At a Glance
- Tasks: Lead and shape our Information Security Governance, Risk, Compliance & Identity Governance function.
- Company: Join Virgin Atlantic, a leader in aviation with a commitment to security and innovation.
- Benefits: Competitive salary, full-time hours, and a supportive work environment.
- Other info: Be part of a diverse team and enjoy opportunities for professional growth.
- Why this job: Make a real impact on cyber security in a dynamic and complex digital world.
- Qualifications: Proven leadership in Information Security GRC and strong understanding of regulatory frameworks.
The predicted salary is between 70000 - 90000 β¬ per year.
At Virgin Atlantic, we're committed to keeping our customers, people and operations secure in an increasingly complex digital world. We're looking for a Senior Manager - Information Security Governance, Risk, Compliance & Identity Governance to lead a critical function at the heart of our cyber security capability.
This is a senior leadership role responsible for shaping and leading our Information Security GRC and Identity Governance function. You'll ensure we have a robust, scalable and effective framework for managing cyber risk, regulatory compliance, policy governance and access control across the organisation. You'll lead a team of managers and analysts across governance, risk, compliance and identity governance disciplines, driving performance, maturity and continuous improvement. Acting as a trusted advisor to senior stakeholders, you'll translate complex regulatory and risk requirements into clear, practical direction that enables secure and compliant business and technology operations. You'll also play a key role in influencing strategic decision-making, providing insight and challenge on material cyber risks, control gaps and compliance exposure.
Key responsibilities:
- Lead and develop the Information Security GRC and Identity Governance function, setting direction, priorities and operating model.
- Own and evolve the information security governance and policy framework, ensuring it aligns to regulatory, audit and business requirements.
- Oversee enterprise security risk management, ensuring risks are clearly identified, assessed, tracked and treated.
- Lead audit, compliance and regulatory readiness, ensuring effective engagement, evidence management and remediation governance.
- Own and mature identity governance, including access governance, privileged access, lifecycle controls and assurance.
- Provide clear, risk-based reporting and recommendations to senior stakeholders to support informed decision-making.
- Represent the function in senior forums and act as a delegate for the Head of Information and Cyber Security where required.
About you:
- Proven leadership experience in Information Security GRC, security governance or cyber risk within a complex, regulated environment.
- Strong understanding of frameworks and regulations such as ISO 27001, NIST CSF, PCI-DSS, UK GDPR, NIS/NIS2 and aviation or resilience requirements.
- Experience leading multi-disciplinary teams, including managers, and driving performance and capability development.
- Deep knowledge of risk management, control assurance, compliance and governance frameworks.
- Strong understanding of identity and access governance, including privileged access, segregation of duties and lifecycle controls.
- Experience supporting audit and regulatory engagements, including remediation and assurance.
- Ability to influence and challenge senior stakeholders across business and technology in a complex, matrixed environment.
- Professional certifications such as CISSP, CISM, CRISC or CISA (or equivalent).
Virgin Atlantic is an equal opportunity employer. We encourage applications from all backgrounds.
Senior Manager β Governance, Risk and Compliance employer: Virgin Atlantic
At Virgin Atlantic, we pride ourselves on fostering a dynamic and inclusive work environment where innovation thrives. As a Senior Manager in Governance, Risk and Compliance based in our vibrant VHQ in Crawley, you'll benefit from competitive salaries, comprehensive employee development programmes, and a culture that champions collaboration and continuous improvement. Join us to make a meaningful impact in the realm of cyber security while enjoying the unique advantages of working for a leading airline committed to excellence and diversity.
StudySmarter Expert Adviceπ€«
We think this is how you could land Senior Manager β Governance, Risk and Compliance
β¨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on platforms like LinkedIn. We all know that sometimes itβs not just what you know, but who you know that can help you land that dream job.
β¨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their values and how they align with your own. We want you to walk into that interview room feeling confident and ready to show them why you're the perfect fit for the Senior Manager role.
β¨Tip Number 3
Practice your responses to common interview questions, especially those related to governance, risk, and compliance. We suggest doing mock interviews with friends or mentors to refine your answers and get comfortable discussing your experience and expertise.
β¨Tip Number 4
Donβt forget to follow up after your interview! A simple thank-you email can go a long way in leaving a positive impression. We recommend reiterating your enthusiasm for the role and highlighting a key point from your conversation that resonated with you.
We think you need these skills to ace Senior Manager β Governance, Risk and Compliance
Some tips for your application π«‘
Tailor Your CV:Make sure your CV reflects the skills and experiences that align with the Senior Manager role. Highlight your leadership experience in Information Security GRC and any relevant frameworks you've worked with, like ISO 27001 or NIST CSF.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for this role. Mention specific achievements in governance, risk, and compliance that demonstrate your ability to lead and influence senior stakeholders.
Showcase Your Certifications:If you have professional certifications like CISSP, CISM, or CRISC, make sure they stand out in your application. These credentials can really boost your profile and show us that youβre serious about your expertise in cyber security.
Apply Through Our Website:We encourage you to apply directly through our website. Itβs the best way to ensure your application gets into the right hands and shows us youβre keen on joining the Virgin Atlantic team!
How to prepare for a job interview at Virgin Atlantic
β¨Know Your Frameworks
Make sure you brush up on key frameworks and regulations like ISO 27001, NIST CSF, and UK GDPR. Being able to discuss these in detail will show that youβre not just familiar with them but can also apply them in a practical context.
β¨Showcase Leadership Skills
Prepare examples of how you've led teams in the past, especially in complex environments. Highlight your experience in driving performance and capability development, as this role requires strong leadership in governance and risk management.
β¨Be Ready for Scenario Questions
Expect scenario-based questions that test your problem-solving skills in real-world situations. Think about how you would handle specific cyber risks or compliance challenges, and be ready to articulate your thought process clearly.
β¨Engage with Stakeholders
Demonstrate your ability to influence and challenge senior stakeholders. Prepare to discuss how you've successfully communicated complex regulatory requirements in the past, and how you can translate these into actionable strategies for the business.
