Back to jobs
Job Description
Role Overview As Governance, Risk Compliance (GRC) Manager, you will be leading all aspects of the development and implementation of comprehensive risk management and compliance strategies, working closely with senior leadership to align GRC initiatives with business objectives and lead a team of developing and experienced GRC professionals. Your leadership and expertise will be crucial in fostering a strong culture of compliance and risk-awareness across Sopra Steria. You will play a lead role in helping our clients understand their security challenges and then specify, plan and implement projects to improve their security posture. This is an opportunity to lead at the front line of cyber security delivering value to our client base.
Key Responsibilities Create/update Secure By Design Artefacts, CAATS and Security Risk Assessments Create DPIAs/DFCRs Work with SOC teams to onboard services to SIEM platform Work with ITSHC suppliers to develop scoping requirement for CSM Generate RAINs (Risk and issue notifications) Review Secure By Design artefacts in alignment with 3 monthly review cycle. Lead on security activities for large client engagements through creating and maintaining strong stakeholder relationships (customer and internal), developing and maintaining a framework of security controls that align with overall objectives and contractual obligations Identify and understand customer requirements and demonstrate creativity and innovation in applying solutions for the benefit of the customer Formulate security strategy, creatively applying a wide range of technical and/or management principles Collate and prioritise market and environmental trends, business strategies and objectives, and identify the business benefits of alternative strategies Encourage innovation within ADS Cyber Security and support Lead complex assessments and programs of audit activity Lead on implementation of compliance programs against relevant legal and regulatory requirements, contractual obligations and industry standards Lead security aspects of bid responses and opportunity identification Build technical control roadmaps that align organisational plans with regulatory and contractual requirements Promote awareness amongst the Cyber Security team of the latest cybersecurity threats, vulnerabilities, and industry standard methodologies
Key Responsibilities Create/update Secure By Design Artefacts, CAATS and Security Risk Assessments Create DPIAs/DFCRs Work with SOC teams to onboard services to SIEM platform Work with ITSHC suppliers to develop scoping requirement for CSM Generate RAINs (Risk and issue notifications) Review Secure By Design artefacts in alignment with 3 monthly review cycle. Lead on security activities for large client engagements through creating and maintaining strong stakeholder relationships (customer and internal), developing and maintaining a framework of security controls that align with overall objectives and contractual obligations Identify and understand customer requirements and demonstrate creativity and innovation in applying solutions for the benefit of the customer Formulate security strategy, creatively applying a wide range of technical and/or management principles Collate and prioritise market and environmental trends, business strategies and objectives, and identify the business benefits of alternative strategies Encourage innovation within ADS Cyber Security and support Lead complex assessments and programs of audit activity Lead on implementation of compliance programs against relevant legal and regulatory requirements, contractual obligations and industry standards Lead security aspects of bid responses and opportunity identification Build technical control roadmaps that align organisational plans with regulatory and contractual requirements Promote awareness amongst the Cyber Security team of the latest cybersecurity threats, vulnerabilities, and industry standard methodologies