Information Security GRC Risk Manager

We''ve been engaged by our client to hire an Information Security GRC Risk Manager to take full ownership of internal facing (not vendor or third party) security risk management and policy governance across a complex, enterprise environment. This is a high-impact role where you''ll act as the central point for Information Security risk, driving risk visibility, governance, and accountability across the organisation while influencing senior stakeholders and shaping decision-making. What you''ll be doing Owning and operating the Information Security risk management framework aligned to ERM Leading internal risk assessments, workshops, and governance forums Managing the security risk register, risk artefacts, and treatment plans Driving risk-based decision making and escalating key risks to leadership Delivering clear risk reporting (KPIs/KRIs) and actionable insights Acting as the bridge between Information Security, ERM, and the wider business Owning and maintaining the Information Security policy framework (standards, life cycle, exceptions) Identifying and managing emerging risks, including AI/ML-related threats Running andamp; presenting at risk committees at the C-suite level What you''ll bring Strong experience in Information Security GRC, particularly in the internal Risk Management space Proven ability to own end-to-end risk processes and influence outcomes Experience conducting risk assessments and defining ..... full job details .....