Information Security GRC Risk Manager / Lead

A leading London based brand is looking for an experienced Information Security GRC Risk Manager to take ownership of their Information Security risk framework, driving a mature, risk‑led culture across the organisation.

Reporting into the Head of Information Security GRC, this highly visible and autonomous role works closely with senior leadership to shape risk strategy, lead governance forums, and provide clear insight into risk exposure, controls, and remediation.

This role will play a key part in building and strengthening the GRC function, improving reporting (KPIs/KRIs), and embedding robust policy and risk management practices.

Key responsibilities

• Own and operate the Information Security risk management framework, ensuring alignment with enterprise risk management (ERM) practices
• Act as the central point of accountability for Information Security risk, driving consistent identification, assessment, and management of risks ...