Head of Technology Risk & Assurance

Head of Technology Risk & Assurance

LONDON OR WINCHESTER, United Kingdom

Location: We operate a flexible, hybrid working environment, with the successful candidate required to travel to our London (Newman Street) or Winchester office 2–3 days a week, depending on business needs.

We offer

• Up to £110,000 base salary 
• 15% Bonus
• 6% Pension contribution
• Private Medical Insurance
• 25 days annual leave
• Access to our comprehensive flexible benefits platform, including discounts on big brands, wellness and employee assistance programmes, gymflex, travel and dental insurance
• Work. Life. Smarter. Our commitment to a flexible and hybrid working culture

Role Purpose

Design and implement changes to information security governance & risk management, to ensure that the organisation’s security posture is robust, compliant, and adaptable to emerging threats while aligning with strategic business goals.

Accountabilities

• Ensure ISO27001 compliance and maturity by identifying and recommending changes to Infosec policies, processes, control frameworks 
• Ensure that we are consistently compliant with customer, regulatory, and shareholder obligations. 
• Implement and continuously improve a risk management process across the organisation. 
• Maintain and assess the effectiveness of the security controls catalogue; recommend improvements. 
• Own the Information Security Management System (ISMS) to ensure compliance with internal and external requirements. 
• Provide assurance that security controls are operating effectively and aligned with defined frameworks. 
• Maintain company risk portfolio and actively review and risk finding 
• Conduct internal assessments against regulatory and customer obligations, compliance assessments, and gap analyses. 
• Develop and implement governance frameworks aligned with business and regulatory requirements. 

Skills

• Cyber Risk Oversight – Strategic understanding of cyber security risks and the ability to oversee the implementation of appropriate controls, assurance mechanisms, and reporting frameworks. 
• Cyber Governance & Advisory – Expertise in leading the adoption of industry cyber frameworks (e.g., NIST, ISO) and providing high-level advisory to boards, executives, and stakeholders on emerging threats and compliance posture. 
• Incident Oversight & Resilience – Executive capability to govern cyber incident response strategies, ensuring the organisation’s preparedness, crisis management, and post-incident assurance processes. 
• Security Governance Principles – Deep knowledge of foundational security principles and the ability to embed these into governance, assurance, and risk management practices across the organisation. 
• Information Security & Compliance – Strategic leadership in the application and assurance of security and compliance frameworks (e.g., ISO 27001, GDPR, NIS2), ensuring audit readiness and regulatory alignment. 

Knowledge & Experience

• Deep understanding of enterprise risk management (ERM), governance, and control frameworks 
• In-depth knowledge of security, information assurance, and compliance frameworks (e.g., ISO 27001, NIST CSF, COBIT). 
• Familiarity with legal and regulatory requirements across cyber and operational domains (e.g., GDPR, NIS2, TSA, CSR).
• Awareness of internal audit methodology, assurance planning, and reporting mechanisms. 
• Understanding of board-level reporting, risk appetite, and strategic alignment of risk functions. 
• Knowledge of business continuity, resilience planning, and risk treatment strategies. 

We are the undisputed leader in UK TV and radio broadcast, and the UK’s leading Smart utilities platform, directly shaping the future of connectivity.  

Through our established infrastructure we ensure that media and data are delivered exactly where they’re needed most, whether it’s bringing content to your TV or radio or transmitting data from your smart meter to your utility provider - chances are our services are a part of your daily life, seamlessly connecting you through our behind-the-scenes technology.  

With an impressive history and an innovative future ahead of us, leading the transition of global media distribution to cloud based solutions and creating scalable solutions for new connectivity sectors - you’ll have many opportunities to develop and grow your unique career with us.  

Why Arqiva? Reward . Connection . Growth 

At Arqiva, we believe in supporting you to be your best, both at work and outside of it. That’s why our rewards and benefits go far beyond your pay; take a look at our totalreward2025 booklet. 

Here, you’ll find endless opportunities to connect, whether that’s with colleagues through our internal networks and events or by making a difference in the communities where we work. 

And when it comes to your career, we’re committed to helping you grow. Whether you want to become a specialist in your field or climb to the top, we’ll support you every step of the way.