Job Description
Job Overview:
Leading a global Governance, Risk, and Compliance (GRC) team to drive best in class security, risk programmes and policies to safeguard Arm and its partners.
This is a senior role responsible for multiple aspects of Enterprise IT (EIT) risk methodology, business continuity, third-party risk framework, critical assets programme, security education and Sarbanes-Oxley (SOX) compliance. The senior manager will also ensure the application of governing controls, assurance, and compliance activities.
Responsibilities:
Being responsible for the GRC team to deliver and continually improve EIT frameworks including; risk management, business continuity, third party risk, policies, standards, guidelines, controls, assurance and compliance.
Support ES and wider Arm leadership by informing information security strategies, roadmaps, operating models and supporting governance structures.
Responsible for strategic risk analysis, management, and operational reporting. Facilitate improvements to EIT policies, standards, and guidelines based on industry standards, incident lessons learned, and input from SMEs and the wider business.
Establish and maintain strong relationships within EIT and across Arm where GRC interdependencies exist currently or in future business models. Driving a cultural change in Arm to make security part of its ideology whilst enabling an efficient and effective operation.
Contribute to security, privacy, data and IT risk evaluations throughout Arm’s delivery and operational lifecycles.
Leading a distributed team, providing strong leadership, performance management and people development.
Required Skills and Experience:
- 1 or more Information security certifications ( CISSP, CRISC, GIAC, CISM, CISA, ISO 27001).
- 10+ years within information security environment and 5+ years of management experience.
- Experience operating and/or leading a GRC function ( operating model, team management, budgeting, forecasting, strategy, reporting).
- Broad exposure and experience with enterprise technologies and the risks related to how other enterprises use technology to deliver business services.
- Good communication skills, both written and verbal, across teams, vendors, and third parties. Ability to provide senior-level reporting on GRC operations and risk, with a focus on key operational data.
“Nice To Have” Skills and Experience:
Experience of leading change / transformation!
In Return:
We offer exciting and interesting work in a diverse team. Arm's growth trajectory will ensure career progression and the opportunity to have a significant impact on our success!
#