Job Description

Information Security Governance, Risk & Compliance Manager

London or Birmingham

Here at Pinsent Masons we bring together the best people to get the job done. We’re naturally curious, constantly learning, listening, and growing. We’ll truly value your ideas. You’ll be joining an award-winning, hardworking and commercially minded team, where you’ll have the opportunity to work with leading experts and form meaningful relationships, while making a difference. You’ll get the opportunity to be involved in varied and challenging work. Working in an open and supportive environment, to deliver outstanding results. Our people are our success, and we work as one team.

We are recruiting an Information Security Governance, Risk & Compliance (GRC) Manager to lead and shape the firm’s GRC function, ensuring an integrated approach to governance, risk, assurance and compliance aligned to business and regulatory priorities.

Successful applicants will be given the opportunity to take on a highly visible leadership role, influencing strategic decision making, and supporting Board-level reporting while remaining hands-on across key initiatives.

This role can be based out of either our London or Birmingham Offices. Our standard working hours are 9.30am-5.30pm, and we operate a 3 days in the office, 2 days from home working model, however as an inclusive employer, we are willing to consider any flexible working requests.

Candidate Overview

We are looking for candidates who ideally hold the following skills and experience:

• Proven experience leading governance, risk and compliance (GRC) activity within a complex or regulated environment (legal sector experience advantageous).
• Demonstrable experience operating at senior level, including deputising for a CISO or equivalent and contributing to Board-level reporting.
• Strong experience of delivering or leading programmes/projects, including participation in project steercos and governance forums.
• Experience owning and delivering certification outcomes (e.g. ISO 27001 and Cyber Essentials Plus or similar), with accountability for audit readiness and compliance delivery.
• Ability to define and implement GRC strategy, governance frameworks and operating models aligned to business priorities.
• Experience leading digitised, data-driven and automated audit and assurance programmes, with AI-first thinking.
• Broad technology or information security understanding, with the credibility to support higher-level decision making.

What happens next?

Once your application has been submitted and reviewed, our Talent Acquisition team will share the outcome with you by email.

We typically hold two interview stages per vacancy providing the opportunity to meet two members of the hiring team at each stage. The first stage is typically conducted virtually and the second stage typically in person at the office in which the role would be based. However, we strive to remain flexible depending on the requirements of the role or the candidate.

Our strength lies in our differences.

We are a top Stonewall employer, a Valuable 500 member, a signatory of the Race at Work Charter and a proud partner of Neurodiversity in Law. We encourage and value different ideas and styles of thinking. It’s with different perspectives that we’ll find solutions to our clients’ most complex challenges. It’s how we’ll deliver outstanding results today, and tomorrow. We want everybody attending an interview to be comfortable and able to fully demonstrate their experience and talents

#LI-BONF