At a Glance
- Tasks: Lead security governance, risk management, and awareness initiatives in a dynamic environment.
- Company: Join a forward-thinking organisation focused on modernising its security posture.
- Benefits: Competitive rate, flexible onsite work, and the chance to make a real impact.
- Other info: Opportunity for career growth in a fast-paced, evolving landscape.
- Why this job: Shape the future of information security while driving cultural change across the enterprise.
- Qualifications: Proven experience in InfoSec GRC, strong leadership, and communication skills required.
The predicted salary is between 72000 - 108000 £ per year.
Location: London (onsite 2 days per week)
Duration: 6 months
Rate: Inside IR35, rate to be discussed
Are you an experienced Head of Information Security Governance, Risk and Compliance looking for your next opportunity to make an impact within an evolving and fast paced environment? Do you have strong experience of leading 3rd party security assurance processes? If so, apply now.
We are seeking an experienced Head of InfoSec GRC & Awareness to lead governance, risk, compliance, and security awareness initiatives across an organisation at a time of significant modernisation. This pivotal role ensures a robust security posture by developing and enforcing policies, standards, and training programmes aligned with business objectives and regulatory requirements.
Key Responsibilities- Lead the development and enforcement of enterprise–wide information security policies and standards.
- Drive security governance and cyber maturity through compliance, assurance reviews, and gap analysis.
- Oversee the Information Security Risk Management process.
- Conduct in depth supplier due diligence / third party assurance processes.
- Manage audit readiness and support internal/external audit activities.
- Own and deliver the organisation's security awareness programme, including campaigns and tailored training.
- Depending on the candidate, you would also be involved in developing and implementing an Operational Technology (OT) Security Assurance Framework.
- Professional certifications such as CISSP, CISM, ISO27001 Lead Auditor, CLAS etc.
- Extensive experience in information security or IT governance within large, complex environments.
- Strong knowledge of security frameworks (ISO/IEC 27001, NIST CSF, CIS Controls, Cyber Essentials).
- Proven track record in risk management, policy development, and security awareness initiatives.
- Excellent communication, leadership, and influencing skills.
- Very strong experience of driving 3rd party due diligence.
- Any experience of driving Technical Assurance, Operational Technology (OT) Security Assurance and Penetration Testing would be a bonus.
This is an excellent opportunity to lead a critical function within a dynamic organisation, ensuring security resilience and cultural change across the enterprise. The rate is competitive and we can discuss this directly. For further information, please apply and I will be in touch.
Head of Information Security GRC & Awareness employer: TRIA
Join a forward-thinking organisation in London as the Head of Information Security GRC & Awareness, where you will play a crucial role in shaping security governance and compliance in a rapidly evolving environment. With a strong emphasis on employee growth, we offer tailored training programmes and a collaborative work culture that fosters innovation and resilience. Enjoy the unique advantage of a hybrid work model, allowing you to balance onsite engagement with flexibility, all while contributing to meaningful security initiatives that drive organisational success.
StudySmarter Expert Advice🤫
We think this is how you could land Head of Information Security GRC & Awareness
✨Tip Number 1
Network like a pro! Reach out to your connections in the InfoSec world and let them know you're on the hunt for a Head of InfoSec GRC & Awareness role. You never know who might have the inside scoop on opportunities or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of security frameworks like ISO/IEC 27001 and NIST CSF. Be ready to discuss how you've driven compliance and risk management in past roles, as this will show you're the right fit for leading governance and assurance processes.
✨Tip Number 3
Showcase your leadership skills! When you get the chance to interview, highlight your experience in managing teams and driving security awareness initiatives. Share specific examples of how you've developed training programmes that align with business objectives.
✨Tip Number 4
Don't forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you're serious about landing this pivotal role in a dynamic organisation.
We think you need these skills to ace Head of Information Security GRC & Awareness
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the specific skills and experiences mentioned in the job description. Highlight your expertise in governance, risk, compliance, and security awareness to show us you're the perfect fit for this role.
Craft a Compelling Cover Letter:Use your cover letter to tell us why you're passionate about information security and how your background aligns with our needs. Share specific examples of your achievements in leading security initiatives to grab our attention!
Showcase Your Certifications:Don’t forget to mention your professional certifications like CISSP or CISM. These credentials are crucial for us to see your commitment to the field and your ability to lead effectively in a complex environment.
Apply Through Our Website:We encourage you to apply directly through our website. This way, we can ensure your application gets the attention it deserves, and you’ll be one step closer to joining our dynamic team!
How to prepare for a job interview at TRIA
✨Know Your Stuff
Make sure you brush up on the key responsibilities listed in the job description. Understand the frameworks like ISO/IEC 27001 and NIST CSF, and be ready to discuss how you've applied them in your previous roles.
✨Showcase Your Leadership Skills
As a Head of InfoSec GRC & Awareness, you'll need to demonstrate strong leadership. Prepare examples of how you've led teams or initiatives in the past, especially around security awareness and compliance.
✨Prepare for Scenario Questions
Expect questions that ask how you'd handle specific situations, like managing third-party security assurance processes or conducting risk assessments. Think through your approach and be ready to explain your reasoning.
✨Communicate Clearly
Your ability to communicate complex security concepts is crucial. Practice explaining your ideas clearly and concisely, as this will show your potential employer that you can effectively lead and influence others in the organisation.
