Information Governance and Assurance Lead
| Posting date: | 05 September 2025 |
|---|---|
| Salary: | £44,590 per year |
| Hours: | Full time |
| Closing date: | 05 October 2025 |
| Location: | Shrivenham, Swindon |
| Remote working: | Hybrid - work remotely up to 2 days per week |
| Company: | Ministry of Defence |
| Job type: | Permanent |
| Job reference: | 423467 |
Summary
The Information Governance Lead is a vital leadership role, responsible for managing risks and providing expert guidance on Information Governance, Information Assurance, Data Protection, and Cyber Security. You will play a key role in safeguarding the organisation’s information assets and systems while enabling innovation, resilience, and compliance.
This position combines strategic oversight with hands-on delivery, driving excellence in all information matters and ensuring the organisation meets its obligations under key legislation, including the Public Records Act, the Data Protection Act 2018, the General Data Protection Regulation (GDPR), and the Data Use & Access Act 2025.
Key Responsibilities
As a key enabler of the HQ’s information maturity and culture, the Information Governance Lead will:
Lead and Inspire: Manage and mentor a high-performing team of two direct reports and one countersigning role, fostering motivation and excellence.
Drive Information Maturity: Develop and implement initiatives to enhance the organisation’s information maturity, embedding a proactive information culture across the whole HQ with a focus on Information Assurance (IA) and Cyber Risk.
Champion Compliance: Act as the focal point for the HQ, ensuring compliance with GDPR, the Data Protection Act 2018, and the Data Use & Access Act 2025, while providing expert advice and guidance.
Support Strategic Governance: Lead governance activities aligned to the UKStratCom Digital and Data Sub-Strategy, ensuring robust and forward-looking digital and data practices.
Deliver Assurance: Conduct audits and assessments to evaluate information management practices, identify areas for improvement, and drive corrective actions.
Protect Critical Systems: Collaborate with stakeholders to identify and map business-critical systems, advising on the embedding of secure-by-design principles throughout their lifecycle—from design to decommissioning.
Manage Cyber Risk: Lead efforts to assess, mitigate, and manage cyber risks, confirming that appropriate controls are in place to protect critical information assets and align practices with industry standards.
Upskill and Develop: Pursue continuous professional development to stay at the forefront of information governance and assurance best practices.
This role is critical to ensuring the organisation’s information assets and systems are secure, effective, and compliant with all relevant policies and legislation, while fostering a culture of continuous improvement and innovation.
This position combines strategic oversight with hands-on delivery, driving excellence in all information matters and ensuring the organisation meets its obligations under key legislation, including the Public Records Act, the Data Protection Act 2018, the General Data Protection Regulation (GDPR), and the Data Use & Access Act 2025.
Key Responsibilities
As a key enabler of the HQ’s information maturity and culture, the Information Governance Lead will:
Lead and Inspire: Manage and mentor a high-performing team of two direct reports and one countersigning role, fostering motivation and excellence.
Drive Information Maturity: Develop and implement initiatives to enhance the organisation’s information maturity, embedding a proactive information culture across the whole HQ with a focus on Information Assurance (IA) and Cyber Risk.
Champion Compliance: Act as the focal point for the HQ, ensuring compliance with GDPR, the Data Protection Act 2018, and the Data Use & Access Act 2025, while providing expert advice and guidance.
Support Strategic Governance: Lead governance activities aligned to the UKStratCom Digital and Data Sub-Strategy, ensuring robust and forward-looking digital and data practices.
Deliver Assurance: Conduct audits and assessments to evaluate information management practices, identify areas for improvement, and drive corrective actions.
Protect Critical Systems: Collaborate with stakeholders to identify and map business-critical systems, advising on the embedding of secure-by-design principles throughout their lifecycle—from design to decommissioning.
Manage Cyber Risk: Lead efforts to assess, mitigate, and manage cyber risks, confirming that appropriate controls are in place to protect critical information assets and align practices with industry standards.
Upskill and Develop: Pursue continuous professional development to stay at the forefront of information governance and assurance best practices.
This role is critical to ensuring the organisation’s information assets and systems are secure, effective, and compliant with all relevant policies and legislation, while fostering a culture of continuous improvement and innovation.