Information Security Risk Manager

Join a Leading Semiconductor Company as a GRC & Cyber Risk Manager!Our client is at the forefront of secure, scalable computing. As part of our Enterprise Security team, you'll play a pivotal role in shaping how we manage cyber risk across their global operations and supply chain. This is a high-impact contract role for a technical risk expert who thrives in complexity and values innovation.Contract DetailsContract Length: 6 months (with potential extension)Daily Rate: £700 per day (inside IR35)Location: Cambridge (hybrid - twice per week on-site)Key ResponsibilitiesLead and enhance Arm's Information Security Risk Management Framework within ServiceNow IRM.Act as technical SME for ServiceNow IRM, embedding frameworks and best practices.Oversee third-party cyber risk assessments, contract reviews, and supplier monitoring.Conduct post-incident reviews and integrate lessons learned into the control environment.Develop and monitor Key Risk and Control Indicators to inform

decision-making.Collaborate across Enterprise IT and Engineering to identify and manage service security risks.Support AI and automation initiatives to streamline GRC processes.Key RequirementsProven hands-on experience with ServiceNow IRM and risk quantification methodologies.Strong knowledge of ISO 27001, NIST CSF, and NIST SP800-53.Certifications such as CRISC, CISM, CISSP, or FAIR are desirable.Excellent stakeholder management and communication skills.Experience in third-party cyber risk management and post-incident analysis.Background in large-scale technical environments (e.G., semiconductors); consultancy or financial sector backgrounds not preferred.Start Date: ASAP