Head of Information Security

Hays plc
Manchester, United Kingdom
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
£ 80K

Job location

Manchester, United Kingdom

Tech stack

Microsoft Windows
Azure
Cloud Computing
Computer Security
Intrusion Detection and Prevention
Security Information and Event Management
Software Vulnerability Management
Microsoft Sentinel
Splunk

Job description

Head of Information Security £68,000 - £80,000 plus discretionary bonus and excellent benefits Bolton / Hybrid (3 days on-site)

We're supporting a large, complex organisation seeking a Head of Information Security to lead its global security function. This is a senior strategic role where you will shape the organisation's global information security vision, define enterprise-wide security strategy, and ensure resilience across all technology environments during a time of rapid change.

You'll oversee governance, architecture, operations, and incident response, while working closely with senior leadership to safeguard critical systems, data, and digital services. Acting as a trusted advisor, you'll translate complex cyber risks into clear business insight and drive a secure-by-design culture across the organisation.

This is an exceptional opportunity for an experienced information security leader to make a significant impact within a forward-thinking and highly regulated environment.

Key Responsibilities

  • Define, develop, and drive a global information security strategy aligned to organisational priorities and risk appetite.
  • Lead multidisciplinary teams spanning governance, risk, compliance, architecture, operations, and incident response.
  • Embed recognised frameworks such as ISO 27001, NIST CSF, NIS2, and DORA into policies, processes, and technology platforms.
  • Oversee security operations, including monitoring, threat detection, incident response, and vulnerability management.
  • Conduct and support risk assessments, ensuring robust controls are implemented and maintained.
  • Partner with Technology, Risk, Compliance, Legal, and wider operational teams to identify, manage, and mitigate cyber risks.
  • Ensure secure-by-design principles are incorporated into technology architecture, transformation programmes, and business change.
  • Support business continuity and disaster recovery planning by integrating cybersecurity into resilience frameworks.
  • Act as the organisation's senior representative on information security matters, advising board-level stakeholders when required.
  • Lead engagement with external partners, networks, auditors, and regulatory bodies.

What We're Looking For

  • Proven senior security leadership experience in cybersecurity or information security within a complex, multi-site, or multinational organisation.
  • Extensive experience developing enterprise-wide security strategies aligned to frameworks such as ISO 27001, NIST CSF, CIS Controls, or DORA.
  • Strong understanding of cloud and hybrid security environments, including Microsoft 365 and Azure.
  • Strong operational expertise across EDR/XDR, SIEM (e.g., Microsoft Sentinel, Splunk), identity protection, and vulnerability management.
  • Experience with security audits, compliance programmes, and regulated industry requirements.
  • Excellent communication and influencing skills, with confidence engaging senior executives and leadership teams.
  • Strategic mindset with the ability to balance commercial priorities, operational demands, and cyber risk.

Benefits

  • £68,000 - £80,000 per annum (depending on experience)
  • Discretionary performance-based bonus scheme, circa 10-15%
  • Joint contributory pension scheme 8% - potential to be reviewed in coming months
  • 33 days leave including bank holidays
  • Buy and sell holiday scheme
  • Hybrid working (3 days onsite)
  • Career development opportunities with access to accredited training and qualifications

#4772889 - James

Requirements

  • Proven senior security leadership experience in cybersecurity or information security within a complex, multi-site, or multinational organisation.
  • Extensive experience developing enterprise-wide security strategies aligned to frameworks such as ISO 27001, NIST CSF, CIS Controls, or DORA.
  • Strong understanding of cloud and hybrid security environments, including Microsoft 365 and Azure.
  • Strong operational expertise across EDR/XDR, SIEM (e.g., Microsoft Sentinel, Splunk), identity protection, and vulnerability management.
  • Experience with security audits, compliance programmes, and regulated industry requirements.
  • Excellent communication and influencing skills, with confidence engaging senior executives and leadership teams.
  • Strategic mindset with the ability to balance commercial priorities, operational demands, and cyber risk.

Benefits & conditions

  • £68,000 - £80,000 per annum (depending on experience)
  • Discretionary performance-based bonus scheme, circa 10-15%
  • Joint contributory pension scheme 8% - potential to be reviewed in coming months
  • 33 days leave including bank holidays
  • Buy and sell holiday scheme
  • Hybrid working (3 days onsite)
  • Career development opportunities with access to accredited training and qualifications

#4772889 - James

Apply for this position