Cyber GRC Lead – SC Cleared

Description

Cyber GRC Lead – SC Cleared

SR2 is supporting a government department in the development and maturity of its cyber risk capability. We are seeking an experienced and confident Cyber GRC Specialist to lead and shape risk-related initiatives within a critical national infrastructure environment.

This role requires a strategic thinker with expertise in cyber risk management, familiarity with enterprise governance frameworks, and a high level of stakeholder resilience – particularly the ability to navigate and influence senior stakeholders who may have differing priorities or entrenched views.

Key Responsibilities:

Lead the development and refinement of cyber risk management processes, frameworks, and documentation

Embed risk-thinking into cyber governance activities across the organisation

Engage with technical and non-technical stakeholders to assess, prioritise, and communicate risk in business-relevant terms

Own risk registers, reporting cycles, and control effectiveness assessments

Act as a trusted advisor to senior stakeholders, helping align business risk appetite with cyber strategy

Support maturity assessments and benchmarking against frameworks such as NCSC CAF, ISO 27005, or NIST RMFEssential Skills & Experience

Proven experience delivering GRC and cyber risk programmes in complex, regulated, or critical infrastructure environments.

Strong working knowledge of cyber risk methodologies, threat modelling, and control frameworks.

Demonstrable track record of meeting delivery deadlines and producing approved, accurate documentation.

Ability to influence and gain trust from challenging or high-profile stakeholders, balancing diplomacy with clear accountability.

Exceptional workstream management and team leadership skills, with a history of accurate delegation and respectful communication.This is an urgent role looking to start ASAP. Please apply for further details

Ad ID: 5417134514