Governance Risk Compliance Manager - 4675

Discover a world of endless possibilities with Cambridge University Press & Assessment, a distinguished global academic publisher and assessment organisation proudly affiliated with the prestigious University of Cambridge.

Join our organisation as a GRC Manager and play an important role in shaping the security landscape at Cambridge. In this position, you will report and assist the Security Governance, Risk, and Compliance Manager (from the UK) in developing, implementing, and maintaining our security policies, standards, and procedures.

You will conduct thorough security risk assessments and audits, monitor security performance and compliance, and provide essential security guidance to IT, legal, and business teams. Additionally, you'll contribute to supplier assurance and support our certification activities, ensuring that our security objectives are strategically aligned with Cambridge's goals and mission. This role is crucial in maintaining the integrity and safety of our operations, making it a cornerstone of our organisational success.

Why Cambridge?

At Cambridge, our unwavering commitment is to excel in education, learning, and research on a global scale. With a presence in over 170 countries, we empower millions of individuals, unlocking their potential and enabling their success. From dedicated teachers shaping young minds to visionary researchers pushing the boundaries of knowledge, we embody a relentless pursuit of enlightenment, curiosity, and understanding.

We embrace change as an opportunity for growth and progress, constantly adapting to meet the evolving needs of our customers. Collaboration and attentive listening are at the heart of our journey, as we work hand in hand with our customers and each other to innovate and discover more effective ways to achieve our goals. We believe people thrive in an environment where Trust and Empowerment are at the forefront, which is why all our new team members are provided regularisation on their first day so they can start #PursuingPotential from day one.

Joining Cambridge means becoming a part of an extraordinary institution renowned worldwide. Beyond that, you'll become a part of a vibrant and forward-thinking community that transcends tradition, fostering a culture of continuous growth and personal development. Here, we provide the perfect environment for you to thrive, supporting your professional journey and empowering you to reach your highest potential.

What can you get from Cambridge?

In this role, you'll have the opportunity to collaborate with colleagues from diverse branches, expanding your horizons and enriching your understanding of different cultures. We value your wellbeing and offer stability, fostering your professional and personal growth through internal and external activities and training sessions to help enrich your skillset.

Enjoy work-life balance flexibility through our range of options, including flexible schedules, hybrid work arrangements, and generous paid leave. As a regular employee on Day One, you'll have access to comprehensive healthcare benefits, ensuring your peace of mind with coverage for dependents, group life insurance, and robust well-being programs.

What makes you the ideal candidate in this role?

As a GRC Manager at Cambridge, you'll lead the development and enforcement of our security governance, risk management, and compliance strategies.

You are the ideal candidate if:

• At least 4 years of experience in governance or risk management.
• Possess any of CRISC, ISO 27005 Risk Manager, or ISO 27001 Lead Auditor/Implementor certifications
• Strong knowledge of ISO 27001, NIST, and GDPR.
• You had an experienced role and responsibilities in managing security risks, auditing internal and third-party controls, and contributing to an Information Security Management System.
• Possess the following key soft skills:
  
  • Excellent planning and organisational skills.
  • Strong stakeholder management skills.
  • Ability to work independently and drive continuous improvement.
  • Effective communication of technical information to non-technical audiences.
  • Ability to manage multiple tasks and deadlines.
  • Collaborative and proactive attitude.
• Comprehensive understanding of security threats and mitigations, with awareness of supply chain security management systems is a great advantage

If you have the drive to develop a security-minded culture within Cambridge's infrastructure services, and the desire to be part of a globally renowned institution that celebrates innovation, embraces inclusion, and empowers learners, we invite you to pursue your potential with us.