Head of Information Security GRC & Awareness

Greater London
Inside IR35
Contract

Posted on Mon Dec 2025

Location: London (onsite 2 days per week)
Duration: 6 months

Rate: Inside IR35, rate to be discussed

Are you an experienced Head of Information Security Governance, Risk and Compliance looking for your next opportunity to make an impact within an evolving and fast paced environment? Do you have strong experience of leading 3rd party security assurance processes? If so, apply now.

We are seeking an experienced Head of InfoSec GRC & Awareness to lead governance, risk, compliance, and security awareness initiatives across an organisation at a time of significant modernisation. This pivotal role ensures a robust security posture by developing and enforcing policies, standards, and training programmes aligned with business objectives and regulatory requirements.

The key responsibilities of the Head of Information Security GRC & Awareness are:

  • Lead the development and enforcement of enterprise-wide information security policies and standards.
  • Drive security governance and cyber maturity through compliance, assurance reviews, and gap analysis.
  • Oversee the Information Security Risk Management process
  • Conducting in depth supplier due diligence / third party assurance processes
  • Manage audit readiness and support internal/external audit activities.
  • Own and deliver the organisation's security awareness programme, including campaigns and tailored training.
  • Depending on the candidate, you would also be involved in developing and implementing an Operational Technology (OT) Security Assurance Framework.

The successful candidate will have the following skills, experience and qualifications:

  • Professional certifications such as CISSP, CISM, ISO27001 Lead Auditor, CLAS etc
  • Extensive experience in information security or IT governance within large, complex environments.
  • Strong knowledge of security frameworks (ISO/IEC 27001, NIST CSF, CIS Controls, Cyber Essentials).
  • Proven track record in risk management, policy development, and security awareness initiatives.
  • Excellent communication, leadership, and influencing skills.
  • Very strong experience of driving 3rd party due diligence
  • Any experience of driving Technical Assurance, Operational Technology (OT) Security Assurance and Penetration Testing would be a bonus

This is an excellent opportunity to lead a critical function within a dynamic organisation, ensuring security resilience and cultural change across the enterprise.

The rate is competitive and we can discuss this directly. For further information, please apply and I will be in touch.

Head of InfoSec GRC & Awareness

Head of Information Security Governance, Risk and Compliance

Apply for this role:

    Share this role:
    Advertised By:
    Sarah Howells

    With over 15 years of recruitment experience in Technology and Digital Transformation, Sarah helps clients solve complex hiring challenges through creative strategies. She has partnered with organisations from startups to multinationals, building specialist programme teams driving key transformation initiatives.

    Similar Opportunities

    Employers About TRIA News & Insights Work for TRIA

    Actions speak louder than words when it comes to ED&I and we’re proud to let ours do the talking for us. TRIA have a majority female workforce from director level down and to keep building on this, we embody a commitment to keep TRIA a safe, prejudice-free environment.

    TRIA Consulting is dedicated to delivering end-to-end services that unlock potential and maximise value. Unlike traditional recruitment, we focus on providing comprehensive consultancy solutions tailored to your organisation's unique objectives.

    TEL 0117 332 7000 | POST 14th Floor, Colston Tower, Colston St, Bristol BS1 4XE

    Privacy Policy Terms & Conditions DE&I Policy Cookies Policy Modern Slavery Act Statement