Information Security Lead (GRC, Standards & Assurance)

Company Description

Every minute of every day, Smiths Detection’s threat detection and security screening technology helps to protect people and infrastructure, making the world a safer place. 

Smiths Detection is a global leader in the development, manufacture and management of security and detection solutions designed to make the world a safer place. Our technology provides threat detection and screening solutions for customers in our key markets: aviation, ports and borders, defence, and urban security.

Our expertise spans 21 global offices, seven manufacturing sites and five R&D centres, with a global network of 3,000 dedicated colleagues contributing towards over 40 years at the frontline of advances in safety and security.  

This results in careers built on variety and the opportunity to work on a range of state-of-the-art solutions, where you can develop your knowledge and experience every day.

Job Description

Roles & Responsibilities

• Own and continuously improve information security policies, standards, and control frameworks, ensuring they remain relevant and effective.
• Align and map security controls to regulatory requirements and industry frameworks, maintaining strong governance coverage.
• Lead risk assessments, define pragmatic treatment plans, and drive remediation actions based on business impact and priority.
• Partner closely with first and second lines of defence to support audit readiness, assurance activities, and compliance obligations.
• Provide clear, ongoing assurance on the effectiveness of controls, identifying gaps and driving meaningful improvements.
• Work in close coordination with Enterprise Architecture and Cyber teams to ensure security is embedded in design and delivery.
• Oversee and track control exceptions, risk acceptances, and remediation actions through to completion.
• Support separation activities and Day‑1 readiness by ensuring required controls and evidence are in place.
• Operate with a high degree of independence, managing competing priorities while confidently engaging stakeholders and influencing risk-based decisions.

Qualifications

Qualifications

• Degree-level education (or equivalent) in IT, Information Security, or a related field is required.
• Professional certifications such as CISA, CRISC, or ISO 27001 Lead Auditor are desirable but not essential.
• 4–6 years’ experience across information security, GRC, IT controls, or audit in a global, complex environment.
• Hands-on experience with audits, control testing, and remediation, with a strong understanding of how frameworks operate in practice.
• Familiarity with recognised standards such as ISO 27001, NIST, CMMC, or Cyber Essentials.
• Strong grounding in information security assurance and governance, with the ability to translate technical concepts into clear, business-focused language.
• Proven ability to manage stakeholders, produce high-quality documentation, and navigate complex organisational structures.
• Sound judgement in prioritising risk, recommending improvements, and strengthening control maturity in a practical, outcome-focused way.

Additional Information

Job Purpose: The Information Security Lead is responsible for governance, risk, compliance, and assurance, ensuring that security controls are defined, implemented, and auditable. The role provides confidence to executives, auditors, and regulators, particularly during separation.

Join us and work for a world-leader, with the benefits and training to reward your dedication and skills. Be part of a team where we are making the world a safer place.

We believe that different perspectives and backgrounds are what make a company flourish. All qualified applicants will receive equal consideration for employment regardless of color, religion, sex, sexual orientation, gender identity, national origin, economic status, disability, age, or any other legally protected characteristics. We are proud to be an inclusive company with values grounded in equality and ethics, where we celebrate, support, and embrace diversity.

At no time during the hiring process will Smiths Group, nor any of our recruitment partners ever request payment to enable participation – including, but not limited to, interviews or testing. Avoid fraudulent requests by applying jobs directly through our career’s website (Careers - Smiths Group plc)