Key skills
CloudCyber SecurityERPGoAISAPLeadership
About this role
Role Overview
- Lead cyber security and IT governance, risk and compliance (GRC) for TwiningsOvO and set the local roadmap, priorities and investment case within ABF Group standards.
- Own TwiningsOvO’s cyber risk posture; maintain a single, prioritised cyber risk register with named owners and tracked remediation.
- Give the GM and Leadership Team clear visibility of risk exposure and control effectiveness.
- Coordinate local response to security incidents, with rapid escalation to and alignment with the ABF Group security function.
- Drive vulnerability, patch and exposure management in line with Group expectations.
- Own the IT control environment, including ITGCs across SAP S/4HANA and other core applications.
- Operate IT GRC in BAU: governance forums, policy adoption and exceptions, control testing and continuous compliance against ABF and regulatory expectations.
- Lead audit readiness and remediation; act as single point of contact for Internal Audit and external auditors on IT and security, and close findings on time.
- Govern identity, access and segregation-of-duties controls for critical systems.
- Embed proportionate security and control requirements into BizTX delivery standards and the project lifecycle.
- Provide security assurance across the transformation portfolio from initiation through to go-live.
Requirements
- Significant leadership experience in cyber security and IT governance, risk and compliance.
- Proven track record embedding or maturing security and control capability in a complex organisation.
- Strong grasp of IT control environments, ITGCs, audit and risk frameworks, applied pragmatically rather than dogmatically.
- Credible with senior leadership; challenges honestly and translates technical risk into commercial, decision-ready terms.
- Comfortable owning local accountability while operating within Group governance — diplomatic with the centre, decisive locally.
- Experience as a Head of Cyber Security, BISO, divisional / business security lead, or in a senior IT GRC leadership role (desirable).
- SAP / ERP, cloud (RISE), AI governance and major transformation experience (desirable).
- Familiarity with ISO 27001, NIST CSF and CIS Controls (desirable).
Tech Stack
- Cloud
- Cyber Security
- ERP
Benefits
- Yearly bonus based on personal contribution and financial performance
- Flexible working options
- 25 days holiday plus 8 bank holidays and the option to buy and sell holidays
- Onsite Gym and Wellbeing Centre
- Perkbox – employee discount scheme with discounts online, in high street stores, cinema, holidays, restaurants and many more
- Pension scheme with your contributions matched for up to 10% of your salary
- Cycle to work scheme
- SimplyHealth Cash plan
- Onsite Staff shop and online staff discounts
- Bupa Private Medical Insurance
- Competitive Car Allowance
- Electric Car Scheme
- Access to LinkedIn Learning
- Access to ABF Networking, connect, collaborate, and grow across the ABF Group.