Security Governance, Risk & Compliance Lead

Role Title :
Security Governance, Risk & Compliance Lead
Type of Role :
Hours (Specific) :
38 Hours
Salary & Benefits :
Competitive plus benefits
Location :
street, Somerset, UK
Closing Date :
Job Advert :

The role

Reporting to the Head of Security and IT Risk Management, you’ll manage and maintain our policy framework and be responsible for designing, operating and maturing the processes that underpin our security management system.

Working with teams from across Technology and our global business, you will inform and lead security engagements with new partners and third parties as well as driving effective ongoing security assessment and risk management activities.

Using your knowledge of security frameworks, you’ll support ongoing assurance activities acting as a subject matter expert to internal stakeholders in order to ensure security requirements are understood and embedded across business teams.

Add in potential to lead on security awareness, supporting the ITLT with the development of meaningful management information and KPI packs, engagement with internal and external audit and any other areas this varied and high-profile role touches on, it’s likely no two days will be the same – if this sounds like the challenge for you, we’d love to hear from you!

About you

An experienced security practitioner, you’ll be familiar with risk management concepts and common security frameworks such as ISO27001 and PCI DSS and will know how these can be applied to business environments.

Ideally, you will have some experience of managing third party security assessment processes and of generating relevant materials to support these – if you have experience of using third party tools such as OneTrust or BitSight even better!

You’ll be passionate about the power of security to drive business change and effective at building strong relationships with key IT and wider business stakeholders in order to understand and assess business processes and identify how security can integrate with, assist and support these.

An effective communicator, you’ll feel comfortable explaining complex and technical security concepts and requirements within a business-focused risk context.

You’ll be autonomous, able to prioritise your workload to meet changing business operational demands while maintaining focus on driving holistic change to ensure effective security outcomes and control improvements.

Required Technical Expertise

  • Extensive experience within information security management, consultancy, risk management or audit roles
  • Familiarity of working with common security and risk management standards and frameworks: ISO27001/27002, PCI DSS, NIST, COBIT etc and of aligning and assessing organisational alignment to these
  • Working knowledge of privacy and data protection laws and regulations globally and how they apply to technology environments (e.g. GDPR, PIPL etc)
  • Understanding of core security concepts and areas: network security, identity and access management, network security, cloud security, data protection, secure code development, threat and vulnerability management etc
  • Likely to hold at least one common security certification (CEH, OSCP, CCSP, CISSP, CISA, CISM etc) alongside other relevant IT certifications (ITIL, AMP, Prince2 etc)
  • Experience of large, multinational retail organisation and of working with enterprise resource planning systems beneficial


About Clarks

Clarks, based in Somerset, England, has been at the forefront of innovative shoemaking since its foundation in 1825, when brothers James and Cyrus Clark made a slipper from sheepskin off-cuts. At the time it was ground-breaking; a combination of invention and craftsmanship that’s remained at the heart of what the brand does now.

In the Clarks archive of more than 22,000 pairs are shoes that have sparked revolutions and defined generations. From the original Clarks Desert Boot, first designed by Nathan Clark and launched in 1950 to the iconic Wallabee, each design has an instantly recognisable signature – a unique combination of craftsmanship and innovation that make it unmistakably Clarks.


Underpinned by a rich heritage and strong values, Clarks is a leading global footwear brand serving millions of consumers across the world, operating retail, wholesale, franchise and online channels in over 100 markets worldwide supported by nearly 6,000 employees across the world.


In February 2021, Clarks entered a new chapter in its history as it formed a partnership with LionRock Capital, positioning the iconic footwear brand for future success as it enters its third century.


We love hearing from great people

Visit us at, follow us on Twitter and become a fan on Facebook. Just look for @JobsatClarks

Clarks International believes that the principle of equality of opportunity is fundamental to the company's operations. Our long-held aim is to provide just and fair treatment for all employees. We will not discriminate on the grounds of sex, age, disability, marital status, colour, race, religion, ethnic origin, sexual orientation or gender reassignment

Back to search Share Apply now