Risk, Security & Compliance Lead, permanent hybrid role Cardiff

I am supporting a local private sector organisation to recruit for a Risk, Security and Compliance Lead on a permanent basis. This role is crucial for ensuring IT operations align with regulatory standards and organisational goals. Key areas will include strategic planning, incident response and integrating compliance frameworks (eg GDPR, ISO 27001) to protect critical systems.

Your new role
You will be responsible for developing risk management processes, crisis plans and vendor oversight, whilst collaborating with stakeholders to implement security measures and enhance compliance. Maintaining Incident Response Plans and coordination of rapid incident resolution (eg cybersecurity breaches, data loss), establishing a Vendor Risk Management program to assess third-party compliance. Furthermore, you will be responsible for overseeing security measures, incident responses and network security enhancements, including Fortinet solutions.

What you'll need to succeed

• Certifications; CRISC, CISA, CISM, CISSP, ISO 27001 Lead Auditor, ISO Risk Manager or equivalent
• Strong knowledge of regulatory requirements (eg GDPR, ISO 27001, Data Protection Act 2018), including Data Protection Impact Assessments (DPIAs) and familiarity with frameworks such as Cyber Essentials or ISO 27005.
• Proficiency with MS 365, Intune, VMWare and Fortinet technologies

What you'll get in return
-Annual Salary of £50,000 - £60,000
-28 days annual leave + bank holidays
-Flexible hybrid working model after first 6 months
-Industry leading training
-Employee Assistance Program - free 24/7 confidential helpline (domestic, financial, legal, health support etc)
-High street retail discount scheme
-Staff benefits, wellbeing and recognition platform
-Free on site parking
-Friendly and supportive work environment

What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.