FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Information Security Governance and Risk Manager
UK Research and InnovationManage UKRI's Information Security Governance, Risk and Assurance function in a collaborative environment. Lead security initiatives, compliance, and risk management within a leading research organization.
Tech Stack
Tools & technologiesAWSAzureCloud
About the role
Key responsibilities & impact- Own and lead UKRI’s Information Security Governance, Risk and Assurance framework.
- Own, operate and continuously improve the Information Security Management System (ISMS).
- Provide end‑to‑end security assurance for cloud and enterprise services (AWS and Azure).
- Define and maintain UKRI’s security policy and control framework.
- Enable and support risk ownership across UKRI’s federated technology and business teams.
- Develop and maintain meaningful security metrics, dashboards and management information.
- Define, deliver and track a multi‑year security governance, risk and assurance roadmap.
- Lead security assessment, testing and remediation activity.
- Provide ongoing oversight of supplier and third‑party security risk.
- Establish and maintain enterprise visibility of assets, services and data risk context.
- Provide governance leadership across incident management, people, suppliers and assurance partnerships.
- Ensure governance‑level oversight of significant security incidents.
Requirements
What you’ll need- Degree in a related subject or relevant comparable education.
- A professional qualification (e.g., CISM, CISSP, CCSP, ISO 27001 Lead Implementer/Lead Auditor).
- Effective decision-making, communication and interpersonal skills, with the ability to adapt communication style and approach to different environments and audiences.
- Self-motivated, shows initiative and works with minimal direction, demonstrating strong customer focus.
- Changing and improving processes, systems, and people to achieve positive outcomes.
- Strong knowledge of information security governance, risk management and compliance, including operating within an ISO/IEC 27001 management system.
- In-depth understanding of cloud security principles and practices for AWS and Azure, including secure configuration, identity, logging, network controls and data protection.
- Ability to coordinate and communicate security risk issues at a senior level and propose solutions that are appropriate, proportionate and effective.
- Strong problem-solving and analytical skills, including interpreting technical evidence and translating it into business risk.
Benefits
Comp & perks- An outstanding defined benefit pension scheme
- 30 days' annual leave in addition to 10.5 public and privilege days (full time equivalent)
- Employee discounts and offers on retail and leisure activities
- Employee assistance programme, providing confidential help and advice
- Flexible working options
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
Information Security GovernanceRisk ManagementInformation Security Management System (ISMS)Security AssuranceCloud SecurityISO/IEC 27001Security AssessmentSecurity MetricsData ProtectionIncident Management
Soft Skills
Decision-MakingCommunicationInterpersonal SkillsSelf-MotivatedInitiativeCustomer FocusProblem-SolvingAnalytical SkillsAdaptabilityLeadership
Certifications
CISMCISSPCCSPISO 27001 Lead ImplementerISO 27001 Lead Auditor