Head of Governance, Risk & Compliance

  • Location

    London, England

  • Sector:


  • Job type:


  • Salary:


  • Contact:

    Andrew Pennycook

  • Contact email:


  • Job ref:


  • Published:

    7 months ago

  • Duration:

    6 months

  • Expiry date:


  • Start date:


Head of Governance, Risk & Compliance
Location: London
Interim duration: 6 Months
Market Rates

Job Description Summary

Cyber Security and Technology Risk team is seeking a dynamic leader to help grow the Governance, Risk and Compliance (GRC). This role will be responsible for all aspects of the GRC programme. Additionally, this role will require partnership and coloration across the organisation.

This individual will be recognized as a subject matter expert in the area of strategic and tactical initiatives and have strong business consulting experience. We are seeking an individual that will drive best in class solutions and service. The candidate must have demonstrated experience successfully managing a global team, as well as coordinating with product management, shared services and sales teams in a matrixed environment. The candidate must also have direct experience and effectiveness communicating across all tiers of the organization from technologists to the 'C' suite.

Essential Responsibilities:
· Experience of leading the strategic direction of a global GRC function in multi-national cyber security and technology risk function
· Leadership for Policy changes due to Regulatory landscape (GDPR, FINRA & MAS) including implementation of compliance requirements
· Accountability for the Security Contract Playbook (Customer, Partner & Suppliers)
· Mergers & Acquisitions security reviews experience
· Accountable for attestation consolidation programme
· Experience of co-ordinating and managing multiple large scale and complex projects by defining scope, measuring progress, overseeing implementation and interpreting results.
· Oversight and transformation of global vendor risk management programme
· Increasing effectiveness of the internal security policy compliance programme
· Establish and lead security policy working group
· Develop remediation tracking and remediation capabilities across all GRC domains
· Set goals, work efforts, and evaluate results to ensure that departmental and organizational objectives and operating requirements are met and are in line with the needs and mission of the organization
· Strong understanding of the risk that could impact the reputation of the company and be able to influence the leadership to act appropriately
· Working knowledge of information system testing, auditing, risk analysis, risk management principles and best practices.
· Excellent communication skills with the ability to effectively present thoughts to key stakeholders to influence adoption of innovative recommendations.

· Bachelor's degree in Information Technology related area
· Must possess strong verbal & written communication skills
· A minimum of 10+ years of relevant experience in Governance, Risk and Compliance in a regulated financial services environment
· Seasoned leader who has led large global teams in a matrixed environment
· Awareness of industry trends and developments
· Led deployment of information security solutions across complex environments
· Knowledge of industry wide information security frameworks including ISO, NIST, PCI, SOx
· Experience of implementation of a Unified Control Framework (UCF)
· Strong critical thinking and group facilitation skills, specifically in large or complex problem settings
· Must be a strong cross-functional team player with ability to manage and coach others in a matrix structure, across time zone and national boundaries
· Must have unrestricted authorization to work in the United Kingdom
· Must submit to a background investigation, including verification of past employment, criminal history and educational background