Information Security Governance Manager

The role will be a key contributor to establishing and maintaining a robust governance framework that ensures the strategic alignment of information security initiatives with organisational objectives. The role involves developing, implementing and maintaining policies and procedures, advising senior management on governance strategies, and overseeing the overall adherence to security governance principles.

This important role will support the Information Security Management function and associated processes. This includes process maintenance and continuous improvement, liaising with business stakeholders to ensure information security management is done so effectively.

Key Areas of Responsibility/Accountability:

Governance and Control Framework:

• Work closely with senior management to define and communicate the strategic vision and framework for Information Security governance.
• Lead on the design, implementation and review of the Control Framework of Informa.

Policy Framework Development:

• Develop, implement, review, and update Information Security policies and standards in accordance with regulatory requirements and industry standards.
• Ensure that policies and policy requirements are effectively communicated and clearly articulated across the organisation.

Strategic Alignment:

• Collaborate with business units to align Information Security initiatives with organisational goals and objectives.
• Provide expert guidance to senior management on integrating security governance into overall business strategy.

Compliance Governance Oversight:

• Partner with the IT Compliance function to advise on, and support with, the monitoring and assessment of the organization's compliance with relevant laws, regulations, and industry standards.
• Support customer due diligence requests to validate adherence to Information Security governance requirements.

Risk Governance Oversight:

• Partner with the Information Security Risk Management function to advise on, and contribute, to the development and execution of risk management strategies within the governance framework.
• Support with the monitoring and reporting on the status of risk and of risk mitigation efforts.

Continuous Improvement:

• Drive continuous improvement initiatives for Information Security governance processes.
• Identify and implement opportunities to enhance the efficiency and effectiveness of governance-related activities.

Qualifications

• Considerableexperience in (InfoSec) GRC fundamentals.
• Good stakeholder management and engagement skills.
• Ability to provide strategic guidance on governance matters.
• Proven experience in Information Security, with a focus on GRC.
• Strong understanding of security frameworks, standards, and best practices (ISO 27001, NIST, GDPR, etc.)
• In-depth understanding of security governance frameworks and principles.
• Ability to form complex communications/messages in a simple, clear and concise manner to the various parts of the group.
• Excellent written and verbal communication and presentation skills.
• Effective and creative problem-solving skills.
• Proven track record of operating in time critical, diverse, creative and corporate Environments.
• Experience of working with multiple stakeholders.
• Ability and confidence to prioritise and balance conflicting and diverse demands from technical and business perspectives.

]]>