Cybersecurity - Governance Risk and Compliance Lead

The Role

Our client is a large, globally distributed organization undergoing a significant uplift in how we manage security risk, assurance, and decision‑making at scale. We are seeking a senior leader to own and shape this capability across the group.

This role is ideal for someone who enjoys building structure where complexity exists, translating expectations into action, and working closely with both technology and business leaders to enable confident decisions.

You will be accountable for establishing and operating a consistent approach to security risk, governance, and assurance across a complex enterprise. This includes defining clear expectations, ensuring they are implemented in a practical way, and enabling leadership to understand risk in business terms.

You will work closely with senior technology leaders, business owners, and assurance teams to ensure requirements are clear, measurable, and supported by evidence.

Key Responsibilities

Risk and Decision Support

• Shape and own the group‑wide approach to identifying, assessing, and managing security‑related risk.
• Maintain a consolidated view of material risks, remediation plans, ownership, and progress.
• Enable structured risk acceptance with clear documentation and executive visibility.

Governance and Expectations

• Define and maintain clear security expectations that are understandable and usable across the organization.
• Ensure expectations are translated into actionable standards and operating practices.
• Manage structured exception processes, including time limits and compensating measures.

Assurance and Readiness

• Lead internal reviews of control effectiveness and maturity.
• Coordinate readiness activities for independent reviews and assessments.
• Provide leadership with a clear view of gaps, strengths, and priorities.

External and Partner Risk

• Own the approach to assessing and managing security expectations for external partners and suppliers.
• Embed risk‑based requirements into onboarding and ongoing oversight.
• Enable consistent application across procurement and business teams.

Insight and Reporting

• Define meaningful measures that connect risk and control health to business impact.
• Produce clear, decision‑focused reporting for senior leadership.
• Establish common language, templates, and ways of working across teams.

Who We’re Looking For

• Extensive experience leading security risk, governance, or assurance functions in large, complex environments.
• Strong ability to turn abstract requirements into practical, measurable expectations.
• Comfort working with senior stakeholders and influencing without direct authority.
• Balanced, pragmatic approach in fast‑moving environments.
• Clear, confident communicator able to explain risk, trade‑offs, and priorities.

Helpful but Not Required

• Experience supporting public‑listed company or highly regulated environments.
• Exposure to supplier or partner risk at scale.
• Professional security or risk certifications.

Why This Role

• High visibility and direct engagement with senior leadership.
• Opportunity to shape how risk and assurance are done across the group.
• A mandate to simplify, standardize, and improve—not just maintain.

Argyll Scott Asia is acting as an Employment Agency in relation to this vacancy.