Ocho are delighted to be working on an Associate Director - Information Security (GRC) role with a leading professional services client. Overview: The Associate Director will oversee governance, risk, and compliance (GRC) functions, leading teams, optimising processes, and managing technology. This position ensures that GRC initiatives are in sync with organisational objectives, regulatory standards, and security frameworks, with an emphasis on client audits, RFP responses, internal IT audits, and contract evaluations. Key Responsibilities: Drive the governance, risk, and compliance (GRC) initiatives, ensuring adherence to regulatory and contractual obligations. Spearhead the enhancement of the information security program, focusing on risk evaluation, control implementation, and ISMS adherence. Administer GRC tools, processes, and frameworks to deliver high-quality security services. Partner with Security Operations and Engineering teams to sustain and optimize security service efficiency. Contribute to the development of policies, standards, and guidelines to safeguard sensitive data while aligning with business objectives. Lead, coach, and develop the GRC team to foster growth and excellence Experience: Proven leadership skills, with excellent communication and strategic planning capabilities. Deep knowledge of information security frameworks (NIST, ISO 27001) and familiarity with regulatory standards (GDPR, PCI-DSS). In-depth expertise in security controls, network infrastructure, and security monitoring tools. Experience in handling complex GRC operations, including audits, risk analysis, and compliance management. Please apply now if you are matching thew above criteria or reach out Andrew Harrison directly for a further conversation. Skills: Governance, Risk, Compliance (GRC) Information Security NIST, ISO270001, COBIT, CIS