Cyber Security GRC Lead

Cyber Security GRC Lead

Wellingborough (Hybrid)

Salary: £67,000 - £75,000 per annum (DOE)

Own the bank's cyber governance framework, lead ISO 27001 end to end, and set the standard for how cyber risk is managed across the business.

Reporting to the Head of Cyber, this role puts you at the centre of how we govern, assess, and manage cyber security risk. You will act as a trusted advisor to colleagues and senior stakeholders, shaping our Cyber Governance, Risk Management and Compliance function, strengthening risk culture and ensuring we meet regulatory and security expectations.

Based at our Wellingborough head office, you will have the flexibility to work from home up to two days per week.

Why join us?

Your work will directly protect the organisation, its clients, colleagues, and partners from cyber threats. You will have real ownership, the freedom to set priorities, and support from a well regarded and approachable line manager who is invested in your success.

We offer a comprehensive benefits package including private medical insurance, enhanced family leave, income protection, and pension. For the full range of benefits please see

What you'll do

• Own and develop the security control assessment process, ensuring cyber risks are identified, assessed, and managed effectively.
• Drive accountability for cyber risk mitigation and control compliance across the business.
• Monitor emerging threats and adjust risk assessments and controls proactively.
• Act as ISO 27001 Lead, maintaining and improving the ISMS and supporting audit readiness.
• Lead and oversee security risk assessments, including third party due diligence.
• Provide expert consultancy to projects, embedding security requirements from design through delivery.
• Produce clear, meaningful cyber risk and compliance reporting for senior stakeholders.

What you'll bring

• Extensive experience in cyber security, with a strong track record in GRC focused roles.
• Deep understanding of risk management and how to build a strong risk culture.
• Working knowledge of data protection law, ISO 27001, SOC 2, NIST, and SOX.
• Confidence translating technical risk into clear business level insight.
• Certification in at least one of: CRISC, CISM, CISSP, ISO 27001 Lead Implementor or ISO 27001 Lead Auditor.

Ready to take the next step in your career? We'd love to hear from you.

Our commitment to inclusion

At Weatherbys Banking Group, we're committed to building a diverse and inclusive workplace where everyone feels respected, supported, and empowered to thrive. We believe that different perspectives and lived experiences make us stronger, and we actively welcome applications from people of all backgrounds and communities.

As a proudDisability Confident Committedemployer, we're dedicated to creating an environment that's accessible and inclusive for all. If you have a disability and meet the minimum criteria for the role, you'll be guaranteed an interview. If you need any adjustments during the recruitment process, please let us know we are here to support you.