legal
Added Apr 25Information Security Governance Risk and Compliance Lead
at Open Cosmos
Didcot, United KingdomOn-site
Responsibilities
- Building and driving a strong security culture across the organisation through relevant, engaging awareness initiatives •
Requirements
- Leading our approach to certifications such as ISO 27001, SOC 2 and Cyber Essentials Plus •
- A strong understanding of information security governance, risk and compliance, and how these translate into real-world practices •
- Practical knowledge of security frameworks such as ISO 27001, SOC 2 or NIST, and how to apply them effectively •
- A clear understanding of data protection principles, including GDPR and data sovereignty considerations •
- The ability to design policies and controls that are both robust and usable in a fast-moving environment •
- The ability to assess risk pragmatically and make decisions that balance security with business needs •
- To apply, you must have the legal right to work in your chosen location.
- When applying, please submit your CV in English Why Open Cosmos? •
Additional details
- At Open Cosmos we are solving the world’s biggest challenges from space, providing businesses, governments and researchers access to more readily available information than ever before - ready for the challenge? Then read on…
- Our COO Teams are the engine that powers Open Cosmos’ operations.
- This division brings together mission management, supply chain, and quality & product assurance to make sure every mission is delivered smoothly, reliably, and to the highest standards.
- They turn plans into action, keeping us efficient and mission-ready at all times.
- We’re looking for an Information Security GRC Lead to take ownership of how security is defined, embedded and continuously improved across the business.
- This role sits at the intersection of technology, operations and compliance, ensuring that what we build and how we operate remains secure, resilient and aligned with regulatory expectations.
- Defining and evolving our information security governance framework so it is clear, practical and aligned with how we operate •