Head of IT & Security Governance Risk and Compliance (GRC)

Head of GRC

We are partnering with an international organisation looking to bring in an interim head of GRC to lead the end-to-end security risk environment. We are looking for candidates who have built and run GRC teams in large federated businesses.

Location : London (3 x days a week)

Day Rate : Competitive

IR35 : Inside

Duration : 3 to 6 months

• Own and lead cyber and information security risk management, controls, and governance to ensure compliance with risk appetite, regulations, and best practice.
• Maintain the Group security governance framework, including policies, standards, ISMS, and certifications.
• Partner with Group, Audit, and Risk teams to embed effective controls, manage audit findings, and improve enterprise risk management.
• Oversee IT and security controls testing, metrics, KPIs, and reporting to demonstrate risk reduction and value.
• Lead the IT & Security GRC team, acting as a security risk SME and supporting the Group CISO and wider security function.