At a Glance
- Tasks: Lead IT governance, audit, risk, and compliance for a renowned bookselling group.
- Company: Join Waterstones, a cornerstone of bookselling in the UK and Ireland since 1982.
- Benefits: Hybrid work model, competitive salary, and a commitment to diversity and inclusion.
- Other info: Dynamic environment with opportunities for professional growth and development.
- Why this job: Make a real impact on IT controls and compliance in a thriving organisation.
- Qualifications: 5+ years in IT audit or governance with strong knowledge of regulatory frameworks.
The predicted salary is between 60000 - 75000 Β£ per year.
Hybrid Based in London with travel to Solihull and Burton Upon Trent
We are looking for someone to join us in this newly created role to lead IT governance, audit, risk, and compliance across the Waterstones group.
The successful candidate will ensure strong IT controls, regulatory alignment, and a resilient, audit-ready control environment supporting secure and effective business operations.
- What you will be doing
- Own and develop IT control frameworks (SOX, ITGC, ISO27001, COBIT, ITIL, NIST)
- Lead all internal and external IT audits end-to-end (readiness, execution, remediation)
- Maintain SOX narratives, RACMs, and control documentation
- Manage IT risk register and perform risk assessments
- Embed controls across change, access, incident, and operational processes
- Lead user access reviews and enforce segregation of duties
- Oversee GDPR-aligned data privacy controls and DPIAs
- Maintain and test Incident Response Plan (including tabletop exercises)
- Deliver executive reporting on risks, audits, and compliance posture
- Monitor regulatory changes and update controls accordingly
- Drive control automation and continuous improvement
- Deliver security and compliance awareness activities
- Partner with IT, Info Sec, Finance, Audit, Legal and business stakeholders
- Support NIS2 and UK/EU regulatory alignment where applicable
- Implement and optimise GRC / control automation tooling
- Own third-party / supplier assurance for technology risk
- Define and report KPIs (audit findings, remediation SLAs, control effectiveness)
- Provide oversight on emerging risks including AI governance and new technologies
- What we need from you
- 5+ years in IT audit, controls, governance or compliance
- Experience in regulated / FTSE or enterprise environments
- Strong knowledge of SOX, ITGCs, ISO27001, COBIT, ITIL, NIST
- Audit management and control framework implementation experience
- Understanding of GDPR and data privacy requirements
- Degree in IT, Information Systems or related field
- Person Profile
- Self-starter with strong ownership mindset
- Strong stakeholder management and communication skills
- High attention to detail and analytical thinking
- Able to influence and embed controls across teams
- Organised and capable of managing multiple priorities
- Why work for Waterstones
Waterstones is the cornerstone of bookselling across the UK and Ireland.
Joining Waterstones means being an active part in a success story that began in 1982, and books are as popular now as the day we started.
Trading across the UK, Ireland and Europe, we are present in over 300 shopping locations, where Waterstones continues to thrive, each year actively pursuing a programme of new bookshop openings.
Online at Waterstones. com, we meanwhile mirror the essence of our bookshops, further showcasing the unique enthusiasm and knowledge of our booksellers.
If you have the relevant essential experience and you are interested, we would love to hear from you.
Waterstones is committed to encouraging equity, diversity and inclusion in the workplace, and is dedicated toward eliminating unlawful discrimination.
Our aim is to be truly representative of all sections of society and our customers, and for each employee to feel fully respected and to be able to give their best.
Diversity Statement
At Waterstones, we are committed to creating a workplace that is fair and inclusive to people from all backgrounds, perspectives and experiences, and we strive to promote an inclusive work culture.
We are working hard to ensure our recruitment processes are free from bias, and our aim is to be truly representative of all sections of society and our customers, and for each employee to feel fully respected and able to give their best.
Reasonable Adjustments
We understand that some disabled applicants may, due to the nature of their disability, find some parts of the recruitment process challenging.
If you need any reasonable adjustments during any part of the interview process, please make these known either to your interviewer or the person you liaise with when setting up your interview.
#J-18808-Ljbffr
Information Technology Governance Manager employer: Waterstones
Waterstones is an exceptional employer, offering a dynamic work environment that fosters growth and innovation in the heart of London. With a commitment to equity, diversity, and inclusion, employees are encouraged to thrive while contributing to a beloved brand that has been a cornerstone of bookselling since 1982. The company provides ample opportunities for professional development, a supportive culture, and the chance to be part of a team that values creativity and collaboration.