Head of Cyber Risk Governance & Compliance GRC

Skills

Job Specifications

McFall Recruitment are partnering with a Financial Services company seeking a pragmatic and experienced Head of Cyber Security Governance, Risk & Compliance to lead and evolve our global Information Security control framework. This pivotal role will shape the resilience, responsiveness, and maturity of our Information Security function across all regions and business units.

Reporting directly to the Chief Information Security Officer (CISO), you’ll play a key leadership role in transforming Cyber Security —enhancing people, processes, and technology to protect the business and maintain operational resilience.

What you’ll do

Lead the global Cyber Security risk management programme, driving best-in-class governance and compliance.
Develop and maintain cybersecurity policies, standards, and procedures aligned with regulatory requirements and business objectives.
Conduct risk assessments, manage control evaluations, and oversee treatment planning.
Embed cyber risk into enterprise risk frameworks through collaboration with global teams.
Oversee vendor risk management and ensure third-party compliance.
Chair and lead the Cyber Security Digital Resilience Forum.
Support the NIST maturity uplift programme and alignment with ISO 27001:2022.
Ensure compliance with key regulatory standards (e.g. DORA, GDPR, MAS, CPS230, SOX).
Act as a trusted advisor to executives, boards, and regulators, providing clear, business-focused guidance.
Develop and maintain metrics and dashboards to monitor KRIs, control effectiveness, and compliance status.

About you

Proven experience in Cyber Security leadership, ideally within financial services.
Deep understanding of global regulatory environments and financial sector risk frameworks.
Strong leadership and stakeholder engagement skills; able to communicate clearly across technical and non-technical audiences.
Hands-on experience managing global teams and priorities across time zones.
Relevant certifications such as CISM, CRISC, CISSP, ISO 27001 Lead Implementer/Auditor are highly desirable.
Methodical, analytical, and calm under pressure, with meticulous attention to detail.
Demonstrated ability to drive cultural change, improve processes, and uplift maturity levels.

About the Company

At McFall Recruitment we are committed to the highest standards of quality and service to help you find and attract talented individuals to join your organisation. We specialise within Change Transformation, Business IT and Senior Appointments offering you recruitment solutions for both contract and permanent engagements on a retained or contingent basis. This is about the journey that we will take together. We are a recruitment business that recognises our clients and candidates are unique and our recruitment solutions a... Know more

Related Jobs

Company Name

Hays

Job Title

Group IT & Cyber Security, Risk & Governance Manager - Global

London, United kingdom

On site

Freelance

17-11-2025

Company Name

McFall Recruitment Limited

Job Title

Head of Cyber Risk, Governance & Compliance GRC

Edinburgh, United kingdom

Hybrid

Full Time

06-11-2025

Company Name

Bright Purple

Job Title

Cyber Security Risk Manager

Edinburgh, United kingdom

Hybrid

Full Time

30-10-2025

Company Name

Swift

Job Title

Executive Risk Partner – Technology and Cyber Risk

London, United kingdom

Hybrid

Full Time

21-09-2025