Director of Cyber Security – Governance
Job in
Andover, Hampshire County, SP10, England, UK
Listed on 2026-07-10
Listing for:
Jobtailor
Full Time
position Listed on 2026-07-10
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, IT Consultant, IT Project Manager
Job Description & How to Apply Below
Responsibilities
- Lead cyber security and IT governance, risk and compliance (GRC) for Twinings
OvO and set the local roadmap, priorities and investment case within ABF Group standards. - Own Twinings
OvO’s cyber risk posture; maintain a single, prioritised cyber risk register with named owners and tracked remediation. - Give the GM and Leadership Team clear visibility of risk exposure and control effectiveness.
- Coordinate local response to security incidents, with rapid escalation to and alignment with the ABF Group security function.
- Drive vulnerability, patch and exposure management in line with Group expectations.
- Own the IT control environment, including ITGCs across SAP S/4
HANA and other core applications. - Operate IT GRC in BAU: governance forums, policy adoption and exceptions, control testing and continuous compliance against ABF and regulatory expectations.
- Lead audit readiness and remediation; act as single point of contact for Internal Audit and external auditors on IT and security, and close findings on time.
- Govern identity, access and segregation‑of‑duties controls for critical systems.
- Embed proportionate security and control requirements into BizTX delivery standards and the project lifecycle.
- Provide security assurance across the transformation portfolio from initiation through to go‑live.
- Significant leadership experience in cyber security and IT governance, risk and compliance.
- Proven track record embedding or maturing security and control capability in a complex organisation.
- Strong grasp of IT control environments, ITGCs, audit and risk frameworks, applied pragmatically rather than dogmatically.
- Credible with senior leadership; challenges honestly and translates technical risk into commercial, decision‑ready terms.
- Comfortable owning local accountability while operating within Group governance – diplomatic with the centre, decisive locally.
- Experience as a Head of Cyber Security, BISO, divisional / business security lead, or in a senior IT GRC leadership role (desirable).
- SAP / ERP, cloud (RISE), AI governance and major transformation experience (desirable).
- Familiarity with ISO 27001, NIST CSF and CIS Controls (desirable).
- Cyber Risk Management
- ITGCs
- Control Testing
- Vulnerability Management
- Patch Management
- Security Assurance
- Risk Frameworks
- Incident Response
- Transformation Portfolio Management
- Commercial Risk Translation
- Diplomatic Communication
- Decisive Leadership
- Credibility With Senior Leadership
- Honest Challenge
- ISO 27001
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×