Head of Cyber Risk and Assurance

As part of an exciting and ambitious digital transformation, the University of Surrey is seeking a Head of Cyber Risk & Assurance to develop and implement the University's enterprise-wide governance, risk and compliance plan.

You will ensure robust risk management frameworks support the University's mission whilst maintaining regulatory compliance and stakeholder confidence.

We value, empower and support every member of staff to get the best out of your unique talents, so you’ll be rewarded with a generous salary, 32 days holiday PLUS Bank Holidays, pension contribution of 14.5%, and a unique and vibrant working environment.

The role requires strategic thinking, exceptional stakeholder management, and the ability to translate complex risk scenarios into clear business recommendations for senior leadership and governance committees.

Responsibilities include:

• Develop and implement the University's enterprise cyber risk and compliance strategy whilst designing governance frameworks, policies, and procedures that align with institutional objectives
• Represent/support the Director of Cyber Security in stakeholder meetings, acting as subject matter expert on governance and risk matters as required
• Establish and operate enterprise-wide cyber risk management programmes, maintaining institutional cyber risk registers and providing risk intelligence to senior leadership and governing bodies
• Lead cyber risk and compliance aspects of incident response, including impact assessments and remediation planning.
• Maintain comprehensive oversight of all regulatory compliance requirements including PCI-DSS, NHS DSP Toolkit, Cyber Essentials+ and emerging frameworks. Establish continuous monitoring and assurance programmes for ongoing compliance whilst managing regulatory notification requirements and external regulatory engagements.
• Oversee comprehensive third-party risk management including vendor assessments, contract security reviews and ongoing supplier monitoring.
• Provide strategic direction for cyber risk and compliance technology platforms including OneTrust, Bitsight and other governance tools, ensuring utilisation and ROI.

The IT team at Surrey are plugged in to the whole University, and our digital transformation work underpins the University’s strategy. IT is growing our digital transformation capability, improving student experience, and helping increase our research impact.

It’s a vibrant and exciting time to join a great and well-respected team at the heart of the University’s strategic plans.

We think Surrey is an amazing place to work, and we are carefully crafting a dynamic, flexible, and fun place to work and thrive.

Our campus is a beautiful, leafy environment with carefully designed gardens, vibrant green playing fields, and a picturesque lake. With the buzz of student life and superb working facilities, the University is a global community of ideas and people, dedicated to life-changing education and research in an inspiring, innovative and diverse environment.

Alongside our gorgeous campus setting, collegiate on-site atmosphere and plentiful development opportunities, we also offer:

• Competitive Salary
• Market leading Pension
• Up to 40 DAYS Holiday: 25 Days annual leave + 7 University Days + Bank Holidays
• Travel & Family benefits including subsidised rail fare, cycle to work scheme and on-site childcare
• Access to on site leisure facilities at discounted rates

For more information or to be considered for the role, please apply via the University of Surrey Website.

The University is committed to providing an inclusive environment that offers equal opportunities for all. We place great value on diversity and are seeking to increase the diversity within our community. Therefore, we particularly encourage applications from under-represented groups, such as people from Black, Asian and minority ethnic groups and people with disabilities.