Data & AI
AI
Consulting
Technology

Featured

Financial services
Infrastructure & transport
Public
Retail
Industrials

Featured

Experienced
Early careers
Working at Valcon
Our values
About Valcon

Featured

Blogs
Company news
Events

Featured

All case studies

By industry

By capability

Featured

Our values
Leadership team
Our partners
Working at Valcon
Sustainability at Valcon

Featured

Governance Officer

About Valcon

At Valcon, we are a European powerhouse in data & Al-driven business transformation. We combine deep expertise in data and Al with our heritage in operational excellence, failsafe delivery and organisational change. Trusted partner to Europe’s leading organisations, we don’t just advise – we implement and deliver sustainable business transformation.

Backed by private equity, Valcon has brought together leading firms to form one of Europe’s fastest-growing consultancies. In the UK, we’re scaling quickly, while maintaining a collaborative, hands-on, and down-to-earth culture.

The Governance Officer supports Valcon Group to ensure the consultancy operates with strong governance, robust information security practices, and consistent ISO Quality compliance across all client engagements and internal operations. This role combines traditional governance oversight with the ability to adapt to the changing nature of consultancy.

You work closely with the Director of Operations, Group IT Manager, Partners, and consulting teams to maintain and improve the organisation’s Information Security Management System (ISMS), supporting a range of ISO compliance frameworks, IR35, supply chain management and embedding a culture of assurance and accountability.
 

Key Responsibilities
Governance & Compliance
 

  • Maintain and enhance the organisation’s governance framework, ensuring alignment with regulatory, contractual, and industry standards.
  • Oversee compliance with internal policies, client requirements, and relevant legislation (e.g, GDPR, data protection, cybersecurity regulations).
  • Conduct internal audits and governance reviews, producing clear recommendations and action plans.
  • Support project teams in meeting governance requirements without introducing unnecessary overhead.

ISMS Management (ISO 27001)
 

  • Act as the primary owner and coordinator of the Information Security Management System (ISMS).
  • Maintain ISO 27001 documentation, policies, procedures, and evidence repositories.
  • Plan, execute, and document internal ISMS audits; coordinate external surveillance and recertification audits.
  • Monitor and report on ISMS performance, including KPIs, non‑conformities, corrective actions, and opportunities for improvement.
  • Ensure risk assessments are performed regularly and that risk treatment plans are implemented and tracked.
  • Lead security awareness initiatives, ensuring staff understand their responsibilities and follow secure practices.
  • Manage the incident management process, including logging, investigation, root‑cause analysis, and lessons learned.
  • Work with technical teams to ensure security controls are implemented, maintained, and continuously improved.

Risk Management
 

  • Maintain the organisation‑wide risk register, ensuring risks are identified, assessed, and mitigated.
  • Facilitate risk workshops with delivery teams and leadership.
  • Provide clear reporting on risk trends, emerging threats, and required actions.

Project & Portfolio Governance
 

  • Support project managers in applying governance processes, including stage gates, reporting cycles, and documentation standards.
  • Review project artefacts (RAID logs, change requests, business cases) for completeness and quality.
  • Consolidate portfolio‑level reporting for leadership, highlighting risks, dependencies, and performance indicators.

Quality Assurance
 

  • Define and maintain quality standards for deliverables and client outputs as outlined in ISO9001.
  • Conduct quality reviews and provide actionable feedback to project teams.
  • Identify recurring issues and drive continuous improvement initiatives.

Stakeholder Engagement
 

  • Act as a trusted advisor to internal teams and clients on governance, risk, and information security best practices.
  • Facilitate governance boards, steering committees, and security forums.
  • Communicate governance and ISMS requirements clearly and constructively.

What Success Looks Like
 

  • The ISMS is well‑maintained, audit‑ready, and continuously improving.
  • Governance processes are consistently applied and understood across the consultancy.
  • Risks are proactively managed, with clear visibility and fewer escalations including IR35 related matters
  • Clients experience increased confidence in the organisation’s security posture and delivery quality.
  • Teams view governance and security as enablers of high‑quality delivery.

 

Experience

  • Experience in governance, risk, compliance, or PMO roles within an IT consultancy or technology driven organisation.
  • Hands on experience managing or supporting an ISO 27001 ISMS
  • Strong understanding of information security principles, risk management, and audit processes.
  • Excellent communication, documentation, and stakeholder management skills.
  • Ability to influence teams and embed good governance and security practices.
  • High attention to detail and a structured, analytical approach.
  • IR35 SME implementation and audit experience
  • Experience supporting cloud security, digital transformation, or managed services environments.
  • Familiarity with governance and security tools (e.g., Jira, Confluence, GRC platforms).

Keywords

    Location

    United Kingdom

    Apply today!

    We are valconeers

    Close ✖

    Governance Officer


      Job Primary Location: United Kingdom