Head of Cyber Security

Location: Hybrid working, Kings Hill base with to other sites as required
Salary/package: £70,000–£85,000 per annum
Contract type: Permanent
Hours: Full time, 37 hours per week

We are looking for an experienced and forward-thinking cyber security leader to join our Corporate Services division as Head of Cyber Security. This is a senior strategic role with organisation-wide visibility and impact. If you have the vision, expertise and influence to embed robust cyber security across a complex and fast-growing business, we want to hear from you.

Who we are

Commercial Services Group is one of the UK’s largest local authority-owned trading organisations, comprising 33 diverse businesses that operate across education, local government, the NHS and beyond. We provide services in recruitment, energy, procurement, legal, IT, HR, education supplies, facilities management and more. With more than 1,800 employees and a global footprint, we combine commercial excellence with social impact, reinvesting a significant proportion of our profits into public services.

Corporate Services underpins the success of all Commercial Services Group trading divisions by providing the infrastructure, expertise and governance needed to enable growth, innovation and resilience. The Cyber Security function sits within Corporate IT and plays a central role in protecting the Group’s digital assets, data and reputation.

Why this role matters

As Head of Cyber Security, you will be responsible for shaping and delivering CSG’s cyber security vision and strategy. You will lead the development and continual improvement of a Group-wide security programme, ensuring that our digital infrastructure, applications and data are secure, compliant and resilient. This is a strategic leadership role that also holds operational oversight and will act as the organisation’s Chief Information Security Officer (CISO).

What you’ll be doing

Provide strategic leadership for the Group’s cyber security vision, strategy and programme

Collaborate closely with the Cyber Operations team and wider IT colleagues to align strategy, governance and operational security activities

Monitor and improve the organisation’s information security posture, ensuring initiatives are aligned to business goals

Oversee the Information Security Management System (ISMS) and maintain compliance with relevant standards including ISO 27001, NIST-CSF and Cyber Essentials Plus

Lead on policies, controls and risk mitigation in collaboration with technical and operational teams

Provide assurance over incident response capabilities and governance, ensuring effective escalation procedures

Ensure compliance with all relevant regulatory requirements such as GDPR, NIS and the UK Data Act

Act as the accountable officer for information security across CSG

Report regularly to the Executive Board and Audit & Risk Committee on strategic security matters

Promote a strong culture of cyber security awareness through training and internal engagement

Act as a key liaison for auditors, regulators and law enforcement

Maintain alignment with Kent County Council’s CISO on governance and assurance

What we’re looking for

Significant experience leading cyber security strategy and governance in a complex, multi-entity organisation

Professional certification such as CISM, CISSP or CISA

Hands-on experience managing ISMS and compliance with frameworks such as ISO 27001, NIST, CIS-20CSC and Cyber Essentials

Strong understanding of security legislation and regulatory requirements, including GDPR and PCIDSS

Confident presenting to Executive Boards, Audit Committees and external stakeholders

A collaborative and credible leader, able to influence technical and non-technical audiences

Experience working at a senior level within IT infrastructure and cyber architecture

Comfortable operating across operational and strategic levels with matrix leadership responsibilities

What you’ll get in return

Salary of £70,000–£85,000 per annum

25 days annual leave, rising to 28 after two years, plus your birthday off

Life assurance cover (4x salary)

Single cover health cash plan

Pension scheme with 6 percent employer contribution

Additional benefits including retail and gym discounts, wellbeing programme and cycle to work scheme

Volunteer days and access to a wide range of learning and development opportunities

A collaborative and ambitious working environment with real purpose

Why CSG?

Commercial Services Group is the UK’s largest local authority-owned trading company (LATCO), generating over £800 million in revenue and supporting 16,000 education and public sector customers worldwide. With more than 1,800 employees across the UK, Dubai and Bangkok, we are working towards becoming the global leader in education and public sector solutions.

We are expanding rapidly, with annual growth of around 25 percent, supported by a blend of organic development, acquisitions and strategic partnerships. Our 33 trading businesses deliver a wide range of services including education management, IT, HR, legal, energy, procurement and supplies.

CSG is wholly owned by local authorities, and a significant proportion of our profits is reinvested into frontline public services. Over £77 million has already been returned, reflecting our commitment to combining commercial performance with meaningful social impact.

Inclusion & Accessibility

We are committed to fostering a diverse and inclusive workplace where everyone feels valued and respected. We encourage applications from suitably qualified people of all backgrounds.

We are committed to providing reasonable adjustments throughout our application and interview process; please let us know if you require any