The Head of Security Governance Risk and Compliance (SGRC) is a leadership role and the main purpose of the job is to take responsibility for leading the strategic planning and delivery of the cross-University approach for the governance and management of information security risk and compliance in support of the University’s strategic and operational objectives, legislative requirements and industry-accepted good practice. The SGRC function is a core activity in, and crucial to the success of, the central Information Security team’s service which is of key strategic importance to the University. The role requires extensive experience and specialist expertise in information security governance, risk and compliance in order to lead the University’s approach to managing information security risk and compliance, and to provide strategic level advice.
As part of the management team of the University’s central information security service team, the Head of SGRC contributes towards the strategic planning for managing information security across the institution; defines, leads, assesses and is accountable for the quality of the University’s information security governance and risk services; and leads a team of SGRC specialists to support teaching, research and the administration of the University.
The Head of SGRC is also responsible for setting the standard for and delivering information governance as a service to the Medical Sciences Division. This service is of key strategic importance to the division, and the Head of SGRC is responsible for developing, implementing and monitoring the success and quality of a comprehensive divisional information governance framework to ensure compliance with external requirements and support the division’s strategic objectives by securing funding and research data from external parties. The service evaluates current ways of working and the impact on funding and research, and introduces appropriate solutions and new ways of working to effectively and efficiently secure research data and funding across the division.
Establishing collaborative relationships with and leading senior managers and stakeholders across the collegiate University is crucial to the success of the role and the University’s strategic objective of enabling a fit-for-purpose and effective information security framework in order to protect the brand and reputation of the University; support the delivery of the IT Strategic Plan; enable all staff and students to use existing and emerging technologies with confidence; and meet external requirements for securing funding and research data.