Governance, Risk & Compliance Lead

Spectrum IT are supporting a highly established international innovation and manufacturing business in the search for aGovernance, Risk & Compliance (GRC) Lead. This role will continue to strengthen the enterprise risk, security and compliance posture while establishing and maturing group wide governance frameworks, improving disaster recovery and identity governance controls, managing third party cyber risk, and ensuring compliance with standards such as ISO27001 and Cyber Essentials+.

The role will work closely with IT, security and business stakeholders, providing clear risk visibility to senior leadership while also driving hands on improvements that materially reduce operational and cyber risk.

Key Responsibilities

• Governance
  • Develop and implement governance frameworks, policies, and standards
  • Establish and manage Disaster Recovery governance (RPO/RTO, testing, documentation)
  • Align governance structures with regulatory and contractual obligations
  • Promote a risk-aware culture across IT and the wider business
• Enterprise Risk Management
  • Identify, assess, and manage enterprise IT risks (DR, identity, supplier risk, SPOFs)
  • Maintain and evolve the corporate risk register
  • Define mitigation strategies and track remediation progress
  • Report risk posture, metrics, and KRIs to senior leadership and board
• Compliance
  • Lead compliance programmes (ISO27001, Cyber Essentials+, GDPR)
  • Manage internal/external audits and evidence collection
  • Monitor regulatory change and ensure ongoing compliance
  • Deliver compliance training across IT and business teams
• Technology & Security Controls
  • Oversee identity governance (JML processes, credential risk)
  • Lead third-party and supplier cyber risk management
  • Ensure controls across cloud, ERP, and critical systems meet best practice
  • Own incident response governance and playbooks
• Leadership & Stakeholder Management
  • Act as a trusted advisor to executive leadership on GRC matters
  • Collaborate across IT, Security, HR, Procurement, and business units
  • Build and scale GRC capability as the function mature

Skills & Experience

• Extensive experience in GRC, IT risk, cybersecurity, or internal audit
• Proven experience implementing risk and compliance frameworks
• Strong knowledge of ISO27001/2, NIST CSF, GDPR, and enterprise risk models
• Experience across DR, identity governance, supplier risk, and compliance programmes
• Strong stakeholder management and communication skills
• Ability to translate technical risk into business impact

Desirable

• Certifications: CISA, CRISC, CISSP, ISO27001 Lead Implementer/Auditor
• Experience in cloud, ERP, and enterprise IT environments
• Exposure to board-level reporting and governance forums

For more information and to submit your interest, please apply with an updated CV. Candidates for this role will be within a suitable commuting distance of the Dublin office.

Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.