Job Description:
A seasoned Governance, Risk, Compliance (GRC) professional is required to lead South East Water's cybersecurity GRC and assurance initiatives. Reporting directly to the Chief Information Security Officer, this role is vital for maintaining regulatory compliance, monitoring cybersecurity risks, and strengthening SEW's security posture.
The successful candidate will be responsible for developing, maintaining, and reviewing security standards, policies, processes, and procedures to align with best practices. This includes ensuring compliance with relevant cybersecurity frameworks, such as NIST, VPDSS, and internal security standards.
This role also involves supporting the development and management of a Common Controls Framework (CCF) to streamline security and compliance controls. Additionally, the candidate will conduct risk assessments to identify security control gaps, exceptions, and areas for improvement.
The chosen individual will provide regular updates and reports to the CISO on cybersecurity risks, compliance status, and assurance activities. They must have a strong analytical and problem-solving skillset, with the ability to engage effectively with diverse stakeholders.
This is an exciting opportunity for a strategic thinker who can strengthen governance, ensure regulatory compliance, and drive a culture of accountability across the organisation.