Job description
Information Security Governance Manager
Location: London, UK
Sector: Travel
Stott and May have partnered up with a leader in global travel and event management, renowned for exceptional service and innovative, client-focused technology.
They were also Ranked first in the Sunday Times International Fast Track,
We are seeking a highly skilled Information Security Governance Manager to join our expanding client in their GRC function. This full-time, hands-on role involves managing all aspects of information security governance, risk, and compliance to ensure the implementation of industry standards and best practices across the organization. Reporting to the Director of Security & Trust, you will play a critical role in the strategic growth.
What You’ll Do:
Location: London, UK
Sector: Travel
Stott and May have partnered up with a leader in global travel and event management, renowned for exceptional service and innovative, client-focused technology.
They were also Ranked first in the Sunday Times International Fast Track,
We are seeking a highly skilled Information Security Governance Manager to join our expanding client in their GRC function. This full-time, hands-on role involves managing all aspects of information security governance, risk, and compliance to ensure the implementation of industry standards and best practices across the organization. Reporting to the Director of Security & Trust, you will play a critical role in the strategic growth.
What You’ll Do:
- Lead the Information Security Governance team and program, ensuring compliance with business requirements and regulatory standards.
- Develop, monitor, and maintain information security policies, procedures, and standards.
- Manage the Information Security risk register, conduct risk assessments, and work with stakeholders to implement treatment plans.
- Oversee the third-party risk program, including supplier and partner due diligence.
- Contribute to internal and external audits to maintain certifications and meet business needs.
- Oversee the incident response process, including identification, notification, investigation, and reporting.
- Manage the Fraud Prevention and Information Security Awareness Program to foster a security-conscious culture.
- Support the client trust program, including handling RFPs, contract reviews, and client questionnaires.
- Define and track key performance indicators (KPIs) and key risk indicators (KRIs) to measure program effectiveness.
- Stay updated on security trends, threats, and technologies.
- Strong understanding of information security best practices, regulatory requirements, and industry standards (ISO 27001, ISO 22301, GDPR, PCI-DSS, SOC2, NIST, SOX).
- Excellent attention to detail, proactive approach, and ability to work independently.
- Strong communication and interpersonal skills.
- Knowledge of risk management, incident response, and compliance frameworks.
- Experience working with globally distributed cross-functional teams and managing security initiatives.
- Proficiency in French, Spanish, Italian, or German is a plus.
- Professional certifications such as CISSP, CISM, or CISA are highly desirable.
