Head of Data Security

HEAD OF DATA SECURITY - LONDON - UK ONLY

Key Responsibilities:

Define and drive the enterprise-wide data protection strategy, ensuring robust safeguards for sensitive information across cloud services, applications, and endpoints.
Develop and mature the organisation's DLP operating model, including policy frameworks, rule sets, alerting thresholds, and continuous monitoring enhancements.
Implement strong governance for data classification, handling, retention, and encryption, ensuring secure management of data throughout its lifecycle.
Lead the organisation's strategic direction on quantum‑resilient security, including assessments of quantum-related risks and the creation of a staged readiness plan.
Assess, recommend, and oversee the rollout of advanced cryptographic technologies, ensuring alignment with evolving standards and business risk appetite.
Embed secure data practices across projects and platforms, working collaboratively with Architecture, Technology, Risk, Legal, and Compliance to ensure security is built in from the outset.
Stay ahead of emerging data security and cryptography threats, continuously scanning the external environment for new risks and regulatory drivers.
Act as escalation point for data protection incidents, providing expert advice on containment, investigation, and lessons learned.
Manage relationships with specialist vendors, consultancies, and technology partners, ensuring solutions deliver value and meet security expectations.
Performance Objectives

Deliver a coherent organisational strategy for data protection and DLP, with clear controls, governance structures, and reporting mechanisms.
Reduce data‑exfiltration and insider‑risk exposures, supported by quantifiable improvements in control effectiveness and risk visibility.
Produce a credible, risk‑aligned post‑quantum cryptography roadmap, addressing future‑proofing, migration planning, and regulatory readiness.
Skills and Experience Specification
Essential

Extensive leadership experience in data security, information security, or cybersecurity, ideally within large or complex organisations.
Deep technical knowledge of DLP tooling, data classification models, encryption technologies, and secure data lifecycle controls.
Strong grounding in cryptographic fundamentals, key management schemes, and secure system design.
Demonstrable experience deploying enterprise-grade DLP solutions across hybrid cloud, on‑premises, and endpoint ecosystems.
Ability to convert complex technical risks into clear strategic insights for senior executives and board‑level stakeholders.
Proven capability in cross-functional collaboration, engaging effectively with technology, business, risk, and compliance teams.
Professional security certifications such as CISSP, CISM, CCSP, or cryptography‑specific accreditations.
Awareness of evolving cryptographic and security guidance, including NIST post‑quantum cryptography standards.
Desirable

Hands‑on experience with quantum‑safe cryptography, cryptographic agility programmes, or emerging quantum‑resilient security solutions.
Background in highly regulated sectors such as financial services, insurance, or healthcare.
Experience leading data security incident response, breach investigations, or complex data‑related forensics.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)