Cybersecurity Director - UK Region | London, UK

Cybersecurity Director - UK Region

Reporting to the EMEA Regional Security Officer, this role is key in managing the regional and solution line operational security risk levels within acceptable parameters through leading remediation programs and deploying Global Cybersecurity Services (GCS) controls. The role acts as a primary contact for all Cybersecurity matters, requiring a broad understanding of security controls and their effective implementation in corporate environments. Strong relationship management skills across the assigned region/sub-region are essential to facilitate business adoption.

As a Director within the Regional Security Office (RSO) service, you will be accountable for service delivery to the region/sub-region and solution lines. The role necessitates effective relationships with senior leadership to support regional business goals and to operate an effective security risk management regime aligned with a security risk mitigation strategy. The trusted security lead will present to local leaders, regulators, and clients as needed. Prior regulatory management experience is required.

This highly visible role within Aon involves embedding effective security controls at scale. We seek someone who introduces innovative ideas and demonstrates a commitment to continual learning. Engagement with business leaders, IT executives, and external clients is vital. The role requires gravitas, influence, and persuasiveness.

Aon values inclusiveness, collaboration, and a 'better together' mindset to deliver distinctive value to colleagues and clients.

What the day will look like

The RSO service provides a regional/sub-regional/solution line connection to GCS to ensure appropriate leverage for risk mitigation. The security services include:

1. Cybersecurity Leadership:

• Provide cybersecurity reporting to leadership committees and Boards.
• Represent cybersecurity to regulatory bodies.
• Own and manage the cybersecurity strategy for the area, leveraging GCS services and promoting local control adoption.
• Oversee the colleague security culture program.
• Represent the region in security incident management.
• Manage remediation efforts, e.g., internal audit findings.
• Ensure cybersecurity compliance and conduct management.

• Manage a cybersecurity risk committee.
• Track remediation of audit and compliance findings.
• Review cybersecurity metrics and lead remediation programs.
• Lead or sponsor cybersecurity initiatives.
• Coordinate with Data Privacy to ensure security controls are in place.

• Manage escalations related to GCS service delivery.
• Support GCS project implementations.
• Contribute to service enhancements based on business feedback.
• Manage cybersecurity intake and relationships.
• Support regulatory and compliance assessments.
• Assist with continuity, disaster recovery, and data governance.

• Represent cybersecurity in client communications and escalations.
• Provide security advice, guidance, and policy support to clients.
• Facilitate engagement with GCS services through proper channels.

Skills and experience that will lead to success

• Broad cybersecurity knowledge and experience in implementing effective control regimes in large, complex environments.
• Solid understanding of domains including application security, vulnerability management, network and cloud security, security operations, physical security, supplier risk management, and cyber awareness.
• Experience in effective cyber risk management at a corporate level.
• Ability to foster partnerships and influence stakeholders up to C-level.
• Exceptional communication skills for diverse and senior audiences.
• Regulatory management experience.
• Experience with compliance assurance and audit practices is desirable.
• Security certifications such as CISSP or CISM are advantageous.
• Knowledge of standards like Sarbanes Oxley (404), ISO27001, and Cyber Essentials+.

How we support our colleagues

We offer a comprehensive benefits package, promote a diverse and inclusive environment, and support work/life balance through flexible working arrangements ('Smart Working'). Our culture encourages continuous learning and growth. We value authenticity, diversity, and equal opportunity, providing reasonable accommodations for applicants with disabilities. For more info, email .

#LI-JK1

#LI-HYBRID

#J-18808-Ljbffr