Head of Cybersecurity Governance Risk and Compliance
| Dyddiad hysbysebu: | 05 Awst 2025 |
|---|---|
| Cyflog: | Heb ei nodi |
| Gwybodaeth ychwanegol am y cyflog: | £70,000 per annum, plus car / car allowance, 33 days holiday, pension, life assurance, employee assistance programme, wellbeing support, and flexible benefits scheme |
| Oriau: | Llawn Amser |
| Dyddiad cau: | 04 Medi 2025 |
| Lleoliad: | Oxford |
| Cwmni: | Unipart Group |
| Math o swydd: | Parhaol |
| Cyfeirnod swydd: | 1625 |
Crynodeb
Job Advert
Head of Cybersecurity Governance Risk and Compliance
Mainly remote based working in the UK with travel to Oxford, Cowley (OX4 2GQ) occasionally
£70,000 per annum, plus car / car allowance, 33 days holiday, pension, life assurance, employee assistance programme, wellbeing
support, and flexible benefits scheme
About the Job
As our Head of Cybersecurity Governance Risk and Compliance you’ll work closely with business and technology teams, helping to
articulate and communicate the InfoSec governance program, identify risks and evaluate and help implement controls and
improvements.
As part of your key responsibilities you’ll:
* Manage the day to day of the function and team
* Support the management of Information Security governance for the organisation, ensuring adherence to Group policies and
standards
* Ensure key Information Security risks and issues are identified, addressed and resolved in a timely manner
* Work closely with the Director of Information Security to ensure Group security strategy is appropriately implemented, and
divisional requirements are understood and supported
* Assist in management of the Group’s Information Security Management System including maintenance of the ISO 27001 certification
* Engage with the IT Security Operations team and assist the Director of Information Security in providing oversight and
challenge to that function
* Participate in periodic security related testing activities (e.g. Crisis planning events, DR exercises)
* Prioritise and manage response activities
* Drive the audit and client management aspects of the Information Security team, including client due diligence questionnaires,
and help design more effective procedures in this space
* Improve and support relevant security metrics; analyse data, identify trends and drive improvements to the control environment
* Assist in general Information Security related issues as required, including potential interaction with the Security Operations
team, Technology teams and business stakeholders
* Working with the Security Architect ensure alignment of bid requirements with existing InfoSec standards and liaise with
relevant teams for resolution where non-standard requirements are identified
About You
We’d love you to have the following skills and experience, but please apply if you think you’d be able to perform well in this
role!
* Excellent written and verbal communication skills
* Previous experience within a GRC function, IT Security/Cyber team, Internal Audit or an IT environment
* Hands on practical experience of ensuring full compliance with legal & regulatory frameworks including ISO 27001
* Risk management
* Strong leadership and communication skills, with the ability to motivate and manage a team
Our recruitment and selection process has been developed to ensure that it is consistent, fair and provides equality of
opportunity - all selection decisions are based solely on technical and behavioural competencies. We do not discriminate on the
grounds of race, colour, or nationality, ethnic or national origins, sex, gender reassignment, sexual orientation, marital or
civil partnership status, pregnancy or maternity, disability, religion or belief, age or any other current or future protected
characteristic as defined in the current Equality Act of England and Wales. As an organisation we also promote an environment
which encourages diversity of characteristics and thought, where you feel included, safe and confident to be the best version of
yourself and do your best work every day.
Head of Cybersecurity Governance Risk and Compliance
Mainly remote based working in the UK with travel to Oxford, Cowley (OX4 2GQ) occasionally
£70,000 per annum, plus car / car allowance, 33 days holiday, pension, life assurance, employee assistance programme, wellbeing
support, and flexible benefits scheme
About the Job
As our Head of Cybersecurity Governance Risk and Compliance you’ll work closely with business and technology teams, helping to
articulate and communicate the InfoSec governance program, identify risks and evaluate and help implement controls and
improvements.
As part of your key responsibilities you’ll:
* Manage the day to day of the function and team
* Support the management of Information Security governance for the organisation, ensuring adherence to Group policies and
standards
* Ensure key Information Security risks and issues are identified, addressed and resolved in a timely manner
* Work closely with the Director of Information Security to ensure Group security strategy is appropriately implemented, and
divisional requirements are understood and supported
* Assist in management of the Group’s Information Security Management System including maintenance of the ISO 27001 certification
* Engage with the IT Security Operations team and assist the Director of Information Security in providing oversight and
challenge to that function
* Participate in periodic security related testing activities (e.g. Crisis planning events, DR exercises)
* Prioritise and manage response activities
* Drive the audit and client management aspects of the Information Security team, including client due diligence questionnaires,
and help design more effective procedures in this space
* Improve and support relevant security metrics; analyse data, identify trends and drive improvements to the control environment
* Assist in general Information Security related issues as required, including potential interaction with the Security Operations
team, Technology teams and business stakeholders
* Working with the Security Architect ensure alignment of bid requirements with existing InfoSec standards and liaise with
relevant teams for resolution where non-standard requirements are identified
About You
We’d love you to have the following skills and experience, but please apply if you think you’d be able to perform well in this
role!
* Excellent written and verbal communication skills
* Previous experience within a GRC function, IT Security/Cyber team, Internal Audit or an IT environment
* Hands on practical experience of ensuring full compliance with legal & regulatory frameworks including ISO 27001
* Risk management
* Strong leadership and communication skills, with the ability to motivate and manage a team
Our recruitment and selection process has been developed to ensure that it is consistent, fair and provides equality of
opportunity - all selection decisions are based solely on technical and behavioural competencies. We do not discriminate on the
grounds of race, colour, or nationality, ethnic or national origins, sex, gender reassignment, sexual orientation, marital or
civil partnership status, pregnancy or maternity, disability, religion or belief, age or any other current or future protected
characteristic as defined in the current Equality Act of England and Wales. As an organisation we also promote an environment
which encourages diversity of characteristics and thought, where you feel included, safe and confident to be the best version of
yourself and do your best work every day.