Head Of Cyber Security Governance, Risk And Compliance (Grc)

Location: London, Frimley, or Preston (Other BAE sites can be considered), we offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role.

Salary: £90,000 + depending on skills and experiences plus executive benefits

What you’ll be doing:

Being the line manager of the Group Cyber Security GRC Team. This team is expected to protect BAE Systems and ensure contractual compliance through activities not limited to:

• Setting policies, monitoring compliance, and following defined procedures to identify, assess and manage risks from external and internal threats
• Maintaining a risk register of relevant Cyber Security risks
• Proposing measures – including avoidance, mitigation, sharing and acceptance – to manage Cyber Security risks in alignment with the company risk appetite
• Implementing and maintaining Cyber Security Standards and the Cyber Security Assurance Framework
• Managing the Cyber Security Governance Framework to ensure transparency, accuracy and speed of decision making
• Assuring the implementation, operation, and maintenance of security controls
• Assessing the correctness of our Cyber Security risk assessments and risk management plans, taking account our business goals and Compliance obligations
• Reviewing compliance with legal and regulatory requirements, managing the relationships with key regulatory stakeholders including MOD Cyber Defence & Risk (CyDR)
• Providing expert advice on governance, assurance, and risk management
• Prioritising the closure of findings on a risk informed basis
• Sponsoring GRC capability development, keeping current capabilities relevant, effective, efficient, and anticipating future needs
• Providing oversight and guidance to wider technology assurance activities, ensuring alignment across Digital, Data and Cyber Security in both IT and Operational Technology domains

Your skills and experiences:

Essential:

• Business Knowledge and Experience
• Cyber Security Expert, understanding across a range of Cyber Security disciplines including GRC
• Expert understanding of the security paradigm of both IT and OT systems
• Legal and Regulatory experience of the requirements for handling Government classified data, Export Controls and PII

Desirable:

• Hold a number of compliance framework related certifications (e.g., ISO or NIST)
• Capable of achieving UK Cyber Security Council chartered status

Benefits:

You’ll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You’ll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts – you may also be eligible for an annual incentive.

The team:

The team has gone through a large transformation. In order to maintain stability and promote the improvement and integration of the new core processes (such as Secure by Design), leadership is now required.

As the Head of Cyber Security Governance, Risk and Compliance (GRC) you will lead Cyber Security GRC in BAE Systems (UK & International, excluding BAE Systems Inc.), advising the CISO, and other senior leaders, on all matters related to Cyber Security GRC, providing the necessary leadership and management of GRC capabilities (people, processes, tools, supporting contracts and services etc) to enable them to be effective and efficient and to provide senior leadership with the confidence that Cyber Security GRC in BAE Systems is appropriate and robust.

This role provides you will global exposure giving you the opportunity to develop and enhance your skills and knowledge.

Why BAE Systems?

This is a place where you’ll be able to make a real difference. You’ll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you’ll be empowered to fulfil your potential.

We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.

Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions. These restrictions mean that factors including your nationality, any previous nationalities you have held, and your place of birth may limit those roles you can perform for the organisation.

Closing Date: 28th June 2024

We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.

#LI-JP1

#LI-Hybrid

Apply Now Back to listings