At a Glance
- Tasks: Lead and shape our Information Security GRC and Identity Governance function.
- Company: Join a forward-thinking organisation prioritising cyber security and compliance.
- Benefits: Competitive salary, leadership opportunities, and professional development.
- Other info: Dynamic role with opportunities to influence strategic decision-making.
- Why this job: Make a significant impact on cyber risk management and regulatory compliance.
- Qualifications: Proven leadership in Information Security GRC and strong regulatory knowledge.
The predicted salary is between 70000 - 90000 € per year.
This is a senior leadership role responsible for shaping and leading our Information Security GRC and Identity Governance function. You’ll ensure we have a robust, scalable and effective framework for managing cyber risk, regulatory compliance, policy governance and access control across the organisation. You’ll lead a team of managers and analysts across governance, risk, compliance and identity governance disciplines—driving performance, maturity and continuous improvement. Acting as a trusted advisor to senior stakeholders, you’ll translate complex regulatory and risk requirements into clear, practical direction that enables secure and compliant business and technology operations. You’ll also play a key role in influencing strategic decision-making, providing insight and challenge on material cyber risks, control gaps and compliance exposure.
Key Responsibilities
- Lead and develop the Information Security GRC and Identity Governance function, setting direction, priorities and operating model.
- Own and evolve the information security governance and policy framework, ensuring it aligns to regulatory, audit and business requirements.
- Oversee enterprise security risk management, ensuring risks are clearly identified, assessed, tracked and treated.
- Lead audit, compliance and regulatory readiness, ensuring effective engagement, evidence management and remediation governance.
- Own and mature identity governance, including access governance, privileged access, lifecycle controls and assurance.
- Provide clear, risk-based reporting and recommendations to senior stakeholders to support informed decision-making.
- Represent the function in senior forums and act as a delegate for the Head of Information and Cyber Security where required.
About You
- Proven leadership experience in Information Security GRC, security governance or cyber risk within a complex, regulated environment.
- Strong understanding of frameworks and regulations such as ISO 27001, NIST CSF, PCI‑DSS, UK GDPR, NIS/NIS2 and aviation or resilience requirements.
- Experience leading multi‑disciplinary teams, including managers, and driving performance and capability development.
- Deep knowledge of risk management, control assurance, compliance and governance frameworks.
- Strong understanding of identity and access governance, including privileged access, segregation of duties and lifecycle controls.
- Experience supporting audit and regulatory engagements, including remediation and assurance.
- Ability to influence and challenge senior stakeholders across business and technology in a complex, matrixed environment.
- Professional certifications such as CISSP, CISM, CRISC or CISA (or equivalent).
Senior Manager Information Security in Crawley employer: Virgin Atlantic
As a Senior Manager in Information Security, you will join a forward-thinking organisation that prioritises a culture of innovation and continuous improvement. Our commitment to employee growth is evident through tailored development programmes and opportunities to influence strategic decision-making at the highest levels. Located in a dynamic environment, we offer competitive benefits and a collaborative atmosphere where your expertise in cyber risk and compliance will be valued and rewarded.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Manager Information Security in Crawley
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry and let them know you're on the lookout for opportunities. A personal recommendation can go a long way in landing that senior manager role.
✨Tip Number 2
Prepare for those interviews by brushing up on your knowledge of frameworks like ISO 27001 and NIST CSF. Be ready to discuss how you've tackled cyber risks and compliance challenges in the past—real-life examples will impress!
✨Tip Number 3
Showcase your leadership skills! When you get the chance, highlight your experience in leading multi-disciplinary teams and driving performance. Employers want to see how you can inspire and develop others in the field.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace Senior Manager Information Security in Crawley
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of Senior Manager Information Security. Highlight your leadership experience in GRC and cyber risk, and don’t forget to mention any relevant frameworks you’re familiar with, like ISO 27001 or NIST CSF.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re the perfect fit for this role. Share specific examples of how you've led teams and influenced decision-making in previous positions, especially in complex environments.
Showcase Your Certifications:If you’ve got professional certifications like CISSP or CISM, make them stand out! These credentials are crucial in the Information Security field, so be sure to list them prominently in your application.
Apply Through Our Website:We encourage you to apply through our website for the best chance of getting noticed. It’s super easy, and you’ll be able to submit all your documents in one go. Plus, we love seeing applications come directly from our site!
How to prepare for a job interview at Virgin Atlantic
✨Know Your Frameworks
Make sure you’re well-versed in key frameworks and regulations like ISO 27001, NIST CSF, and UK GDPR. Brush up on how these apply to the role and be ready to discuss how you've implemented or managed them in past positions.
✨Showcase Leadership Skills
Prepare examples that highlight your leadership experience, especially in managing multi-disciplinary teams. Think about specific challenges you've faced and how you drove performance and capability development within your team.
✨Be a Trusted Advisor
Demonstrate your ability to act as a trusted advisor to senior stakeholders. Prepare to discuss how you've translated complex regulatory requirements into actionable strategies that support business operations.
✨Prepare for Scenario Questions
Expect scenario-based questions that assess your problem-solving skills in risk management and compliance. Think through potential cyber risks and control gaps, and be ready to provide clear, risk-based recommendations.
