Job Specifications
Financial Sector - Reporting to the Chief Information Security Officer
Salary - up to £100k plus 4% bonus
The Role
The Head of Security Governance, Risk and Compliance (GRC) plays a key leadership role in safeguarding the customers, assets, and reputation. This role is responsible for embedding effective security governance, risk management, and compliance practices, ensuring that security and regulatory obligations are met while enabling operations with confidence and integrity.
The postholder will establish and maintain proportionate security frameworks, policies, and processes. They will work closely with colleagues at all levels to strengthen security risk awareness, integrate risk-based decision-making, and promote a culture of accountability and resilience.
Key Responsibilities
Leadership of the Security GRC function.
Governance & Policy – Define, implement, and continuously improve the governance frameworks, policies, and standards for information security, risk, and compliance.
Risk Management – Lead enterprise-wide security risk management activities, including risk identification, third-party risk management, assessment, control evaluation, and mitigation planning.
Regulatory & Standards Compliance – Ensure adherence to relevant regulatory requirements (e.g. PRA, FCA, GDPR) and security standards (e.g. NIST CSF), maintaining readiness for internal and external audits.
Continuous Improvement – Monitor and review governance and compliance processes, adapting to regulatory updates and emerging risks, and driving improvements.
Collaboration & Influence – Build strong relationships with Legal, IT, Procurement, and business functions to embed risk-based decision-making and ensure a consistent, proportionate approach.
Leadership & Oversight – Provide expert advice to senior management and the Board, reporting on risk posture, compliance status, and emerging issues.
Knowledge, Skills and Experience
Degree in information security, risk management, or a related field.
10 years of proven experience in security governance, risk, and compliance leadership, ideally within financial services or a regulated environment.
Strong knowledge of UK and EU regulatory requirements relevant to financial institutions.
Demonstrated ability to design and embed proportionate governance and risk frameworks in a mid-sized organisation.
Excellent stakeholder management skills, with the ability to influence at the Board and executive level.
Strong communication and leadership skills, with a focus on building a culture of accountability and risk awareness.
Professional certifications such as CISA, CISM or CISSP.
About the Company
Logica Security is a UK-based information and cyber security consultancy, trusted by organisations to protect their operations, people, and reputation in an increasingly complex threat landscape. We combine deep technical expertise with strategic insight to help businesses enhance their resilience, manage risk effectively, and navigate complex regulatory environments. Our services span governance, risk, and compliance (GRC), data protection, and technical security assurance, enabling us to design and deliver solutions tailor...
Know more