Chief Information Security Officer

This role isn't about maintaining the status quo. It's about building a strategy that stands up to scrutiny, scales with the business, and embeds the right culture from the top down.

What's in it for you

• Direct access to Board-level decision making and influence
• Ownership of group-wide strategy and direction
• Opportunity to shape governance, controls, and security culture
• High-impact role within a regulated, large-scale environment
• Leadership responsibility across an established function
• Exposure to regulatory frameworks and enterprise-wide transformation, * Define and deliver a group-wide information strategy aligned to business and regulatory requirements
• Establish and maintain governance frameworks to provide assurance to executives and regulators
• Oversee controls, ensuring effectiveness across systems, processes, and teams
• Lead risk assessments, identifying emerging threats and implementing mitigation strategies
• Report risks and posture to executive leadership and key stakeholders
• Build, develop, and lead the information security function, ensuring capability and compliance

• Previous experience operating at senior information security leadership level
• Strong knowledge of frameworks such as ISO27001/2, COBIT, and PCI DSS
• Extensive understanding of IT security technologies, architectures, and governance
• Experience within highly regulated environments, ideally financial services (FCA/PRA)
• Proven track record of developing and delivering security strategies and programmes

Working hours: 50% office-based, standard Monday to Friday business hours