We think you’ll love this role, even if we are slightly biased! A unique opportunity has arisen for a Security Governance Manager to join this global technology powerhouse.

If you have a strong interest in security governance, but don’t want to be stuck in a rigid job with limited variety, then read on.

This is a global role, and as the Security Governance Manager you will be providing information security expertise across the business, advising on risk, compliance requirements, alongside building/improving security awareness.

30-40% of the role will involve improving security awareness within the business, creating relevant and engaging content; with the remainder acting as a trusted advisor to the business, and providing metrics to the exec leadership team across all areas of security governance.

Please note that this role has no direct line management responsibilities, however, exceptional communication and leadership skills will be called upon to influence positive outcomes.

Responsibilities include

• Security Awareness / Training – Create content and deliver engaging security awareness programmes to support the business
• Become a Trusted Security Advisor – Support both internal and external partners on all matters of security governance, policy, awareness, and changes to the security landscape. Ensuring security and compliance requirements are fully understood
• Work with Cross Functional Teams – To support the development of operational, executive and board level security metrics
• Develop Standard Operating Procedures – Documenting procedures for risk reporting, training & awareness, and policy management

Required skills/experience

• Ability to plan, co-ordination and deliver high quality security training content to cross functional teams
• Understanding of regulations, industry standards, covering areas such as application security, network security, cloud security, data security, and data privacy
• Proven experience in developing security policies, together with experience of rationalizing policies using unified control frameworks (UCF, CSA’s Cloud Control Matrix)
• Security metrics – creating reports and reviewing metrics for management use
• Security and privacy controls deployed in large enterprise environments
• Ability to clearly communicate information security concepts to both technical and non-technical people

Other beneficial experience

• Experience with EU regulations and EU data privacy
• Understanding of technical security control concepts, procedures, and systems (e.g., Email Security, AV, EDR, Firewalls)
• Security qualifications e.g., CISSP, CISM

Interview process

The process will consist of 3 stages (1st – 30 min call with the hiring manager; 2nd – Presentation; and 3rd – further interview with the team, and key stakeholders)

Working practice

Hybrid working with a minimum of 2 days a week in Cambridge.