Spectrum IT are supporting a highly established international innovation and manufacturing business in the search for a Governance, Risk & Compliance (GRC) Lead. This role will continue to strengthen the enterprise risk, security and compliance posture while establishing and maturing group wide governance frameworks, improving disaster recovery and identity governance controls, managing third party cyber risk, and ensuring compliance with standards such as ISO27001 and Cyber Essentials+.
The role will work closely with IT, security and business stakeholders, providing clear risk visibility to senior leadership while also driving hands on improvements that materially reduce operational and cyber risk. This is an office based role in Dublin, suitable candidates for this role must be able to commute to the office daily.
Key Responsibilities
Governance
Develop and implement governance frameworks, policies, and standards
Establish and manage Disaster Recovery governance (RPO/RTO, testing, documentation)
Align governance structures with regulatory and contractual obligations
Promote a risk-aware culture across IT and the wider business
Identify, assess, and manage enterprise IT risks (DR, identity, supplier risk, SPOFs)
Maintain and evolve the corporate risk register
Define mitigation strategies and track remediation progress
Report risk posture, metrics, and KRIs to senior leadership and board
Compliance
Lead compliance programmes (ISO27001, Cyber Essentials+, GDPR)
Manage internal/external audits and evidence collectionMonitor regulatory change and ensure ongoing compliance
Deliver compliance training across IT and business teams
Technology & Security Controls
Oversee identity governance (JML processes, credential risk)
Lead third-party and supplier cyber risk management
Ensure controls across cloud, ERP, and critical systems meet best practice
Own incident response governance and playbooks
Leadership & Stakeholder Management
Act as a trusted advisor to executive leadership on GRC matters
Collaborate across IT, Security, HR, Procurement, and business units
Build and scale GRC capability as the function mature
Skills & Experience
Extensive experience in GRC, IT risk, cybersecurity, or internal audit
Proven experience implementing risk and compliance frameworks
Strong knowledge of ISO27001/2, NIST CSF, GDPR, and enterprise risk models
Experience across DR, identity governance, supplier risk, and compliance programmes
Strong stakeholder management and communication skills
Ability to translate technical risk into business impact
Certifications: CISA, CRISC, CISSP, ISO27001 Lead Implementer/Auditor
Experience in cloud, ERP, and enterprise IT environments
Exposure to board-level reporting and governance forums
#J-18808-Ljbffr