Welcome to Haleon. We’re a purpose-driven, world-class consumer company putting everyday health in the hands of millions. In just three years since our launch, we’ve grown, evolved and are now entering an exciting new chapter – one filled with bold ambitions and enormous opportunity.
Our trusted portfolio of brands – including Sensodyne®, Panadol®, Advil®, Voltaren®, Theraflu®, Otrivin®, and Centrum® – lead in resilient and growing categories. What sets us apart is our unique blend of deep human understanding and trusted science.
Now it’s time to fully realise the full potential of our business and our people. We do this through our Win as One strategy. It puts our purpose – to deliver better everyday health with humanity – at the heart of everything we do. It unites us, inspires us, and challenges us to be better every day, driven by our agile, performance-focused culture.
About the role
The Risk Oversight & Management Director leads a service that ensures D&T risks at enterprise, functional, and operational levels are owned and managed in a consistent, connected, and quantitative manner aligned with Haleon’s ERM methodology. This service establishes governance and oversight for risk identification, assessment, and mitigation, ensuring transparency and accountability across all technology domains. It drives risk culture by enabling risk owners and coordinators to adopt best practices, assess external impacts, define control strategies, and set target risk levels. The role is also responsible for day-to-day third-party cyber risk management activities, including risk assessments, monitoring, and remediation. Additionally, the Director defines and oversees the D&T-wide approval framework for risk exception acceptance, ensuring decisions are documented, justified, and aligned with risk appetite. Through automation, analytics, and integrated reporting, this role transforms risk oversight into a proactive, data-driven capability that strengthens resilience and informs strategic decisions across D&T Business Units and Functions.
Role Responsibilities
management principles, ensuring consistency and connectivity across all levels.
Manage and optimize the end-to-end third-party security risk management process, overseeing assessments, monitoring, and remediation activities to mitigate supplier-related risks. Drive simplification initiatives around people, process and technology.
Support the definition and monitoring of Key Risk Indicators (KRIs) to enable proactive monitoring and escalation of emerging risks.
Assist risk owners and risk coordinators in assessing the impact of external events, ensuring timely updates to risk profiles and mitigation strategies.
Help define and document Control Strategy, providing a high-level description of controls currently in place for key risks. Monitor existing and planned mitigation actions, ensuring progress and effectiveness against agreed timelines.
Drive adoption of risk management practices by risk owners and risk coordinators, providing guidance, tools, and training to ensure consistent execution.
Why you?
Basic Qualifications:
Bachelors Degree
15 years - Proven track record in implementing enterprise risk frameworks and enabling integrated risk management practices.
Significant experience in third-party cyber risk management, including supplier risk assessments and remediation
Expertise in risk analytics, KRI development, and integrated reporting for senior leadership.
Demonstrated ability to drive cultural change and embed risk management into organizational processes.
Experience in automation and digital enablement of risk processes using GRC platforms or similar tools.
Preferred Qualifications:
Job Posting End Date
2026-06-26
Haleon are committed to mobilising our purpose in a way that represents the diverse consumers and communities who rely on our brands every day. It guides us in creating an inclusive culture, where different backgrounds and views are valued and respected – all in support of understanding and best serving the needs of our consumers and unleashing the full potential of our people. It’s important to us that Haleon is a place where all our employees feel they truly belong.
During the application process, we may ask you to share some personal information, which is entirely voluntary. This information ensures we meet certain regulatory and reporting obligations and supports the development, refinement, and execution of our inclusion and belonging programmes that are open to all Haleon employees.
The personal information you provide will be kept confidential, used only for legitimate business purposes, and will never be used in making any employment decisions, including hiring decisions.
If you require a reasonable adjustment or accommodation or other assistance to apply for a job at Haleon at any stage of the application process, please let your recruiter know by providing them with a description of specific adjustments you are requesting. We’ll provide all reasonable adjustments to support you throughout the recruitment process and treat all information you provide us in confidence.
The Haleon recruitment team will contact you using a Haleon email account (@haleon.com). If you are not sure whether the email you received is from Haleon, please get in touch.
