Company Description

This role is based in London, UK Office

At Informa, no two days and no two people are the same, and you'll find the freedom, opportunity and support of a fantastic community to make a real impact.

We’re an international business that connects specialists with knowledge, helping them to learn more, know more and do more through live and on demand events, digital and data-driven services and academic research.

We are home to over 10,000 colleagues across 30 countries and are a member of the UK’s FTSE 100 group of leading public companies. We’re thrilled to have earned the #3 spot in Glassdoor's Best Places to Work 2025 UK list, a recognition based solely on reviews by those who know us best - our current and previous colleagues.

In Global Support, we provide expert guidance and hands-on support to the Informa Group and Informa’s many business teams. Across tech, finance, legal, corporate development, HR, communications, operations and many other areas, we work collaboratively and flexibly to help our brands serve their customers and help the company succeed

Job Description

The Information Security (InfoSec) team at Informa is dedicated to protecting the organisation's information assets and ensuring the confidentiality, integrity, and availability of data. The team is responsible for implementing and maintaining robust security measures, policies, and procedures to safeguard against cyber threats and vulnerabilities. The InfoSec team works collaboratively with our business to embed security practices and awareness, ensuring that security is an integral part of Informa's business operations.

 

The Director of Trust, Risk, Assurance and Compliance (TRAC) is a senior position within the Information Security team and will lead Informa’s trust, risk, assurance, compliance and security culture initiatives / advocacy. This role will contribute to the company's digital transformation and customer engagement initiatives under One Informa. This role will be responsible for developing, implementing, and maintaining a comprehensive information security governance framework, risk management processes, compliance to protect our data and systems and will act to increase engagement, effectiveness and the embedding of security into the company culture. The Director will ensure that Informa's security framework aligns with customer expectations, regulatory requirements and industry standards, while also managing risks and reporting status to management teams and relevant forums

Key Areas of Responsibility/Accountability

Strategic Execution: Execute strategic initiatives that align to One Informa, InfoSec strategy, and the TRAC goals with Informa's broader business objectives. Foster a culture of shared purpose and accountability across all TRAC teams.Stakeholder Engagement: Act as a liaison between the CISO and other functions, facilitating communication and cooperation across Informa. Strengthen cross-functional partnerships to TRAC practices and awareness throughout the organisation.Governance: Develop and implement the principles, policies, standards, and procedures relating to information security governance. Ensure that the organisation's security framework aligns with regulatory & compliance requirements and industry standards.Risk Management: Implement a robust risk management and escalation process through quantitative and qualitative measures. Ensure stakeholders are aware of any risks/issues and delays on security initiatives and their impact. Track and measure the performance and benefits of the security portfolio using key performance indicators, metrics, and dashboards.Compliance: Ensure that the organisation delivers, within its risk appetite, to relevant regulatory & compliance requirements and industry standards. Conduct regular reviews / audits and assessments to identify and address any compliance gaps.Reporting and Metrics: Own and execute the reporting for executive leadership. Develop, or enhance, key risk indicators (KRIs) for governance, risk, and compliance initiatives and ensure consistent reporting cycles that provide actionable insights on InfoSec performance. Implement and deliver Objectives and Key Results (OKR) for the TRAC pillar.

Key Outputs and Outcomes:

Strengthen business engagement and TRAC value.Improve decision-making efficiency and outcomes.Enhance reporting cycles and quality.Lead the delivery of TRAC projects with excellence.Optimise resource allocation and demand management within the pillar.Drive data-driven decision-making through metrics reporting.Ensure successful realisation of the Group, InfoSec & TRAC vision.Improved audit readiness and control maturity through automation and rationalisation of controls.

 

Measures of Success:

Alignment with Group, InfoSec Strategy & Goals: Ensure that all TRAC initiatives are delivered in alignment with the Group and InfoSec strategy and goals.Delivery Time, Cost & Quality: Successfully deliver TRAC projects within the agreed timeframes, budget, and quality standards.Commercial & Financial Measures: Demonstrate the commercial and financial impact of TRAC initiatives through improved cost efficiency, revenue protection, and risk mitigation.Enhanced Security Culture: Foster a strong security culture within Informa, evidenced by increased employee engagement, awareness, and adherence to security policies and practices.Compliance: Manage and achieve a measurable reduction in compliance risk through proactive risk management and mitigation strategies. Then maintain compliance with relevant regulatory requirements and industry standards, as evidenced by successful audit outcomes and minimal compliance gaps.Stakeholder Satisfaction: Ensure high levels of satisfaction among internal and external stakeholders through effective communication, collaboration, and delivery of TRAC initiatives.Innovation and Continuous Improvement: Drive innovation and continuous improvement within the TRAC pillar, evidenced by the adoption of new technologies, processes, and best practices.

 

Qualifications

What we’re looking for

Experience

 

The ideal candidate profile will include the following points:

Experience in a similar role in a large international organisationIn-depth understanding of strategic business risks and wider security and data protection landscape.The ability to interact with Informa colleagues, build good relationships at all levels and across all business units and organisations, and the ability of influence stakeholders of all levelsExcellent verbal, written and interpersonal communication skills. Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audience.Strong skills as a negotiator, to facilitate commitment to, and sign-off on, appropriate levels of residual risk from senior leadership.Ability to work with others effectively, with 3rd parties, internal teams, and international business units, promoting knowledge sharing within and across teams.Demonstrable experience of leading and motivating cross-functional, interdisciplinary teams to achieve tactical and strategic goals in a matrixed organisational structure.Highly self-motivated and directed, with keen attention to detail.A good understanding of Security & regulatory frameworks including ISO27001/NIST/SANs/SOX.Candidates should be working in the security industry or certified if one or several areas of security, ideally including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Systems Security Certified Professional (SSCP)

 

Key Competencies:

Strategic Thinking.Leadership and Team Management.Project Management.Stakeholder Engagement.Communication and Reporting.Resource Management.Change Management.Risk Management.Financial Management.

 

If you are passionate about information security and have a strong background in governance, risk management, and compliance, we encourage you to apply and join our team in protecting Informa’s critical assets and information.

Additional Information

We work hard to make sure Life at Informa is rewarding, supportive and enjoyable for everyone. Here’s some of what you can expect when you join us. But don’t just take our word for it – see what our colleagues have to say at LifeAt.Informa.com

Our benefits include:

Freedom & flexibility: colleagues rate us highly for the flexibility and trust they receive and most of us balance time in the office with time working remotely Great community: a welcoming culture with in-person and online social events, our fantastic Walk the World charity day and active diversity and inclusion networksBroader impact: take up to four days per year to volunteer, with charity match funding available tooCareer opportunity: the opportunity to develop your career with bespoke training and learning, mentoring platforms and on-demand access to thousands of courses on LinkedIn Learning. When it’s time for the next step, we encourage and support internal job movesTime out: 25 days annual leave, rising to 27 days after two years, plus a birthday leave day and the chance to work from (almost!) anywhere for up to four weeks a yearA flexible range of personal benefits to choose from, plus company funded private medical coverA ShareMatch scheme that allows you to become an Informa shareholder with free matching sharesStrong wellbeing support through EAP assistance, mental health first aiders, a healthy living subsidy, access to health apps and moreRecognition for great work, with global awards and kudos programmesAs an international company, the chance to collaborate with teams around the world

We’re not solely focused on a checklist of skills. We champion energy and ambition and look for colleagues who will roll their sleeves up, join in and help make things happen. If it sounds like a match and you have most – although not all – of the skills and experience listed, we welcome your application. At Informa, you'll find inclusive experiences and environments where all perspectives and backgrounds are welcomed. As part of this approach and our diversity and inclusion commitments, we are also formally an Equal Opportunities Employer. This means we base decisions on relevant qualifications and merit and do not discriminate on the basis of key characteristics and statuses, including all of those protected by law. Ask us or see our website for full information. See how Informa handles your personal data when you apply for a job here