The GRC Lead is responsible for designing, implementing, and maturing an enterprise-wide Governance, Risk & Compliance (GRC) framework. The role focuses on strengthening organisational resilience across disaster recovery, identity governance, cyber supplier risk, and regulatory compliance (including ISO 27001 and Cyber Essentials+).This is a hands-on leadership role combining strategic governance design with operational execution of risk and compliance controls.Core Responsibilities1. Governance FrameworksDevelop and maintain enterprise GRC frameworks, policies, and security standardsDefine and govern Disaster Recovery (DR) strategy, including:DR testing cyclesDocumentation and audit readinessAlign governance structures with regulatory, contractual, and internal risk requirementsPromote a risk-aware culture across IT and business functionsLead identification and management of IT and enterprise risks, including:Disaster recovery resilience risksIdentity and access governance risksSupplier / third-party cyber riskSingle points of failure in critical systemsMaintain and continuously update the enterprise risk registerDevelop and track risk mitigation and remediation plansProduce and present KRIs (Key Risk Indicators) and risk reporting to senior leadership and board-level stakeholders3. Compliance & Regulatory ManagementLead and manage compliance programs including:ISO 27001 / ISO 27002GDPR and other relevant regulatory frameworksMonitor and interpret regulatory changes and emerging compliance requirementsCoordinate and support internal and external audits, including evidence collectionDeliver compliance training and awareness programs across IT and business units4. Security Controls & Technology RiskOversee identity governance controls, including:Joiner/Mover/Leaver (JML) processesDrive third-party and supplier cyber risk assessmentsPartner with IT teams to ensure cloud, ERP, and enterprise systems meet security and control standardsMaintain and enhance incident response governance and playbooks5. Leadership & Stakeholder EngagementAct as a trusted advisor to CIO and executive leadership on risk, governance, and compliance mattersCollaborate across IT, HR, Procurement, Security, and business unitsBuild and mature a GRC capability and operating modelMentor and develop GRC team members as the function scalesMandatory Training & Development FrameworkCore GRC & Security TrainingISO 27001 / ISO 27002 (Lead Implementer or Auditor level preferred)NIST Cybersecurity Framework (CSF)Regulatory Compliance Training:GDPR and data protection lawsIndustry-specific compliance requirementsThird-Party Risk Management:Leadership DevelopmentExecutive and board-level risk communication and reportingInfluencing cross-functional stakeholders without direct authorityAdvanced training in policy development and governance frameworksContinuous Professional Development (CPD)Engagement with GRC, cybersecurity, and audit industry bodiesAttendance at risk, security, and compliance conferencesOngoing vendor-led training and regulatory updatesAnnual CPD planning aligned to organisational risk prioritiesInternal EnablementDeliver risk and compliance awareness training across the organisationDevelop and maintain internal GRC documentation, standards, and guidanceSupport development of a risk-aware organisational cultureQualifications & ExperienceEducation & CertificationsBachelor’s degree in IT, Cybersecurity, Risk Management, or related disciplinePreferred certifications:CISACRISCCISSPExperience6–15+ years in GRC, cybersecurity risk, internal audit, or enterprise risk rolesProven experience leading enterprise risk and compliance programsHands-on involvement in:Disaster recovery governanceIdentity governance frameworksSupplier / third-party risk managementTechnical & Professional SkillsStrong understanding of:IT infrastructure and cloud environmentsIdentity and access management systemsERP and enterprise platformsAbility to translate technical risk into clear business impactStrong policy writing, documentation, and governance design skillsExcellent stakeholder management and communication abilitiesMust hold Stamp 4, EU or Irish passport - this is fully onsite North Dublinshane.doolin@realtime.jobs with your CV or Direct message me to chat
#J-18808-Ljbffr