Governance & Risk & Compliance Manager

Step into a pivotal role at theforefront of cyber security, driving impact for our client base!

We're looking for an experienced Governance,Risk & Compliance Manager to join our dynamic team. This is youropportunity to take a leading role in shaping and delivering robust securitystrategies that protect our clients and strengthen their resilience againstevolving cyber threats.

As our new GRC Manager, you will be thedriving force behind the implementation of our Information Security ManagementSystem (ISMS) for assigned clients. Your expertise will help organisationsunderstand their security challenges and enable them to enhance their securityposture. You'll lead from the front, fostering aculture of compliance and risk awareness across Sopra Steria, while deliveringtangible value to our clients. This is a chance to make a real impact at theforefront of cyber security.

This is an office-based role, requiring 4-5 days per week at our Hemel Hempstead site.

We can offer great career progressionopportunities, ability to be based anywhere across the UK, benefits which youcan flex to meet your needs and training and development opportunities.

• Implement ISMS strategy, policies and practices for assigned clients.
• Deliver services aligned with ISO27001 standards
• Provide regular reporting on ISMS effectiveness and operational performance.
• Manage security operations in line with organisational policy, standards and industry best practice.
• Conduct security risk and threat assessments (operational and system).
• Engage with internal stakeholders and third-party providers on security, risk and privacy matters.
• Respond to security incidents promptly, ensuring early identification and resolution.
• Oversee threat detection, vulnerability management and remediation activities.
• Represent security considerations in IT and process change assessments.
• Maintain ISMS, Operational Security and Risk Assurance documentation.
• Lead monthly client Security Working Group meetings and stakeholder sessions.
• Ensure audit readiness and support internal/external audits.
• Drive continuous improvement initiatives within Sopra Steria's security function.

• GRC/Operational Security Manager experience with solid understanding and experience with security policies and standards
• Technical proficiency and knowledge across the spectrum of information security solutions and operations
• Knowledge of IT security solutions and their integration and operation into business systems and processes
• Experience of security maturity and developing roadmaps aligned to the priorities of clients
• Experience of ISO/IEC 27001 Compliance and Certification

• CISSP, CISA or CISM certified or equivalent degree in Information Security
• Experience of; MoD, Police or Public Sector experience would be an advantage

If you are interested in this role but notsure if your skills and experience are exactly what we're looking for, pleasedo apply, we'd love to hear from you!

Employment Type: Full-time, Permanent

Location: Hemel Hempstead

Security Clearance Level: DV

Internal Recruiter: Carolyne

Salary: Up to £75,000

Benefits: £5,400 car allowance, 25 days annual leave with the option to buy additional days, private medical, life assurance, pension, and generous flexible benefits fund

Although this role is advertised as full-time,we believe that flexibility at work can promote work/life balance, increaseyour motivation, reduce stress and improves performance and productivity. Wesupport different ways of working and can offer a range of flexible workingarrangements. So, if you're interested and need to work flexibly, we encourageyou to apply and talk to us about what might be possible.

Loved reading about this job and want toknow more about us?

Steria's Aerospace, Defence andSecurity business designs, develops and deploys digital solutions to CentralGovernment clients. The work we do makes a real difference to the client's goalof National Security, and we operate in a unique and privileged environment. Weare given time for professional development activities, and we coach and mentorour colleagues, sharing knowledge and learning from each other. We foster aculture in which employees feel valued and supported and have pride in their workfor the customer, delivering outstanding rates of customer satisfaction in theUK's most complex safety- and security-critical markets.