Leading a global Governance, Risk, and Compliance (GRC) team to drive best in class security, risk programmes and policies to safeguard Arm and its partners.

• Being responsible for the GRC team to deliver and continually improve EIT frameworks including; risk management, business continuity, third party risk, policies, standards, guidelines, controls, assurance and compliance.
• Support ES and wider Arm leadership by informing information security strategies, roadmaps, operating models and supporting governance structures.
• Responsible for strategic risk analysis, management, and operational reporting. Facilitate improvements to EIT policies, standards, and guidelines based on industry standards, incident lessons learned, and input from SMEs and the wider business.
• Establish and maintain strong relationships within EIT and across Arm where GRC interdependencies exist currently or in future business models. Driving a cultural change in Arm to make security part of its ideology whilst enabling an efficient and effective operation.
• Contribute to security, privacy, data and IT risk evaluations throughout Arm’s delivery and operational lifecycles.
• Leading a distributed team, providing strong leadership, performance management and people development.

• 1 or more Information security certifications (e.g. CISSP, CRISC, GIAC, CISM, CISA, ISO 27001).
• 10+ years within information security environment and 5+ years of management experience.
• Experience operating and/or leading a GRC function (e.g. operating model, team management, budgeting, forecasting, strategy, reporting).
• Broad exposure and experience with enterprise technologies and the risks related to how other enterprises use technology to deliver business services.
• Good communication skills, both written and verbal, across teams, vendors, and third parties. Ability to provide senior-level reporting on GRC operations and risk, with a focus on key operational data.