Head of Information Security - Governance, Risk & Compliance (GRC)
Location: Hybrid - London & home working
Contract: Blended working model (Highly Remote)
Salary: Competitive + benefits
30 days annual leave + Bank Holidays

Are you a seasoned InfoSec leader with a passion for governance, risk and compliance? We're looking for a Head of Information Security (GRC) to shape and drive the next phase of our security operations.

As part of a wider digital transformation, this role offers a rare opportunity to influence and mature GRC practices, embed security into the DNA of the organisation, and build a truly impactful culture of awareness.

What you'll be doing:

• Leading and evolving the information security governance framework, ensuring robust, scalable policies and standards.

• Managing and mitigating risks across the technology landscape, working closely with internal stakeholders.

• Driving compliance efforts, including Cyber Essentials and PCI DSS.

• Championing security awareness across the organisation, collaborating with specialists to deliver training, campaigns and comms.

• Supporting vulnerability management in coordination with engineering and system owners.

• Managing a small, experienced team and mentoring them to success.

• Owning and refining InfoSec metrics, reporting and insight for senior stakeholders.

What we're looking for:

• Significant experience in information security, particularly across governance, risk and compliance.

• Strong understanding of compliance frameworks and regulatory requirements.

• Experience managing teams and leading cross-functional security initiatives.

• Confident communication skills and the ability to influence at all levels.

• A proactive, solutions-focused mindset with a sharp eye for detail.

• Professional security certifications (e.g. CISSP, CISM, CRISC, CISA) are desirable.

This is a great fit for someone who thrives in a collaborative environment, enjoys problem-solving, and is ready to take ownership of a maturing GRC function.