About the Role
The Policy Implementation and Compliance Lead role is responsible for defining Cybersecurity and Group Technology policies and ensuring that a policy framework is in place which ensures technical policy and compliance outcomes are clearly linked, managing compliance initiatives, facilitating audit activity and ensuring risks are clearly identified, assessed, owned, actively managed and remediated effectively where appropriate.
The role will provide guidance to both the technology organization and business stakeholders to ensure that policies are understood and the approach to policy implementation is technically fit-for purpose, and that compliance outcomes are achieved.
Working with all Divisions and Group Functions, you will need to ensure compliance by reviewing the end-to-end process, identifying gaps and supporting stakeholders on remediation of risks. You will need to work at multiple levels, have an appreciation of the details but also able to articulate the wider vision to ensure the Press is adhering to our Cybersecurity and Group Technology polices.
Reporting to the Head of Cybersecurity, Risk and Resilience the role will provide regular reporting including updates on the risk landscape and compliance position.
This role will have a wide remit. Supporting all of OUP, it will be responsible for ensuring end-to-end compliance throughout OUP's Technology product lifecycle. The successful candidate will collaborate with key Technology stakeholders to ensure that all legal, regulatory and contractual security requirements are understood, considered and met.
We operate a hybrid working policy that requires a minimum of 2 days per week in the Oxford office.
About You
You will have:
* Strong understanding of current and emerging security technologies and practices.
* Excellent leadership, communication, and interpersonal skills.
* Ability to manage multiple initiatives in parallel and meet deadlines in a fast-paced environment.
* Strong understanding of best practice frameworks (NIST CSF and ISO 27001)
* Strong understanding and experience of managing PCI-DSS, GDPR, Accessibility and wider compliance obligations.
* Experience of management of compliance activities in a complex, technical, multi jurisdiction environment
* Experience of delivery of Governance, Risk and Compliance frameworks across a global complex business
* A proven ability to sponsor projects/programmes and an understanding of the need to work with business change management functions to embed change in an effective manner
* Strong commercial acumen
Benefits
We care about work/life balance here at OUP. With this in mind we offer 25 days' holiday that rises with service, plus bank holidays and Christmas closure (3-days) and a 35-hour working week. We are open to discussing flexibility in respect to working patterns, dependent on role. We also have a great variety of active employee networks and societies.
We help make your money go further by contributing to your pension up to 12%, offering loans and savings schemes through our partnership with Salary Finance, in addition to travel to work schemes and access to a wide range of local discounts.
This role comes with the added benefit of private medical insurance and a management bonus.
Please see our Rewards and Recognition page for more information.
Queries
Please contact tobi.ogunnaike@oup.com with any queries relating to this role.
We are committed to supporting diversity in our workforce, and ensuring an inclusive environment where all individuals can thrive. We seek to employ a workforce representative of the markets that we serve and encourage applications from all.