Head of IT Security

As the Head of IT Security, you will own the strategic and operational delivery of all information and cyber security activities. You will develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. Your key responsibilities will include: - Developing, maintaining, and delivering a 3-5 year Security Strategy and Roadmap covering technology, people, and processes. - Embedding security by design across projects, platforms, data flows, and product development. - Leading enterprise-wide information, cyber, and data security governance. - Defining and implementing security frameworks, policies, and operating models. - Ensuring compliance with all relevant regulations and standards. - Leading Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. - Overseeing incident responses, vulnerability management, patch compliance, and secure configuration baselines. - Managing hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. - Driving SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. - Owning enterprise security risk assessments, tracking key risk indicators (KRIs), and reporting on cyber maturity to executive leadership. - Promoting security culture through training, phishing simulations, and awareness programs. - Partnering with IT, Legal, HR, and business units to embed security in operations and service delivery. - Providing security input for vendor assessments, third-party risks, and M&A due diligence.