Cyber Governance, Risk & Compliance


Job Description

The key purpose of this role is to create and support a robust Information Security programme and framework. You will focus on core areas such as risk management, data governance, third-party security due-diligence reviews, ensuring compliance with legal, regulatory, and relevant security standards such as ISO 27001.

The role requires strong technical skills and architecture understanding of joint asset roadmap development.

Position Responsibilities

  • Lead, plan and conduct cyber risk assessments, providing recommendations where applicable
  • Create and maintain technology policies and ensure they remain relevant and up to date
  • implement and maintain an ISO 27001-compliant ISMS
  • Help improve compliance, security risk management, and adherence to technology policies
  • Support the team by carrying out gap analysis to identify current security posture verses current security best practices.
  • Define and embed an Information Security Policy Framework that addresses the needs of the business, its staff, clients, and other external stakeholders in line with relevant regulations and industry standards
  • Develop and embed a risk management framework allowing identification, assessment, mitigation, monitoring and reporting of the risks involved, and measure the management of exposure

Attributes / Required Skills


  • Deep experience in Information Security Risk Management
  • Knowledge of the main information and cybersecurity frameworks, such as ISO 27001/ISO 27005, NIST Cybersecurity Framework and EU GDPR
  • Experience working with key operational risk processes and understanding of risk management
  • Experience assessing security controls across a variety of technologies and products, recommending improvements where necessary
  • Strong stakeholder management skills, and the ability to take ownership of a project through its lifecycle
  • BSc or MSc degree in Information Technology, Cybersecurity, or similar/equivalent education or experience
  • Excellent analytical and problem-solving skills as well as verbal and written communication skills
  • A proactive and positive personality, with strong organisational skills


  • Has the ability to develop and maintain a business-aligned Information and Cyber Security strategy and operating model
  • Has an industry certification in GRC

Remuneration and Benefits

The salary is competitive and includes a performance bonus as well as a company bonus. You can also expect:

  • Time off for volunteering and charitable giving
  • Life insurance, income protection insurance, company pension contribution, flu vouchers and health insurance assisted cover.
  • Hybrid working, minimum two days a week in the office.
  • Cycle to work scheme and secure workplace bike parking
  • Coffee, tea, fruit, snacks and breakfast cereals
  • Team lunches and social activities including summer and Christmas events
  • Professional development, coaching, mentoring and career progression opportunities.

Contact Details

Please send your CV and cover letter to [email protected] with the subject “Client Reporting Software Engineer”. Further information about Partners Capital is available on our website