Fullstream Business Services
Remote Jobs
1 Jobs
Role Description Information Security Governance, Risk & Compliance Lead - Establish and maintain an enterprise information security governance framework aligned to the prospective client's business objectives, risk appetite, and regulatory requirements. - Develop, maintain, and enhance information security policies, standards, control frameworks, and governance processes aligned to recognised frameworks such as ISO/IEC 27001, NIST, and CIS Controls. - Conduct information security risk assessments, manage the security risk register, oversee risk treatment activities, and support internal, external, and regulatory audits. - Lead third-party and vendor security risk assessments, particularly for outsourced and technology-enabled services. - Design, implement, and maintain an Information Security Management System (ISMS), ensuring integration with broader risk management and governance structures, while supporting certification and continuous improvement initiatives. - Establish and oversee security operations governance, including incident response, cyber resilience, disaster recovery, and business continuity security requirements. - Monitor and report on key security, risk, compliance, and operational metrics, providing regular updates and strategic recommendations to executive management and governance forums. - Drive security awareness, training, and capability-building initiatives to promote a strong security culture and strengthen internal competencies. - Advise senior stakeholders on information security strategy, investment priorities, and risk-based decision-making, while representing the prospective client in engagements with auditors, regulators, and key third parties. Company Description