability assessments and create a company-wide culture of security awareness and education.
Having recently gone public, this company now have to adhere to global regulations, and with the speed of scale, this is a very dynamic environment. Someone coming from a similar background that understand how fast-paced scale up companies are would be ideal.
They need someone with strong experience in the First Line of Defence, that can create phishing exercises, built security awareness training modules and has a deep knowledge of Cyber Security risk assessments. Any experience with FEDRAMP will be a bonus.
Joining a company that promotes career development and professional training, this role is for someone who likes to be challenged everyday. Please apply if interested!
Head of GRC employer: Stott and May
Contact Detail:
Stott and May Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of GRC
✨Tip Number 1
Make sure to highlight your experience in the First Line of Defence during your conversations. This role requires a deep understanding of security policies and procedures, so be ready to discuss specific examples from your past roles.
✨Tip Number 2
Familiarize yourself with the company's recent public offering and how it impacts their security needs. Being able to discuss this knowledge will show that you understand the dynamic environment they operate in.
✨Tip Number 3
Prepare to talk about your experience with creating security awareness training modules and phishing exercises. This is a key responsibility in the role, and demonstrating your expertise will set you apart.
✨Tip Number 4
If you have experience with FEDRAMP or similar certifications, make sure to bring it up. Even if it's not a requirement, it can be a significant advantage in your application.
We think you need these skills to ace Head of GRC
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in GRC, Cyber Security risk assessments, and any previous roles in fast-paced scale-up environments. Use specific examples that demonstrate your leadership skills and ability to manage security policies.
Craft a Compelling Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Discuss your understanding of the challenges faced by rapidly growing SaaS companies and how your background aligns with their needs, particularly in creating security awareness training modules.
Highlight Relevant Certifications: If you have certifications related to Cyber Security or GRC, make sure to mention them prominently in your application. This could include any experience with FEDRAMP or other relevant security frameworks.
Showcase Leadership Experience: Since this role involves leading a team, emphasize your leadership experience in your application. Provide examples of how you've successfully managed teams, executed security policies, and fostered a culture of security awareness in previous positions.
How to prepare for a job interview at Stott and May
✨Show Your Understanding of GRC
Make sure to demonstrate your deep understanding of Governance, Risk, and Compliance (GRC) during the interview. Discuss specific frameworks and regulations you've worked with, especially in fast-paced environments, to show that you can adapt quickly.
✨Highlight Leadership Experience
Since this role involves leading a team, be prepared to share examples of your leadership style and how you've successfully managed teams in the past. Discuss how you foster a culture of security awareness and education within your team.
✨Prepare for Technical Questions
Expect technical questions related to Cyber Security risk assessments and vulnerability management. Brush up on your knowledge of security certifications and be ready to discuss how you've helped organizations achieve compliance in the past.
✨Demonstrate Adaptability
Given the dynamic nature of the company, it's crucial to showcase your ability to adapt to change. Share experiences where you've successfully navigated challenges in a rapidly growing environment, particularly in relation to security policies and procedures.
