Head of Cyber Risk and Assurance

Unlocking Strategic Cyber Risk & Assurance Leadership at the University of Surrey

The University of Surrey is embarking on an ambitious and exciting digital transformation journey, presenting a compelling opportunity for a seasoned professional to step into the role of Head of Cyber Risk & Assurance. This pivotal position offers the chance to shape and implement the University's enterprise-wide governance, risk, and compliance (GRC) plan, directly contributing to the institution's mission and upholding stakeholder confidence.

This role is ideal for a candidate who thrives in a strategic environment, possesses exceptional stakeholder management skills, and can expertly translate complex risk scenarios into actionable recommendations for senior leadership and governance committees. You will be instrumental in ensuring that robust risk management frameworks are not only in place but actively support the University's core objectives while maintaining unwavering regulatory compliance.

Key Advantages for Your Career Path:

• Strategic Impact: Play a leading role in defining and executing the University's cyber risk and compliance strategy, influencing critical institutional decisions and the direction of its digital transformation.
• Broad Scope of Responsibility: Oversee a comprehensive range of GRC activities, including developing governance frameworks, managing risk registers, leading incident response, ensuring regulatory adherence (e.g., PCI-DSS, NHS DSP Toolkit), and managing third-party risks.
• Technological Advancement: Provide strategic direction for key GRC technology platforms, such as OneTrust and Bitsight, allowing you to leverage and optimize cutting-edge tools.
• Visibility and Influence: Represent the Director of Cyber Security in stakeholder meetings and act as a subject matter expert, offering significant exposure to senior leadership and governing bodies.
• Professional Growth: Be part of a dynamic and growing IT team that is at the heart of the University's strategic plans, with ample opportunities for professional development in a vibrant working environment.

Key Considerations for Candidates:

• Strategic Acumen: A strong understanding of enterprise-wide risk management principles and the ability to develop and implement effective GRC strategies is paramount.
• Stakeholder Engagement: Exceptional interpersonal and communication skills are essential to effectively engage with a diverse range of stakeholders across the University.
• Technical Familiarity: While not explicitly a hands-on technical role, an understanding of cyber security best practices, relevant regulations, and GRC technology platforms will be highly beneficial.
• Adaptability: The role operates within a period of significant digital transformation, requiring a candidate who can navigate change and adapt to evolving needs.
• Commitment to the Mission: A passion for supporting a leading educational and research institution and contributing to its secure and compliant digital future.

The University of Surrey offers a truly unique and supportive environment. Beyond the competitive salary and market-leading pension contribution (14.5%), you can expect generous holiday entitlement (up to 40 days, including University days and Bank Holidays), and access to a range of employee benefits designed to enhance your well-being and work-life balance. The picturesque campus, collegiate atmosphere, and plentiful development opportunities further contribute to making this a rewarding place to work and thrive.

This role represents a significant opportunity for an experienced Cyber Risk and Assurance professional to make a lasting impact within a respected institution undergoing exciting digital evolution. If you are driven by strategic challenges and eager to contribute to a secure and compliant future, this position warrants your serious consideration.