Head of Cyber Security (Remote or Hybrid)

This role leads the organisation's cyber security strategy, ensuring strong resilience, compliance, and protection of information assets. You will oversee operations, governance, risk management, and incident response while guiding a high-performing security & infrastructure team., * Develop and deliver the organisation's cyber and information security strategy.

• Lead, mentor, and develop the security team, supporting high performance and continuous improvement.
• Oversee compliance with PCI-DSS, ISO 27001, Cyber Essentials Plus, GDPR, and other regulatory requirements.
• Conduct security risk assessments, maintain governance frameworks, and ensure robust oversight.
• Set, enforce, and update security policies, standards, and technical controls.
• Lead incident response, including investigation, coordination, remediation, and reporting.
• Manage supplier assurance, third-party risk, and security obligations within contracts.
• Plan and support external audits and security reviews, ensuring follow-up actions are delivered.
• Engage senior stakeholders across departments to communicate risks, priorities, and strategic direction.

• Professional security certification (eg, CISSP, CISM, or equivalent).
• Strong experience in cyber security leadership, strategy development, and operational oversight.
• Knowledge and hands-on involvement with PCI-DSS, ISO 27001, and Cyber Essentials Plus.
• Experience managing and developing security teams and influencing organisational change.
• Strong communication skills with the ability to engage executives, technical teams, and partners.
• Experience with budget management and prioritising security investment.

• Primarily remote working with occasional office attendance for collaboration.
• Strong pension offering.
• Generous annual leave and wellbeing support.
• Professional development funding, leadership training, and opportunities to shape a growing team.

Our client is a respected not-for-profit UK organisation with a nationwide footprint. They are investing in cyber security maturity, operational transformation, and long-term strategic development.