Information Security Governance Risk and Compliance Lead

Aim high, go beyond!

At Open Cosmos we are solving the world’s biggest challenges from space, providing businesses, governments and researchers access to more readily available information than ever before - ready for the challenge? Then read on…

Working in our Chief Operating Office (COO)

Our COO Teams are the engine that powers Open Cosmos’ operations. This division brings together mission management, supply chain, and quality & product assurance to make sure every mission is delivered smoothly, reliably, and to the highest standards. They turn plans into action, keeping us efficient and mission-ready at all times.

We’re looking for an Information Security GRC Lead to take ownership of how security is defined, embedded and continuously improved across the business. This role sits at the intersection of technology, operations and compliance, ensuring that what we build and how we operate remains secure, resilient and aligned with regulatory expectations.

• Defining and evolving our information security governance framework so it is clear, practical and aligned with how we operate
• Owning and shaping security policies, standards and controls so they are understood, usable and consistently applied
• Working closely with Engineering, Product and business teams to embed security into day-to-day decisions and workflows
• Building and driving a strong security culture across the organisation through relevant, engaging awareness initiatives
• Owning the risk register, ensuring risks are identified, assessed and actively managed
• Partnering with teams to prioritise and track mitigation actions in a way that supports delivery
• Defining and operating our approach to vendor and supply chain security, ensuring third-party risks are understood and controlled
• Ensuring data is handled appropriately, particularly where data sovereignty and regulatory requirements apply
• Leading our approach to certifications such as ISO 27001, SOC 2 and Cyber Essentials Plus
• Acting as the main point of contact for audits, coordinating evidence, stakeholders and outcomes
• Running internal assessments to identify gaps early and continuously improve our security posture

• A strong understanding of information security governance, risk and compliance, and how these translate into real-world practices
• Practical knowledge of security frameworks such as ISO 27001, SOC 2 or NIST, and how to apply them effectively
• A clear understanding of data protection principles, including GDPR and data sovereignty considerations
• The ability to design policies and controls that are both robust and usable in a fast-moving environment
• Confidence working across technical and non-technical teams, bringing clarity to complex topics
• The ability to assess risk pragmatically and make decisions that balance security with business needs
• Strong ownership, with the drive to take initiatives from definition through to delivery
• A collaborative approach, building trust and alignment across teams
• Confidence to challenge where needed, ensuring risks are surfaced and addressed appropriately
• A mindset focused on continuous improvement, always looking to strengthen how things are done
• High levels of integrity when working with sensitive information and regulatory requirements

For this role you can be based in any of our locations.

To apply, you must have the legal right to work in your chosen location.

When applying, please submit your CV in English.

• Work at the cutting edge of space technology with customers around the globe.
• A mission-driven company making space accessible to help solve real-world challenges.
• A diverse, ambitious, and supportive team.

Open Cosmos is dedicated to solving customer problems with insights from space. Whether this is monitoring agricultural yields, assessing the damage of oil spills or providing navigation solutions, we believe that data from satellites is the most effective and sustainable way of achieving this.