Information Security Governance Risk and Compliance Consultant

London, United Kingdom

Informa Group Plc.

View company page

Company Description

Informa is a leading international events, intelligence and scholarly research group.

We’re the specialist’s specialist. Through hundreds of powerful brands, we work with businesses and professionals in specialist markets, providing the connections, intelligence and opportunities that help customers grow, do business, make breakthroughs and take better informed decisions.

Informa is listed on London Stock Exchange and a member of FTSE 100, with over 11,000 colleagues working in more than 30 countries.

Informa’s divisions include:

Informa Connect, a specialist in content-driven events and digital communities that allow professionals to meet, connect, learn and share knowledge.

Informa Markets, creating platforms for international markets to trade, innovate and grow. Through over 500 leading brands, our exhibitions, specialist digital content and data solutions allow customers operating in specialist markets to meet and trade, and for their businesses and markets to thrive. 

Informa Tech, a division bringing specialism in technology. We aim to inspire the global technology community to design, build and run a better digital world through research, media, training and events that inform, educate and connect businesses and professionals working in technology.

Taylor & Francis, specialist in scholarly research and in helping academic and research communities make new breakthroughs.  We commission, curate, produce and publish scholarly research and reference-led content in specialist subject areas, helping to advance research and enabling knowledge to be discovered and shared.

Global Support is Informa's sixth division, with major hubs in the United Kingdom, United States, Hong Kong and Singapore as well as several smaller locations.  As the team behind the teams, Global Support colleagues provide shared, efficient business services and function-specific expertise to each of Informa's operating divisions, enabling our commercial teams to focus on their markets and customers.

 

Job Description

The Information Security Governance Risk and Compliance (GRC) Consultant role is part of the Group Information Security team within the Informa Global Support division of Informa Plc.

The Information Security GRC Consultant role will be a key contributor to establishing and maintaining a robust governance framework that ensures the strategic alignment of information security initiatives with organisational objectives. The role involves developing, implementing and maintaining policies and procedures, advising senior management on governance strategies, and overseeing the overall adherence to security governance principles.

This important role will support the Information Security Management function and associated processes. This includes process maintenance and continuous improvement, liaising with business stakeholders to ensure information security management is done so effectively.
 

Key Areas of Responsibility/Accountability:
 

Governance and Control Framework:

  • Work closely with senior management to define and communicate the strategic vision and framework for Information Security governance.
  • Lead on the design, implementation and review of the Control Framework of Informa.

Policy Framework Development:

  • Develop, implement, review, and update Information Security policies and standards in accordance with regulatory requirements and industry standards.
  • Ensure that policies and policy requirements are effectively communicated and clearly articulated across the organisation.

Strategic Alignment:

  • Collaborate with business units to align Information Security initiatives with organisational goals and objectives.
  • Provide expert guidance to senior management on integrating security governance into overall business strategy.

Compliance Governance Oversight:

  • Partner with the IT Compliance function to advise on, and support with, the monitoring and assessment of the organization's compliance with relevant laws, regulations, and industry standards.
  • Support customer due diligence requests to validate adherence to Information Security governance requirements.

Risk Governance Oversight:

  • Partner with the Information Security Risk Management function to advise on, and contribute, to the development and execution of risk management strategies within the governance framework.
  • Support with the monitoring and reporting on the status of risk and of risk mitigation efforts.

Continuous Improvement:

  • Drive continuous improvement initiatives for Information Security governance processes.
  • Identify and implement opportunities to enhance the efficiency and effectiveness of governance-related activities.

Qualifications

  • Considerable experience in (InfoSec) GRC fundamentals.
  • Good stakeholder management and engagement skills.
  • Ability to provide strategic guidance on governance matters.
  • Proven experience in Information Security, with a focus on GRC.
  • Strong understanding of security frameworks, standards, and best practices (ISO 27001, NIST, GDPR, etc.)
  • In-depth understanding of security governance frameworks and principles.
  • Ability to form complex communications/messages in a simple, clear and concise manner to the various parts of the group.
  • Excellent written and verbal communication and presentation skills.
  • Effective and creative problem-solving skills.
  • Proven track record of operating in time critical, diverse, creative and corporate Environments.
  • Experience of working with multiple stakeholders.
  • Ability and confidence to prioritise and balance conflicting and diverse demands from technical and business perspectives.

Additional Information

Employee experience is very important to us at Informa. On top of joining a supportive, diverse and ambitious team that welcomes all types of candidates, we make every effort to offer flexible working patterns and prioritise promotion opportunities for internal candidates. Our benefits include:  

  • A tailored learning and development plan and access to online material to support your career development    
  • 25 days annual leave, 4 days for volunteering and a day off for your birthday!   
  • Competitive Benefits package including pension, healthcare and a range of wellbeing benefits 
  • Share-Match options so you can become a shareholder    
  • Regular social events and networking opportunities  
  • Flexible working environment
  • Central office in Blackfriars, close to mainline and Underground stations, an onsite gym and restaurant, and a variety of amenities nearby

 

We know that sometimes the 'perfect candidate' doesn't exist, and that people can be put off applying for a job if they don't fit all the requirements. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. You could be just what we need! We believe strongly in the value of diversity and creating supportive, inclusive environments where our colleagues can succeed.  As such, Informa is proud to be an Equal Opportunity Employer.  We do not discriminate on the basis of race, colour, ancestry, national origin, religion, or religious creed, mental or physical disability, medical condition, genetic information, sex (including pregnancy, childbirth, and related medical conditions), sexual orientation, gender identity, gender expression, age, marital status, citizenship, or other protected characteristics under local law.    This role may also be available on a flexible working or part time basis – please ask the Talent Acquisition team for more information  

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Compliance GDPR Governance ISO 27001 Monitoring NIST Risk management Strategy

Perks/benefits: Career development Equity Flex hours Flex vacation Medical leave Team events

Region: Europe
Country: United Kingdom
Job stats:  17  7  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.