Cyber Security Governance Lead

At Nortal, we believe in thinking big-creating digital solutions with meaningful, far-reaching impact. With over 2,000 professionals across 26 locations, we've spent over two decades helping governments, enterprises, and healthcare institutions in Europe, North America and the Middle East build secure digital organizations, businesses and entire societies.

In the UK, we are proud to empower government and defence organisations to transform their operations, services and digital infrastructure, delivering human-centric, resilient, and secure solutions.

We provide top-tier cybersecurity services that enable organizations to operate with confidence - securing supply chains, ensuring compliance, and fortifying critical systems.

We are seeking an experienced Cyber Security Governance Lead to join our team and work with clients focussing on national security and infrastructure. This pivotal role will help shape cybersecurity governance by developing robust frameworks, implementing effective structures, and aligning operational models with industry standards and regulatory expectations.

As a trusted advisor in a multidisciplinary environment, you will work across functions to embed secure-by-design principles, assess cyber workforce requirements, and lead the development of governance policies and controls.

• Design and implement effective cyber governance structures and risk management processes.
• Develop organisational models that strengthen governance and streamline cybersecurity operations.
• Collaborate with multi-disciplinary teams to embed cybersecurity into governance frameworks, considering people, process, and technology.
• Propose workforce structures and SQEP (Suitably Qualified and Experienced Personnel) requirements for steady-state operations.
• Define, monitor, and report metrics to measure the effectiveness of cyber governance.
• Lead continuous improvement initiatives and mentor key personnel within governance functions.
• Ensure all policies, procedures, and controls are compliant with regulatory standards (NCSC, ISO 27001, NIST, CIS Controls).
• Identify, assess, and manage risks to project or organisational goals.
• Build alignment with executive stakeholders, board members, and external partners to ensure accountability and clear decision-making processes.

• A proven track record in leading cybersecurity risk and governance transformations in complex or government/defence environments.
• Deep knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Controls) and regulatory obligations.
• Experience designing and implementing cybersecurity governance structures from the ground up.
• Strong analytical and strategic thinking skills to assess risks and influence operational change.
• Excellent communication and stakeholder engagement skills
• Demonstrated ability to manage concurrent projects and priorities under tight deadlines.
• A passion for innovation and continuous learning in cybersecurity.

• Professional certifications: CISSP, CISM, CRISC (or equivalent experience).
• Minimum 10 years' experience in cybersecurity transformation, ideally in a defence or maritime context.
• UK Government security clearance (DV/SC)

• We live by our values: commit to delivering value and results, take ownership, empower yourself and others, and own your future and growth
• A collaborative and agile work environment working with industry experts
• Opportunities for professional development through training and mentorship
• An international team with a people-oriented culture, work-life balance, and flexible work arrangements.