Cyber Security Governance, Risk & Compliance

Key ResponsibilitiesStrategic Leadership & Stakeholder Engagement • Acts as the authoritative point of contact for senior stakeholders and influencers regarding cyber risk governance.

• Maintains strong, trusted relationships with senior business leaders across the organisation.


• Maintains a broad understanding of internal and external security environments, including emerging threats and industry trends.

Policy, Process & Service Development • Develops plans, policies, and processes for the delivery and management of cyber risk and governance services.

• Coordinates the promotion, development, and implementation of cyber governance services in collaboration with management and strategy teams.


• Facilitates the development of tools, documentation, and supporting materials related to cyber risk and governance.


• Conducts regular service reviews to identify and implement continuous improvement opportunities.

Risk Management & Assessment • Develops, maintains, tests, deploys, and manages the Air Cyber Risk Management and Assessment Methodologies.

• Ensures cyber risk and governance services operate in line with agreed processes, policies, and regulatory standards.


• Supports the business in defining risk tolerances and appetites for systems and processes.


• Ensures cyber risk and governance principles are embedded throughout the full system and project lifecycle.

Reporting & Metrics • Reports on and analyses metrics, KPIs, and performance indicators across cyber risk and governance activities.

• Produces inputs for key reporting projects across the sector.


• Ensures Air Cyber risks are accurately reflected in the corporate risk framework and prioritised appropriately.

Threat & Mitigation Support • Supports the development of corporate threat assessment methodologies.

• Works with Group IM&T to enhance risk mitigation strategies and ensure alignment with organisational priorities.

Safety Responsibilities The role holder is responsible for maintaining high standards of Safety, Health & Environment (SHE), including:

• Taking reasonable care of their own health and safety.


• Following all instructions, information, and training provided.


• Reporting hazards, incidents, or unsafe conditions.


• Using all equipment correctly and for its intended purpose.

Responsibilities are further detailed in:

• Company Health & Safety Policy (759/OF/016)


• Company Environmental Policy (759/OF/029)

Knowledge, Skills & QualificationsKnowledge • Strong understanding of emerging cyber requirements and evolving cyber security threats.

• Broad technical knowledge of IT infrastructure and technologies (OT knowledge beneficial).


• Excellent understanding of government and industry security policies, standards, and best-practice frameworks.

•

This listing is from reed. View original listing ↗