Head of Information Security

Willen
5 days ago
Create job alert

Role: Head of Information Security Location: Hybrid - Milton Keynes Reports to: Digitalisation & IT Director  Type: Permanent, Full Time   Salary: Competitive, plus an excellent benefits package The Head of Information Security will provide strategic leadership for the organisation’s Information and Cyber security programme, ensuring alignment with the company’s business objectives and risk appetite. This individual will focus on commercial operations and financial services business units (UK, EU/NE), accountable for ensuring local market compliance whilst adhering to the broader/parent company’s information security policies. Accountable to the executive board, the Head of Information Security will also work closely with local security officers in each market to drive the implementation of robust, market-specific security policies, fostering a culture of security awareness and resilience.

In this role you will:
Own Strategic Leadership, Policy Development & Enablement of Cultural Shift.
•    Define and implement the strategic direction for information and cyber security across UK and European commercial and financial services business units.
•    Operate within a matrix organisational structure to ensure adherence to parent company policies, while developing and managing local policies tailored to market-specific risks.
•    Build a ‘compliance-first’ culture across the organisation.
•    Collaborate with the central Group Information Security function to align local security practices with global standards. 
•    Use knowledge of security best practices to translate standards and policies into tangible deliverables for implementation in the UK and EU markets.

Deliver Operational Oversight and Governance.
•    Establish and maintain a comprehensive cybersecurity framework to protect sensitive customer and business data.
•    Develop risk management strategies and oversee risk assessments to identify vulnerabilities and mitigate threats.
•    Monitor regulatory requirements and ensure the organisation's compliance with relevant standards (e.g., GDPR, ISO 27001).
•    Work with IT operation and network infrastructure team to advise and guide them on security architecture requirements, gaps and opportunities.
•    Ensure compliance with UK and EU data protection laws, industry regulations, and other relevant security requirements, working in collaboration with legal and compliance teams.

Oversee Risk, Compliance & Incident Management.
•    Proactively identify all information security compliance requirements and risks (e.g. in line with group policy, UK/EU regulation), establish baselined and proactively act to remediate gaps to ensure UK/EU markets are on the front foot when it comes to compliance/audit.
•    Lead the response to cybersecurity incidents in the UK and EU markets.

Promote Collaboration and Stakeholder Engagement.
•    Provide regular updates to the executive board on security risks, compliance, and key initiatives.
•    Work closely with legal teams to interpret and apply relevant cybersecurity laws and regulations, providing guidance on legal implications related to security practices.
•    Establish and chair a regional security governance committee.
•    Mentor and support local security officers in their roles, offering hands-on guidance to address operational challenges.
•    Deliver training programs to enhance the security capabilities of local teams and ensure effective incident response readiness.

About you: 
•    Bachelor's or Master's degree (or formal qualifications) in Information Security, Cybersecurity, or a related field (preferred)
•    Proven experience as a senior information security leader, ideally in a matrix organisation with multi-national operations.
•    Deep understanding of commercial and financial services industries, with experience managing security in these domains.
•    Expertise in developing and implementing information security policies, frameworks, and risk management strategies.
•    Strong knowledge of regulatory and compliance requirements (e.g., GDPR, PCI DSS, ISO standards).
•    Exceptional leadership and communication skills, with the ability to influence stakeholders at all levels.
•    Experience in mentoring and supporting distributed security teams across multiple geographies.
•    Relevant certifications (e.g., CISSP, CISM, CISA) are strongly preferred.

If you’re interested in this role we’d love to hear from you. 

Closing date: 04/04/2025

Next steps:
1.    If you like the sound of this position, please apply today.
2.    A member of the Scania Recruitment team will contact you to discuss your application.
3.    If you are successful at that stage, you will be invited to have a conversation with the hiring manager.

We understand that every candidate is unique, and we strive to accommodate your needs. If you require any adjustments during the application process, please reach out to our Recruitment Team, we’ll be happy to discuss these with you

Related Jobs

View all jobs

Head of Information Security

IT Security Officer

Information Security and Compliance Lead

Head of Cyber Security

Head of Cyber Security - Remote

Head of Cyber Security - Remote

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers

Tips for Staying Inspired: How Cyber Security Pros Fuel Creativity and Innovation

Cyber security professionals face a rapidly changing digital landscape, where new threats emerge almost daily and the stakes—protecting critical data, safeguarding personal privacy, and defending entire infrastructures—could not be higher. It’s easy to be consumed by vulnerability scans, incident response workflows, and endless compliance checks. Yet, thriving in this high-pressure environment demands more than just technical know-how. It also requires creativity and innovation, which enable you to stay one step ahead of potential attackers. So how do cyber security experts remain inspired and agile, even when the challenges can feel relentless? Below, we’ll explore ten actionable strategies to help security analysts, threat hunters, penetration testers, and security engineers maintain fresh perspectives and keep innovating. If you’re looking to sharpen your problem-solving skills and rediscover the spark that drew you to cyber security in the first place, these tips can guide you toward a more fulfilling and impactful career.

Careers

Top 10 Cyber Security Career Myths Debunked: Key Facts for Aspiring Professionals

In a hyper-connected world, cyber security is no longer an afterthought—it’s a core component of modern business, government, and everyday life. From stopping ransomware attacks to safeguarding personal data, cyber security professionals shoulder a vital responsibility: keeping digital systems, networks, and data safe. Unsurprisingly, the demand for skilled cyber security talent continues to surge, offering robust and often lucrative career paths. Yet, despite the industry’s prominence, myths and misconceptions about cyber security careers abound. Is it really just about hacking? Do you need to be a superhuman coder with years of experience? Or is cyber security just a niche field, reserved for tech giants? At CyberSecurityJobs.tech, we see firsthand how these myths deter capable individuals from entering or advancing in one of the most dynamic fields in tech. This article aims to bust the top 10 cyber security career myths—providing clear, evidence-based insights into what it really takes to thrive in this ever-evolving domain. Whether you’re a recent graduate exploring the field, a mid-career professional seeking a pivot, or simply curious about the prospects, read on to discover the true breadth and promise of cyber security careers.

Careers

Global vs. Local: Comparing the UK Cyber Security Job Market to International Landscapes

Understanding opportunities, salaries, and work culture in cyber security across the UK, the US, Europe, and Asia Cyber security has rapidly ascended from a back-office concern to a strategic priority for every industry. As data breaches, ransomware, and nation-state attacks increase in frequency and sophistication, organisations worldwide are racing to fortify their digital defences. This ongoing surge in cyber threats fuels an unprecedented demand for skilled security professionals—ranging from penetration testers and threat intelligence analysts to cloud security architects and CISOs. In this article, we’ll explore how the UK cyber security job market compares to major international hubs in the United States, Europe, and Asia. We’ll discuss job opportunities, salary bands, work culture, and provide guidance for those who might be contemplating remote or overseas positions. By understanding the nuances of each region’s cyber security ecosystem, you can make a more informed decision about where and how to advance your career in this high-impact, fast-evolving sector. Whether you’re a seasoned expert with years of experience or a career-changer eager to break into cyber security, this overview will help you navigate the global landscape. By the end, you’ll have a clearer perspective on each region’s advantages and challenges—along with practical insights for seizing the best opportunities in a field that has become mission-critical for every modern organisation.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.