At a Glance
- Tasks: Lead and shape our Information Security Governance, Risk, Compliance & Identity Governance function.
- Company: Join Virgin Atlantic, a leader in the aviation industry with a commitment to security.
- Benefits: Competitive salary, full-time hours, and a permanent contract.
- Other info: We celebrate diversity and encourage applications from all backgrounds.
- Why this job: Make a real impact on cyber security in a dynamic and complex environment.
- Qualifications: Proven leadership in Information Security GRC and strong understanding of regulatory frameworks.
The predicted salary is between 70000 - 90000 € per year.
At Virgin Atlantic, we're committed to keeping our customers, people and operations secure in an increasingly complex digital world. We're looking for a Senior Manager – Information Security Governance, Risk, Compliance & Identity Governance to lead a critical function at the heart of our cyber security capability.
This is a senior leadership role responsible for shaping and leading our Information Security GRC and Identity Governance function. You'll ensure we have a robust, scalable and effective framework for managing cyber risk, regulatory compliance, policy governance and access control across the organisation. You'll lead a team of managers and analysts across governance, risk, compliance and identity governance disciplines – driving performance, maturity and continuous improvement. Acting as a trusted advisor to senior stakeholders, you'll translate complex regulatory and risk requirements into clear, practical direction that enables secure and compliant business and technology operations. You'll also play a key role in influencing strategic decision‑making, providing insight and challenge on material cyber risks, control gaps and compliance exposure.
Key responsibilities:
- Lead and develop the Information Security GRC and Identity Governance function, setting direction, priorities and operating model.
- Own and evolve the information security governance and policy framework, ensuring it aligns to regulatory, audit and business requirements.
- Oversee enterprise security risk management, ensuring risks are clearly identified, assessed, tracked and treated.
- Lead audit, compliance and regulatory readiness, ensuring effective engagement, evidence management and remediation governance.
- Own and mature identity governance, including access governance, privileged access, lifecycle controls and assurance.
- Provide clear, risk‑based reporting and recommendations to senior stakeholders to support informed decision‑making.
- Represent the function in senior forums and act as a delegate for the Head of Information and Cyber Security where required.
About you:
- Proven leadership experience in Information Security GRC, security governance or cyber risk within a complex, regulated environment.
- Strong understanding of frameworks and regulations such as ISO 27001, NIST CSF, PCI‑DSS, UK GDPR, NIS/NIS2 and aviation or resilience requirements.
- Experience leading multi‑disciplinary teams, including managers, and driving performance and capability development.
- Deep knowledge of risk management, control assurance, compliance and governance frameworks.
- Strong understanding of identity and access governance, including privileged access, segregation of duties and lifecycle controls.
- Experience supporting audit and regulatory engagements, including remediation and assurance.
- Ability to influence and challenge senior stakeholders across business and technology in a complex, matrixed environment.
- Professional certifications such as CISSP, CISM, CRISC or CISA (or equivalent).
Our customers come from all walks of life and so do our colleagues. That's why we're proud to be an equal opportunity employer and actively encourage applications from all backgrounds. At Virgin Atlantic, we believe everyone can take on the world – no matter your age, gender, gender identity, gender expression, ethnicity, sexual orientation, disabilities, religion, or beliefs. We celebrate difference and everything that makes our colleagues unique by upholding an inclusive environment in which we can all thrive.
Senior Manager - Governance, Risk and Compliance in Crawley employer: Virgin Atlantic
At Virgin Atlantic, we pride ourselves on fostering a dynamic and inclusive work culture that empowers our employees to thrive. As a Senior Manager in Governance, Risk and Compliance based in Crawley, you'll benefit from competitive salaries, comprehensive professional development opportunities, and the chance to lead a talented team in a critical area of our cyber security operations. Join us in shaping a secure future while enjoying the unique advantages of working for a globally recognised airline committed to diversity and excellence.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Manager - Governance, Risk and Compliance in Crawley
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on platforms like LinkedIn. We all know that sometimes it’s not just what you know, but who you know that can help you land that dream job.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their values and how they align with your own. We want you to walk into that interview room feeling confident and ready to show them why you’re the perfect fit for the Senior Manager role.
✨Tip Number 3
Practice your responses to common interview questions, especially those related to governance, risk, and compliance. We suggest doing mock interviews with friends or mentors to refine your answers and get comfortable discussing your experience and expertise.
✨Tip Number 4
Don’t forget to follow up after your interview! A simple thank-you email can go a long way in leaving a positive impression. We believe this shows your enthusiasm for the role and keeps you fresh in their minds as they make their decision.
We think you need these skills to ace Senior Manager - Governance, Risk and Compliance in Crawley
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Senior Manager role. Highlight your experience in Information Security GRC and any relevant frameworks like ISO 27001 or NIST CSF. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber security and how your leadership experience can drive our GRC function forward. Keep it engaging and relevant to the role.
Showcase Your Achievements:Don’t just list your responsibilities; showcase your achievements! Use specific examples of how you've led teams, managed risks, or improved compliance in previous roles. We love seeing measurable impacts!
Apply Through Our Website:We encourage you to apply through our website for a smoother application process. It helps us keep track of your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Virgin Atlantic
✨Know Your Frameworks
Make sure you’re well-versed in key frameworks and regulations like ISO 27001, NIST CSF, and UK GDPR. Be ready to discuss how these apply to the role and how you've implemented them in past positions.
✨Showcase Leadership Skills
Prepare examples that highlight your leadership experience, especially in managing multi-disciplinary teams. Think about specific challenges you faced and how you drove performance and capability development within your team.
✨Be a Trusted Advisor
Demonstrate your ability to act as a trusted advisor to senior stakeholders. Prepare to discuss how you’ve translated complex regulatory requirements into actionable strategies that support business operations.
✨Prepare for Scenario Questions
Expect scenario-based questions that assess your problem-solving skills in risk management and compliance. Practice articulating your thought process and decision-making approach in hypothetical situations related to cyber security.
