Information Security Lead (GRC, Standards & Assurance)

Job Description

What you will be doing:

• Own and continuously improve information security policies, standards, and control frameworks, ensuring they remain relevant and effective.
• Align and map security controls to regulatory requirements and industry frameworks, maintaining strong governance coverage.
• Lead risk assessments, define pragmatic treatment plans, and drive remediation actions based on business impact and priority.
• Partner closely with first and second lines of defence to support audit readiness, assurance activities, and compliance obligations.
• Provide clear, ongoing assurance on the effectiveness of controls, identifying gaps and driving meaningful improvements.
• Work in close coordination with Enterprise Architecture and Cyber teams to ensure security is embedded in design and delivery.
• Oversee and track control exceptions, risk acceptances, and remediation actions through to completion.
• Support separation activities and Day‑1 readiness by ensuring required controls and evidence are in place.
• Operate with a high degree of independence, managing competing priorities while confidently engaging stakeholders and influencing risk-based decisions.

Qualifications

What you’ll bring:

• Degree-level education (or equivalent) in IT, Information Security, or a related field is required.
• Professional certifications such as CISA, CRISC, or ISO 27001 Lead Auditor are desirable but not essential.
• 4–6 years’ experience across information security, GRC, IT controls, or audit in a global, complex environment.
• Hands-on experience with audits, control testing, and remediation, with a strong understanding of how frameworks operate in practice.
• Familiarity with recognised standards such as ISO 27001, NIST, CMMC, or Cyber Essentials.
• Strong grounding in information security assurance and governance, with the ability to translate technical concepts into clear, business-focused language.
• Proven ability to manage stakeholders, produce high-quality documentation, and navigate complex organisational structures.
• Sound judgement in prioritising risk, recommending improvements, and strengthening control maturity in a practical, outcome-focused way.

Additional Information

Join us and we’ll help build your career, with excellent training and opportunities for career growth across the business, both locally and globally. You’ll experience an inclusive environment, with strong leadership and a focus on safety and wellbeing. You’ll also have the flexibility to choose from a wide range of benefits to suit your lifestyle, offering you and your family support from a health and wellbeing, financial and lifestyle perspective.

Join us and work for a world-leader, with the benefits and training to reward your dedication and skills. Be part of a team where we are making the world a safer place

We believe that different perspectives and backgrounds are what make a company flourish. All qualified applicants will receive equal consideration for employment regardless of color, religion, sex, sexual orientation, gender identity, national origin, economic status, disability, age, or any other legally protected characteristics. We are proud to be an inclusive company with values grounded in equality and ethics, where we celebrate, support, and embrace diversity.

At no time during the hiring process will Smiths Detection, nor any of our recruitment partners ever request payment to enable participation – including, but not limited to, interviews or testing. Avoid fraudulent requests by applying jobs directly through our career’s website.