Cybersecurity Director - UK Region | London, UK

Jobleads
London
9 months ago
Applications closed

Related Jobs

View all jobs

Finance Director

Finance Director

Finance Director

CyberSecurity – Operations Engineer – Graduates Considered

Marketing Manager

Cyber Security New Business Director

Cybersecurity Director - UK Region

Reporting to the EMEA Regional Security Officer, this role is key in managing the regional and solution line operational security risk levels within acceptable parameters through leading remediation programs and deploying Global Cybersecurity Services (GCS) controls. The role acts as a primary contact for all Cybersecurity matters, requiring a broad understanding of security controls and their effective implementation in corporate environments. Strong relationship management skills across the assigned region/sub-region are essential to facilitate business adoption.

As a Director within the Regional Security Office (RSO) service, you will be accountable for service delivery to the region/sub-region and solution lines. The role necessitates effective relationships with senior leadership to support regional business goals and to operate an effective security risk management regime aligned with a security risk mitigation strategy. The trusted security lead will present to local leaders, regulators, and clients as needed. Prior regulatory management experience is required.

This highly visible role within Aon involves embedding effective security controls at scale. We seek someone who introduces innovative ideas and demonstrates a commitment to continual learning. Engagement with business leaders, IT executives, and external clients is vital. The role requires gravitas, influence, and persuasiveness.

Aon values inclusiveness, collaboration, and a 'better together' mindset to deliver distinctive value to colleagues and clients.

What the day will look like

The RSO service provides a regional/sub-regional/solution line connection to GCS to ensure appropriate leverage for risk mitigation. The security services include:

  1. Cybersecurity Leadership:
  • Provide cybersecurity reporting to leadership committees and Boards.
  • Represent cybersecurity to regulatory bodies.
  • Own and manage the cybersecurity strategy for the area, leveraging GCS services and promoting local control adoption.
  • Oversee the colleague security culture program.
  • Represent the region in security incident management.
  • Manage remediation efforts, e.g., internal audit findings.
  • Ensure cybersecurity compliance and conduct management.
Cybersecurity Risk Management:
  • Manage a cybersecurity risk committee.
  • Track remediation of audit and compliance findings.
  • Review cybersecurity metrics and lead remediation programs.
  • Lead or sponsor cybersecurity initiatives.
  • Coordinate with Data Privacy to ensure security controls are in place.
GCS Service Delivery Management:
  • Manage escalations related to GCS service delivery.
  • Support GCS project implementations.
  • Contribute to service enhancements based on business feedback.
  • Manage cybersecurity intake and relationships.
  • Support regulatory and compliance assessments.
  • Assist with continuity, disaster recovery, and data governance.
Client Support/Escalation Management:
  • Represent cybersecurity in client communications and escalations.
  • Provide security advice, guidance, and policy support to clients.
  • Facilitate engagement with GCS services through proper channels.

Skills and experience that will lead to success

  • Broad cybersecurity knowledge and experience in implementing effective control regimes in large, complex environments.
  • Solid understanding of domains including application security, vulnerability management, network and cloud security, security operations, physical security, supplier risk management, and cyber awareness.
  • Experience in effective cyber risk management at a corporate level.
  • Ability to foster partnerships and influence stakeholders up to C-level.
  • Exceptional communication skills for diverse and senior audiences.
  • Regulatory management experience.
  • Experience with compliance assurance and audit practices is desirable.
  • Security certifications such as CISSP or CISM are advantageous.
  • Knowledge of standards like Sarbanes Oxley (404), ISO27001, and Cyber Essentials+.

How we support our colleagues

We offer a comprehensive benefits package, promote a diverse and inclusive environment, and support work/life balance through flexible working arrangements ('Smart Working'). Our culture encourages continuous learning and growth. We value authenticity, diversity, and equal opportunity, providing reasonable accommodations for applicants with disabilities. For more info, email .

#LI-JK1

#LI-HYBRID


#J-18808-Ljbffr

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

SOC Analyst Jobs UK 2026: Salaries, Skills & How to Get Hired

Cyber security is one of the UK's fastest-growing career paths — and SOC analyst is where most people begin. It's in high demand, genuinely accessible, and you don't need a degree or years of experience to get started. But knowing what UK employers actually want in 2026 — what they pay, which certs matter, and how to stand out — is a different matter. This guide covers all of it.

Careers

How Many Cyber Security Tools Do You Need to Know to Get a Cyber Security Job?

If you are trying to build or move forward in a cyber security career, it can feel like the list of tools you are expected to know never ends. One job advert asks for SIEM platforms, another mentions penetration testing tools, another lists cloud security, threat intelligence platforms, endpoint detection, scripting languages and compliance frameworks. Scroll LinkedIn and it gets worse. Everyone seems to “know” dozens of tools, certifications and platforms. Here is the reality most cyber security hiring managers agree on: they are not hiring you because you know every tool. They are hiring you because you understand risk, can think like an attacker and a defender, follow process, communicate clearly and make good decisions under pressure. Tools matter — but only when they support those outcomes. So how many cyber security tools do you actually need to know to get a job? For most job seekers, the answer is far fewer than you think. This article explains what employers really expect, which tools are essential, which are role-specific and how to focus your learning so you look credible, not overwhelmed.

Jobs

What Hiring Managers Look for First in Cyber Security Job Applications (UK Guide)

If you want to stand out in the highly competitive world of cyber security job applications, you need to understand what hiring managers look for before they even finish reading a CV. Cyber security hiring managers scan applications quickly and with specific priorities in mind. They assess not just your technical ability, but your judgement, professionalism, clarity, risk awareness and evidence of impact. This guide explains what hiring managers look for first in cyber security applications across roles like Security Analyst, Security Engineer, Penetration Tester, Incident Responder, Security Architect, Governance Risk and Compliance specialists and Cloud Security positions. Use this as a practical, step-by-step checklist to sharpen your CV, LinkedIn profile, cover letter and portfolio before you apply on www.cybersecurityjobs.tech .

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.