Head of InfoSec GRC & Awareness

Holborn and Covent Garden
18 hours ago
Create job alert

Location: London (onsite 3 days per week)

Basis: Permanent

Package: TBD, generous salary and benefits

Are you an experienced leader in Information Security Governance, Risk and Compliance looking for your next opportunity to make an impact within an evolving and fast-paced environment? Do you have strong experience of leading internal and 3rd party risk management due diligence processes? If so, apply now.

We are seeking an experienced Head of InfoSec GRC & Awareness to lead governance, risk, compliance, and security awareness initiatives across an organisation at a time of significant modernisation. This pivotal role ensures a robust security posture by developing and enforcing policies, standards, and training programmes aligned with business objectives and regulatory requirements.

The key responsibilities of the Head of Information Security GRC & Awareness are:

Lead the development and enforcement of enterprise-wide information security policies and standards

Drive security governance and cyber maturity through compliance, assurance reviews, and gap analysis

Oversight and improvement of the Information Security Risk Management frameworks and process

Conducting in depth supplier due diligence / third party assurance processes

Manage audit readiness and support internal/external audit activities

Own and deliver the organisation's security awareness programme, including campaigns and tailored training

Depending on the candidate, you would also be involved in developing and implementing an Operational Technology (OT) Security Assurance Framework

The successful candidate will have the following skills, experience and qualifications:

Professional certifications such as CISSP, CISM, ISO27001 Lead Auditor, CLAS etc

Extensive experience in information security or IT governance within large, complex environments

Strong knowledge of security frameworks (ISO/IEC 27001, NIST CSF, CIS Controls, Cyber Essentials)

Proven track record in risk management, policy development, and security awareness initiatives

Excellent communication, leadership, and influencing skills

Very strong experience of driving 3rd party due diligence

Pro-active, pragmatic self-starter with the ability to effectively lead a small team, including those with potentially differing skill sets to their own

Any experience of driving Technical Assurance, Operational Technology (OT) Security Assurance and Penetration Testing would be a bonus

This is an excellent opportunity to lead a critical function within a dynamic organisation, ensuring security resilience and cultural change across the enterprise.

The salary is competitive and we can discuss this directly. For further information, please apply and I will be in touch.

Head of InfoSec GRC & Awareness

Head of Information Security Governance, Risk and Compliance

Related Jobs

View all jobs

Head of InfoSec

Head of IT

Head of Software

Head of Azure Platform Security

Head of Audit - Technology

Head of Oracle Cloud Applications

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Penetration Tester Jobs in the UK: What Employers Actually Want in 2026

The demand for skilled professionals in cyber security has never been higher, and penetration testers sit at the very heart of this rapidly evolving industry. As organisations across the UK continue to digitise their operations, protect sensitive data, and defend against increasingly sophisticated threats, the need for ethical hackers has grown dramatically. If you are considering a career in this field—or looking to advance within it—it is essential to understand what employers are really looking for in 2026. This guide breaks down the current expectations, required skills, certifications, and practical experience that can help you stand out in a competitive job market.

Jobs

SOC Analyst Jobs UK 2026: Salaries, Skills & How to Get Hired

Cyber security is one of the UK's fastest-growing career paths — and SOC analyst is where most people begin. It's in high demand, genuinely accessible, and you don't need a degree or years of experience to get started. But knowing what UK employers actually want in 2026 — what they pay, which certs matter, and how to stand out — is a different matter. This guide covers all of it.

Careers

How Many Cyber Security Tools Do You Need to Know to Get a Cyber Security Job?

If you are trying to build or move forward in a cyber security career, it can feel like the list of tools you are expected to know never ends. One job advert asks for SIEM platforms, another mentions penetration testing tools, another lists cloud security, threat intelligence platforms, endpoint detection, scripting languages and compliance frameworks. Scroll LinkedIn and it gets worse. Everyone seems to “know” dozens of tools, certifications and platforms. Here is the reality most cyber security hiring managers agree on: they are not hiring you because you know every tool. They are hiring you because you understand risk, can think like an attacker and a defender, follow process, communicate clearly and make good decisions under pressure. Tools matter — but only when they support those outcomes. So how many cyber security tools do you actually need to know to get a job? For most job seekers, the answer is far fewer than you think. This article explains what employers really expect, which tools are essential, which are role-specific and how to focus your learning so you look credible, not overwhelmed.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.