Governance, Risk & Compliance Lead

Overview

Spectrum IT are supporting a highly established international innovation and manufacturing business in the search for a Governance, Risk & Compliance (GRC) Lead. This role will continue to strengthen the enterprise risk, security and compliance posture while establishing and maturing group wide governance frameworks, improving disaster recovery and identity governance controls, managing third party cyber risk, and ensuring compliance with standards such as ISO27001 and Cyber Essentials+.

The role will work closely with IT, security and business stakeholders, providing clear risk visibility to senior leadership while also driving hands on improvements that materially reduce operational and cyber risk.

Key Responsibilities

Governance

Develop and implement governance frameworks, policies, and standards

Establish and manage Disaster Recovery governance (RPO/RTO, testing, documentation)

Align governance structures with regulatory and contractual obligations

Promote a risk-aware culture across IT and the wider business

Enterprise Risk Management

Identify, assess, and manage enterprise IT risks (DR, identity, supplier risk, SPOFs)

Maintain and evolve the corporate risk register

Define mitigation strategies and track remediation progress

Report risk posture, metrics, and KRIs to senior leadership and board

Compliance

Lead compliance programmes (ISO27001, Cyber Essentials+, GDPR)

Manage internal/external audits and evidence collection

Monitor regulatory change and ensure ongoing compliance

Deliver compliance training across IT and business teams

Technology & Security Controls

Oversee identity governance (JML processes, credential risk)

Lead third-party and supplier cyber risk management

Ensure controls across cloud, ERP, and critical systems meet best practice

Own incident response governance and playbooks

Leadership & Stakeholder Management

Act as a trusted advisor to executive leadership on GRC matters

Collaborate across IT, Security, HR, Procurement, and business units

Build and scale GRC capability as the function mature

Skills & Experience

Extensive experience in GRC, IT risk, cybersecurity, or internal audit

Proven experience implementing risk and compliance frameworks

Strong knowledge of ISO27001/2, NIST CSF, GDPR, and enterprise risk models

Experience across DR, identity governance, supplier risk, and compliance programmes

Strong stakeholder management and communication skills

Ability to translate technical risk into business impact

Desirable

Certifications: CISA, CRISC, CISSP, ISO27001 Lead Implementer/Auditor

Experience in cloud, ERP, and enterprise IT environments

Exposure to board-level reporting and governance forums

For more information and to submit your interest, please apply with an updated CV. Candidates for this role will be within a suitable commuting distance of the Dublin office.

Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy