Job Title : Governance, Risk and Compliance Manager Location: Peterborough (Hybrid) Are you a skilled Governance, Risk, and Compliance professional with a consistent focus on ensuring the highest standards in information security and privacy? Do you thrive on managing complex risks, initiating compliance initiatives, and guiding stakeholders across global operations? Our Business Technology Services team is seeking an experienced GRC Manager to oversee a growing team in delivering critical security and privacy governance for ABF’s global operations. In this pivotal role, you will shape the security framework, oversee compliance with global regulations, and promote risk management strategies that underpin our business integrity and goals. What you'll be doing: Oversee the implementation and continuous improvement of the Information Security Management System (ISMS) to maintain ISO 27001 certification and compliance. Manage governance, risk, and compliance frameworks to align with global standards, providing guidance to managers on data protection compliance and maintaining a Business-As-Usual framework. Oversee privacy responsibilities for BTS operations, ensuring compliance with data protection laws and working closely with ABF Group Legal as needed. Maintain and embed a robust Risk Management Framework, ensuring risks are effectively assessed, communicated, and governed across the business. Develop and manage supplier assurance processes, including third-party risk assessments and maintaining the Approved Supplier List for security and privacy compliance. Oversee audits and compliance reviews, collaborating with internal and external teams to meet regulatory and industry standards, such as GDPR and ISO 27001. Design and deliver privacy and information security training and awareness programs using various methods like e-learning, campaigns, and workshops. Act as a key stakeholder in security governance forums, representing BTS at the ABF Global Security Forum and contributing to strategic decision-making. Conduct operational assurance activities, including access control reviews, compliance reporting, and security investigations, ensuring governance and transparency. Manage and develop a skilled GRC team, providing strategic direction, mentorship, and leadership to meet organizational goals. What you'll bring: Significant knowledge in governance, risk, and compliance frameworks, with a deep understanding of global regulatory standards, including GDPR, UK Corporate Governance Code, and ISO 27001. Extensive experience in managing privacy and data protection compliance within large organizations, including providing guidance to senior and operational managers. Effective ability to manage risk management activities, including the development and implementation of robust risk frameworks across complex environments. Solid understanding of IT security principles, networks, and applications, with the ability to identify and manage risks across people, processes, and technology. Experience managing supplier assurance processes, including third-party risk assessments and contract lifecycle governance. Effective supervisory skills with a history of managing and developing high-performing teams, encouraging collaboration, and driving results. Interpersonal and communication skills, with the ability to engage senior stakeholders and crossfunctional teams. Experience working with legal, audit, and compliance teams, with a solid understanding of legislative and industry standards. Relevant certifications such as CISSP, CISM, CRISC, or CISA, with beneficial qualifications in European privacy (e.g., CIPP/E). A forward-thinking mindset, capable of making sound decisions, prioritizing tasks, and thriving in service-oriented environments.