Enable job alerts via email!
VP, IT Security Risk - RSA Archer, NIST, GRC - London - Hybrid
ZipRecruiter
London
Hybrid
GBP 80,000 - 120,000
Full time
Job summary
A leading company is seeking a VP-level Information & Cyber Security professional to join their growing security governance and risk team in London. This strategic role focuses on enhancing the organization's cybersecurity posture while ensuring compliance with industry regulations. Responsibilities include maintaining security policies, conducting risk assessments, and representing security in audits. Successful candidates will possess extensive experience in information security, particularly in security risk management and familiarity with GRC tools.
Qualifications
- 5+ years in Information/Cyber Security, 2+ years in security risk.
- Strong background in GRC tools, especially RSA Archer.
- Certifications: CISM, CRISC, and CISA preferred.
Responsibilities
- Own and maintain security policies and governance frameworks.
- Conduct risk assessments and maintain risk register.
- Deliver risk reporting and metrics to stakeholders.
Skills
Education
Tools
Job description
Job Description
VP, IT Security Risk - RSA Archer, NIST, GRC - London - Hybrid
A strategic opportunity for a VP-level Information & Cyber Security professional to join a growing security governance and risk team. Drive enterprise-level cyber risk management, compliance, and security posture enhancement in a highly regulated environment.
Key Responsibilities:
Own and maintain security policies, standards, procedures, and governance frameworks
Align risk management with NIST CSF, NIST 800-53, and industry regulations
Act as a trusted security advisor to business and technical stakeholders
Lead and conduct detailed risk assessments, maintaining the risk register in RSA Archer
Identify and evaluate information security risks; support remediation and treatment strategies
Track and monitor risk remediation through life cycle to acceptable closure
Contribute to organization-wide cybersecurity risk strategies and control improvements
Run post-incident/assessment lessons learned forums and influence control evolution
Represent security in internal/external audits and assessments
Deliver detailed risk reporting and metrics to key stakeholders
Key Skills & Experience:
5+ years in Information/Cyber Security, with 2+ years focused on security risk
Strong background in GRC tools - RSA Archer strongly
Deep understanding of security risk management, taxonomy, and control frameworks
Strong attention to detail with expert-level documentation and reporting ability
Ability to communicate complex security issues clearly to technical and non-technical audiences
Familiarity with vulnerability and incident management processes
Effective collaboration across compliance, tech, audit, and ops teams
Experience in financial services or banking environments
Desirable Certifications:
MSc in Information Security, CISM, CRISC, CISA, or similar credentials
Knowledge of frameworks including ISO 27001, SOC 1 & 2
Certifications in Prince2, MSP, or APMQ a bonus
Location & Working Model:
Based in London
Hybrid model - 2 days onsite per week
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
