Key skills
Stakeholder Management
About this role
Role Overview
- Identify, analyse, and support the management of information security and IT risks across the business
- Work closely with stakeholders, vendors, and internal teams to assess security controls and risk exposure
- Support compliance activities aligned to Cyber Essentials+ and ISO27001 standards
- Create and maintain information security policies, standards, procedures, and wider GRC documentation
- Conduct internal security assessments and reviews, clearly documenting findings and recommendations
- Maintain key security knowledge resources including process documentation, RACIs, training materials, and contract information
- Collaborate with risk owners to identify, manage, and mitigate vulnerabilities and threats effectively
Requirements
- Strong experience within Information Security / GRC environments
- Proven experience working with: Cyber Essentials+
- ISO27001
- Experience conducting security risk and controls assessments
- Strong documentation and stakeholder management skills
- Experience producing and maintaining security policies, standards, and procedures
- Ability to communicate security findings clearly to both technical and non-technical stakeholders.