We are recruiting for the Head of GRC to join our Information Security team based in London, Frankfurt, New York or Washington DC. Based in fabulous city centre offices, with a fantastic team, FGS is a leading global strategic communication consultancy operating in the main business hubs around the world. To help us grow our business and footprint, we are looking for the right candidate to provide an exceptional service to our fast-moving business.
Typical duties will involve
Functional Supervision: Lead and manage internal and outsourced partners in delivering assuring the security service to the business.
Develop messaging materials and communications collateral and templates
Provide strategic advice, ongoing counsel and support to the CISO and other executives
Ensure campaigns for Third Party Risk Management and Training and Development are executed
Risk Management and Assessment: Devise and Implement the standard processes and ensure they are followed
Risk Governance: Documenting and Operating the Risk Registry, Risk/Exception processes, leading the team that ensures follow-up
Training and Development: Actively share knowledge to build team capabilities and skills; Continually develop your own skills and expertise. Drive standardization across internal and supplier teams
Stakeholder Management: Work with regional and business/account staff to meet expectations and govern processes
Reporting and Service Management: Optimizing delivery and reporting of service and risk levels across the company
The role will include
Managing the Policy, Procedure and Standards Base
Ensuring Project and Vendor Risks are assessed and tracked
Audit response and client assurance
Running the Security Governance approach
Successful candidates will demonstrate
The environment at FGS Global is dynamic and at times there is a requirement to work under pressure, but good team spirit is maintained throughout. Although previous experience in financial PR, media or banking would be an asset, it is not a requirement.
Necessary attributes
7-10+ years of relevant GRC experience, evidencing being a team player as well as leader
International mindset and experience greatly preferred but not essential, experience with CIS-18 and either SOC-2 or ISO 27001 is required
Demonstrable experience of Risk Governance and Assurance in a fast-evolving environment
Experience of Merger and Acquisition Environment is a great benefit, but rapid refinement of a GRC program is the objective – and other ways of showing this will be considered
Skills
Appropriate Technical Skills and Tooling Skills
Risk Assessment and Triage
Governance and Assurance Testing of controls
Policy and Procedure Writing
Information Preparation and Communication for an Executive audience
Ability to deliver to a deadline, to multi-task and to adapt to changing priorities
Stakeholder Management
Package & benefits
Base Salary competitive according to merits of the candidate
Participation in discretionary Company Bonus Scheme (dependent on the performance of the individual and the performance of the company)
Pension and benefits appropriate for location
Annual Leave policy appropriate for location
We will not be able to offer Visa/Sponsorship for this role, so please ensure you have legal right to work in the location you are applying for.