Cyber Security Lead - Governance, Risk, and Compliance (GRC)

Location: Birmingham, United Kingdom - Hybrid
Salary Range: £70,000 - £80,000 per annum

We are currently searching for a Cyber Security GRC Lead to join our client, whom are a financial services company based in Birmingham and play a crucial role in fortifying their governance, risk, and compliance frameworks.
As the Cyber Security Lead for Governance, Risk, and Compliance (GRC), you will be responsible for overseeing and enhancing their cybersecurity posture within the context of regulatory compliance and risk management. Working closely with cross-functional teams, you will develop and implement strategies to safeguard information assets, ensure compliance with industry standards, and mitigate cyber threats.

This role reports directly to the Chief Information Security Officer (CISO) and offers a unique opportunity to shape and influence the cybersecurity landscape of the organization.

Key Responsibilities:

Governance and Policy Development:

• Develop, implement, and maintain comprehensive cybersecurity policies and procedures aligned with regulatory requirements and industry best practices.
• Ensure that cybersecurity policies are effectively communicated, understood, and adhered to across all levels of the organization.

Risk Management:

• Conduct regular risk assessments to identify potential vulnerabilities and threats to the organization's information systems.
• Collaborate with business units to establish risk mitigation strategies and prioritize remediation efforts.

Compliance Management:

• Stay abreast of evolving regulatory requirements and industry standards related to cybersecurity in the financial services sector.
• Ensure compliance with GDPR, PCI DSS, ISO 27001, and other relevant standards, conducting regular assessments and audits.

Incident Response and Investigations:

• Lead the development and implementation of an effective incident response plan.
• Coordinate and oversee cybersecurity investigations in the event of security incidents, ensuring timely resolution and documentation.

Security Awareness and Training:

• Develop and deliver cybersecurity training programs to educate employees on security best practices.
• Foster a culture of security awareness throughout the organization.

Collaboration and Stakeholder Management:

• Work closely with IT, legal, compliance, and other departments to integrate cybersecurity into overall business processes.
• Communicate effectively with executive leadership, providing regular updates on the cybersecurity program's effectiveness and challenges.

Qualifications:

• Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field.
• Proven experience in a senior cybersecurity role, with a focus on GRC functions.
• Strong understanding of financial services industry regulations and compliance requirements.
• Relevant certifications such as CISSP, CISM, CRISC, or similar.
• Excellent communication and interpersonal skills.

If you are a seasoned cybersecurity professional with a passion for ensuring the security and compliance of a financial services organization, we invite you to apply and be a key player in our client's mission.

Cornwallis Elt is an Employment Agency & Employment Business and has been listed 3 times in The Sunday Times Virgin Fast Track 100 of the UK`s fastest growing private companies, as well as in the Recruitment International Top 250, Top 50 in IT and the Recruiter Fast 50 & Hot 100 reports.