Governance, Risk & Compliance Lead

Overview Spectrum IT are supporting a highly established international innovation and manufacturing business in the search for a Governance, Risk & Compliance (GRC) Lead. This role will continue to strengthen the enterprise risk, security and compliance posture while establishing and maturing group wide governance frameworks, improving disaster recovery and identity governance controls, managing third party cyber risk, and ensuring compliance with standards such as ISO27001 and Cyber Essentials+. The role will work closely with IT, security and business stakeholders, providing clear risk visibility to senior leadership while also driving hands on improvements that materially reduce operational and cyber risk. Key Responsibilities Governance Develop and implement governance frameworks, policies, and standards Establish and manage Disaster Recovery governance (RPO/RTO, testing, documentation) Align governance structures with regulatory and contractual obligations Promote a risk-aware culture across IT and the wider business Enterprise Risk Management Identify, assess, and manage enterprise IT risks (DR, identity, supplier risk, SPOFs) Maintain and evolve the corporate risk register Define mitigation strategies and track remediation progress Report risk posture, metrics, and KRIs to senior leadership and board Compliance Lead compliance programmes (ISO27001, Cyber Essentials+, GDPR) Manage internal/external audits and evidence collection Monitor regulatory change and ensure ongoing compliance Deliver compliance training across IT and business teams Technology & Security Controls Oversee identity governance (JML processes, credential risk) Lead third-party and supplier cyber risk management Ensure controls across cloud, ERP, and critical systems meet best practice Own incident response governance and playbooks Leadership & Stakeholder Management Act as a trusted advisor to executive leadership on GRC matters Collaborate across IT, Security, HR, Procurement, and business units Build and scale GRC capability as the function mature Skills & Experience Extensive experience in GRC, IT risk, cybersecurity, or internal audit Proven experience implementing risk and compliance frameworks Strong knowledge of ISO27001/2, NIST CSF, GDPR, and enterprise risk models Experience across DR, identity governance, supplier risk, and compliance programmes Strong stakeholder management and communication skills Ability to translate technical risk into business impact Desirable Certifications: CISA, CRISC, CISSP, ISO27001 Lead Implementer/Auditor Experience in cloud, ERP, and enterprise IT environments Exposure to board-level reporting and governance forums For more information and to submit your interest, please apply with an updated CV. Candidates for this role will be within a suitable commuting distance of the Dublin office. Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy