Cyber Security Governance and Risk Manager

Job Title

Cyber Security Governance and Risk Manager

Location

Asda House

Employment Type

Full time

Contract Type

Permanent

Hours Per Week

37.5

Salary

Competitive salary plus benefits

Category

Cyber Security

Closing Date

29 May 2025

 

Asda's Cyber Security team are looking for a Governance and Risk Manager to join the GRC function of our dedicated team. If you are a Cyber Security Governance and Risk Manager looking to pursue your career within an organisation that understands the importance and value in building a strong Cyber Security function this could be the role for you.
 

“Everything about Asda” 

We are a values-led organisation. As such we encourage everyone to be open and honest. We work creatively and collaboratively, valuing everyone’s input. 

Our collaborative culture, the size of our business and our belief in the empowerment of the individual means opportunities at Asda are abundant. 

We conduct £300m worth of transactions every week. Our website handles over 2 million transactions a month. We have more than 145,000 dedicated Asda colleagues ensuring that our customers are at the heart of everything we do.  

“Everything you’ll love”  

• Hybrid and flexible working – minimum of 3 days a week in a Home Office location

• Discretionary bonus – Rewarding you for your hard work and efforts 

• Company Pension Scheme matched to a limit  – Looking forward to the future 

• Minimum 24 days annual leave per year plus 8 bank holidays – Making sure you take time for yourself and switch off 

• 4 weekly pay – which means you get an extra payday a year 

• Digital GP and Wellbeing sessions – Asda genuinely cares so we create a culture where our people can perform at their best, the physical health and mental wellbeing of all our people is very important to us 

• Discount off your shopping at Asda and George - with extra discounts running throughout the year – really makes a difference, saving the colleagues an average of £700 a year 

• Career development and apprenticeship and graduate schemes - we want our colleagues to excel and grow with our business
• Free city centre parking – you can also use it outside working hours 

Plus, much more! 

“That’s more like it” 

“Find your role”  

 You will:

• Manage a team of risk analysts, providing guidance and advice from a technical perspective as they perform risk analysis of systems and solutions to identify security control gaps, the risks they present and define remediation options
• Be responsible for providing stage 1 review and approval of completed security assessments, ahead of final review and approval by Asda CISO
• Build collaborative relationships with business stakeholders to ensure that an effective security culture is in place, promoting positive engagement and behaviours within a commercial environment
• Input into format of assessments, improvements and help maintain the assessment platform
• Assess business risk of on-prem, SaaS solutions & ad-hoc requests.
• Ensure robust management of identified risks, maintaining rigorous control and monitoring
• Manage customer expectations and requirements across a broad technical security environment
• Work collaboratively across the whole Cyber Security function, supporting colleagues and peers by offering advice and guidance when required
• Deliver all work to the highest standard quality, following and driving industry best practice at every opportunity
• Regularly suggest new initiatives and innovative ideas, to improve our ways of working and help to enhance the service and support we offer to our customers

"Let's find out about you” 

• Demonstrate a customer service mindset to deliver high quality, results driven, business focused, secure solutions, to safeguard our business.
• A pragmatic, business focused approach to cybersecurity, capable of analysis of all aspects of risk and benefit.
• Previous experience in a line management role.
• A strong, demonstrable experience of security risk analysis for technical solutions, specifically cloud based solutions/applications.
• Knowledge of industry-related security frameworks and policies (e.g. PCI, ISO27001, GDPR & NIST).
• Ability to engage with a cross-section of stakeholders, both technical and non-technical, at various levels of seniority.
• Excellent written and verbal communication skills. 
• Demonstrable knowledge in security technology and how it reduces or eliminates risk in an enterprise.
• A recognised cyber security certification (i.e. CISSP, CISM, CRISC) is preferable.
• Previous experience in a risk management role.

“Find your everything at Asda” - bringing brighter living within everyone’s reach. 
 
We are passionate about creating a diverse and inclusive workforce, representative of the communities we serve, and are creating ways to inspire diverse talent to join Asda.

Everything you'll love

To ensure we balance moments where we know we need to collaborate together and the need for flexibility, Asda has a hybrid way of working with a minimum 3 days a week in one of our Home Offices.  Over and above this, each area of Asda may have additional requirements which may require spending more days in the office, visiting suppliers, stores or depots.

You will also get an excellent benefits package including:

• Discretionary company bonus
• Company pension up to 7% matched
• Company Car allowance of £5,700
• 15% colleague discount in store and online
• Free access to wellbeing services such as Wagestream, 24/7 virtual GP, counselling, health and dental cash plans and a 24/7 employee assistance helpline, alongside discounts across a range of services and activities, from airport parking, enhanced  to theme parks and cinemas.
• Asda Allies Inclusion Networks – helping colleagues to make sure everybody is included and that our differences are recognised and celebrated
• Excellent parental leave policies, including maternity & adoption leave, paternity leave, shared parental leave, neonatal care leave, and support for those doing fertility treatments.

We want all colleagues to be able to bring their best and true selves to work, every day. Simply put, we want our colleagues to be Proud to be Asda and proud to be themselves"