Information Security Manager GRC


United Kingdom

Job Family


For over 80 years, GfK has been a reliable and trusted insight partner for the world’s biggest companies and leading brands who make a difference in every consumer’s life - and we will continue to build on this. We connect data, science and innovative digital research solutions to provide answers for key business questions around consumers, markets, brands and media. With our headquarters in Germany and a presence in around 60 countries worldwide, you benefit from our global company with a diverse community of ~9,000 employees.

Harnessing the power of our workforce, the greatest asset we have is our people. As part of GfK, you can take your future into your own hands. We value talent, skills and responsibility and support your development within our international teams. We are proud of our heritage and our future: Currently we are in the latter stages of a transformational journey from a traditional market research company to a trusted provider of prescriptive data analytics powered by innovative technology. This is only possible with extraordinary people and this is why we are looking for YOU to help create our future. For our employees as well as for our clients we pursue one goal: Growth from Knowledge!

Job Description

The Role:

  • You will report to and work closely with the Head of Information Security to manage a team of globally distributed Information security officers.  Define the Information Security Governance, Risk, and Compliance Strategy at GfK. You will transform the way that GfK manages Cybersecurity risk so that we achieve the tolerance set by the executive team. Create a program of works that will enable the company to achieve ISO:270001 certification.  Update and maintain the Info-sec policy library.  Create and manage the audit plan for Information security across the GfK estate and Manage the training and awareness programs for all our business functions.


  • Lead embedding of active Cyber risk management processes across GfK, helping to ensure that projects are delivered in a secure manner that is aligned with the wider business risk appetite.
  • Lead governance for GfK Information Security risks up to the Executive level, including reporting to and managing stakeholders.
  • Define required organisational risk management skills and capabilities and influence their development.
  • Act as a centre of excellence and best practice in risk management. Provide accurate and pragmatic remediation/risk management guidance/advice.
  • Facilitate workshops with the various Authority departments, to align with wider GfK transformational Security and risk management outcomes.
  • Produce informative and succinct reporting that clearly articulates any identified vulnerabilities and associated risks.

Desirable Skills, Experience, and Certifications:

  • Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005, NIST SP800-37, etc.
  • Have Knowledge of risk assessment in an agile delivery environment
  • Be skilled in workshop facilitation particularly risk identification and assessment.
  • Good level of knowledge of the Cyber Security industry.
  • Have a good understanding of modern IT technologies and services, such as Cloud Computing, Mobile Computing, IT Security, and Infrastructure technologies, and demonstrate an understanding of security architecture.
  • CISM, CRISC, or CISSP certification
  • ITIL V3 Foundation
  • 5yrs experience working in information security or role with transferable skills
  • Experience in working with a geographically dispersed team.

We offer an exciting work environment that brings people together. We encourage an entrepreneurial and innovative spirit. We make use of the latest digital technologies. We are looking for self-starters, who accept challenges and create solutions.

Can there be a better place to take center stage in the digital revolution? We are excited to getting to know you!

Posted: 19 days ago

City: London

Work Area: -

Job Time: Full Time

Requisition ID: R00007087