Head of Cyber Security Governance, Risk and Compliance

We are currently recruiting for a Head of Governance, Risk and Compliance , reporting to the Global Chief Information Security Officer (CISO), to lead our Governance, Risk and Compliance teams, ensure Tunstall is protected from cyber threats and support our business to innovate, grow, and flourish under secure conditions.

This is an incredibly exciting time to join Tunstall as we embark on an exciting period of transformation. You will be joining a recently created and growing global Information Security team within Tunstall and play a key part in the success of this transformation.

This role would be based at our Madrid office working on a hybrid basis. We are flexible on the number of days in the office and location and would consider applications from people who can work at one of our other European offices (Malmo, Sweden, or Manchester or Yorkshire in the UK).

What will you be doing in this role?

As our Head of Governance, Risk and Compliance (GRC) , you will build a highly engaged and trained team with the required capabilities and competencies to ensure proper governance of our security functions globally, that cyber risks are properly addressed, and Tunstall meets all required regulatory and compliance requirements for the business to operate.

Leading the development and implementation of comprehensive corporate cybersecurity policies, standards, and procedures, ensuring they are current, relevant, and communicated effectively across the organisation is key to the success of this role.

Whilst this is a senior position, it will require hands-on work as well, so you must be happy to work at the strategic, tactical, and operational level as required.

The Ideal candidate :

To be successful in this role you will have substantial experience in cybersecurity, with proven experience as a leader in governance, risk and compliance within complex, multinational organisations. You will have a deep understanding of the cybersecurity market, trends, risk frameworks, and security standards and regulations.

With a naturally collaborative style, excellent written and verbal communication skills, and an analytical mindset, you will be able to engage and influence senior stakeholders globally. You will be an effective people manager, able to coach and motivate a team, driving high performance. The ability to navigate within varying operational levels from the functional to the strategic is vital to the success of this role.

In addition, you will be proactive, with a high attention to detail, taking ownership of tasks, able to solve problems effectively, and be tenacious in your approach to ensure completion of tasks and projects to time and of required quality.

What we offer :

• Hybrid Working,
• Competitive salary + potential bonus,
• Boost your learning and growth through access to a Talent Library with over 800 courses, and access to Udemy or O’Reilly learning platforms,
• A warm and welcoming team environment and a chance to build a rewarding career.

Some of your key tasks will be…

• Build a highly engaged and trained team with the required capabilities and competencies to achieve the stated mission,
• Coordinate, drive direction and oversee the team to ensure that the outcome and achievements of the team are aligned with the overall information security strategy and the business objectives,
• Lead the development and implementation of comprehensive corporate cybersecurity policies, standards, and procedures, ensuring they are current, relevant, and communicated effectively across the organisation,
• Oversee the application of the global risk management framework in all countries and businesses,
• Align and influence the business and technology areas in the countries and at Group level to adopt and follow the global framework,
• Own the key performance indicators (KPIs) and metrics that help InfoSec to measure and communicate our risk posture consistently in operational and high-level forums, including to the Board,
• Ensure security compliance and audit requirements are planned and met in all regions,
• Oversee the security culture, training and awareness programmes and support the Lead in building partnerships and influencing business and technology areas,
• Support the Global CISO in managing the overall InfoSec budget and strategic plans and initiatives, and oversee operational activities of the GRC team, aligning those with the Global InfoSec and Tunstall Technology Group budget and plans,
• Report in senior-level forums about the performance and key activities conducted by the GRC function,
• Provide guidance to senior stakeholders on emerging security and privacy regulatory requirements,
• Influence stakeholders in technology areas and the business to transform current ways of working and priorities towards becoming a secure organisation,
• Partner with technology and business leaders to integrate GRC initiatives with broader business objectives,
• Keep a constant innovative, challenging and constructive attitude towards continuous improvement.

Key skills and experience :

• Substantial experience in cybersecurity roles, with proven experience as a leader in governance, risk and compliance,
• Previous experience in senior management positions in complex, multinational organisations,
• Deep understanding of the cybersecurity market, trends, risk frameworks and security standards and regulations,
• Excellent written and verbal communication skills,
• Strong background in governance, risk management or compliance areas, and ability to work at high level whilst paying attention to the details,
• Ability to manage complexity and make decisions with limited information or under uncertainty,
• Bachelor’s degree in a technical or non-technical discipline, or equivalent experience,
• You must be able to communicate effectively in English (ie CEFR C1).

Desirable skills and experience :

• Spanish or Swedish language skills

J-18808-Ljbffr