Head of Security and Compliance

Cambridge
3 months ago
Applications closed

Related Jobs

View all jobs

Head of Cyber Security & Information Security

Head of Security Architecture

Head of Cyber Security & Information Security

Head of Data Security

Head of Information Security

Head of Information Security

Why join Marshall Land Systems in this role?

The Head of Business Security & Compliance is responsible for leading the global security and compliance strategy across all UK, European and Canadian sites, programmes, and projects. The role provides senior expertise across information security, cyber security, data governance, and defence security requirements, ensuring the organisation meets all legislative, regulatory, and contractual standards. This position acts as the principal link between technical teams, business leadership, government partners, clients, and external authorities to maintain a robust, compliant, and resilient security environment.

Responsibilities in this role include:

Strategic Security, Data Governance & Compliance Leadership

Provide senior leadership on IT and data compliance, including global expertise in data management, information security, and GDPR requirements.
Establish, maintain, and continuously improve the organisation's security frameworks, procedures, policies, and standards, ensuring alignment with legislation, MoD requirements, Government guidelines, contract requirements and corporate expectations.
Lead initiatives to embed and sustain a robust security culture across all business areas.

Cyber Security Oversight & IT Assurance

Oversee cyber security governance, working closely with IT teams and managed service providers to ensure controls are implemented, functioning, tested, and routinely audited.
Provide senior guidance to ensure IT systems and infrastructure comply with security procedures, data protection standards, and operational requirements.
Develop and deliver organisation-wide training on IT compliance, information security, and cyber security best practices.
Defence Security, Accreditation & Classified Material Management
Act as the organisation's Security Controller and Crypto Custodian, ensuring full compliance with defence security obligations.
Manage all aspects of personnel and facility security clearances, security accreditation, and the handling, processing, storage, mustering, and destruction of protectively marked and crypto-related material.
Lead the management of Security Aspects Letters (SALs), security reporting, audits, and all requirements linked to defence contracts.

Physical, Facilities & Operational Security

Plan, implement, and oversee FSC-compliant physical and operational security measures for sites, facilities, programmes, and projects.
Manage contracts and performance for security services, systems, and equipment.
Ensure security vetting processes are effectively managed in partnership with HR and deliver mandatory security inductions and briefings.

Assurance, Monitoring & Reporting

Lead the audit and assurance programme to validate the effectiveness of security procedures, controls, and compliance measures.
Analyse security incidents, produce monthly security performance reporting, and proactively address emerging patterns or risks.
Maintain organisational security SLAs, manuals, and compliance documentation, ensuring all accreditations remain current and properly governed.

Stakeholder Engagement & External Relations

Work closely with internal stakeholders to anticipate and resolve security risks, ensuring programmes and projects meet required security standards.
Maintain influential relationships with external commercial and government security advisors, including the Police, CTSA, MOD, NPSA, DE&S, and other relevant agencies.
Represent the organisation confidently in all security-related engagements, audits, and consultations.

Continuous Improvement & Environmental Awareness

Monitor changes in legislation, technology, threat landscapes, and best practices to ensure the organisation remains compliant and well-protected.
Drive continuous improvement across all areas of security and compliance.

Apply if you have most of the following:

Extensive experience in security, information assurance, cyber governance, or compliance roles.
Proven track record leading security in a multi-site or multinational organisation.
Experience working with MoD, NPSA, DE&S, government security agencies, or other regulated defence/security environments.
Experience handling classified information, managing clearances, or acting in roles such as Security Controller or Crypto Custodian.
Demonstrated experience overseeing cyber security controls, audits, or compliance in partnership with IT teams and MSPs.
Familiarity with frameworks such as ISO 27001, NIST, CAF, or similar standards.
Experience developing corporate security policies, frameworks, and operating procedures.
Experience leading security accreditation, assurance reviews, or certification maintenance.
Exposure to facility and physical security planning, contract management, and security technology solutions.
Experience delivering security awareness training and supporting cultural transformation programmes.
Successful track record working with senior leadership teams, HR, IT, facilities, programme management, and external partners.
Experience presenting security performance, risks, and incident insights to executive boards or senior stakeholders.
Experience analysing incidents, producing incident reports, and implementing corrective actions

Additional local needs

The successful candidate will need to be eligible to obtain full SC clearance.

The benefits we will offer you include:

27 days holiday increasing with service up to 30 days (option to buy /sell)
Pension contributions up to 9%
Private medical insurance for you and your partner
Extensive flexible benefit program including Cycle to Work
Life assurance at 4x basic salary
Enhanced parental leave and pay
Paid volunteering leave
Access to industry leading wellbeing resources and tools

Marshall Land Systems is a Canadian-owned global company with an unrivalled pedigree of British engineering excellence. From its origins in Cambridge, UK, through more than a century of innovation, pioneering advances from the nose of Concorde to the early Hydrogen fuel cell technology that ultimately powered the moon landings, Marshall engineers now continue to innovate specialist vehicles and infrastructure for NATO forces across the world. From bomb disposal vehicles to deployed shelters, from command and control to CT scanners on the battlefield, Marshall Land Systems protects people in critical situations with the very best in engineering. It employs 600 people with major facilities the UK, Canada, and the Netherlands.

#LI-Hybrid

#LI-DS1

#IND-AEO

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers

How Many Cyber Security Tools Do You Need to Know to Get a Cyber Security Job?

If you are trying to build or move forward in a cyber security career, it can feel like the list of tools you are expected to know never ends. One job advert asks for SIEM platforms, another mentions penetration testing tools, another lists cloud security, threat intelligence platforms, endpoint detection, scripting languages and compliance frameworks. Scroll LinkedIn and it gets worse. Everyone seems to “know” dozens of tools, certifications and platforms. Here is the reality most cyber security hiring managers agree on: they are not hiring you because you know every tool. They are hiring you because you understand risk, can think like an attacker and a defender, follow process, communicate clearly and make good decisions under pressure. Tools matter — but only when they support those outcomes. So how many cyber security tools do you actually need to know to get a job? For most job seekers, the answer is far fewer than you think. This article explains what employers really expect, which tools are essential, which are role-specific and how to focus your learning so you look credible, not overwhelmed.

Jobs

What Hiring Managers Look for First in Cyber Security Job Applications (UK Guide)

If you want to stand out in the highly competitive world of cyber security job applications, you need to understand what hiring managers look for before they even finish reading a CV. Cyber security hiring managers scan applications quickly and with specific priorities in mind. They assess not just your technical ability, but your judgement, professionalism, clarity, risk awareness and evidence of impact. This guide explains what hiring managers look for first in cyber security applications across roles like Security Analyst, Security Engineer, Penetration Tester, Incident Responder, Security Architect, Governance Risk and Compliance specialists and Cloud Security positions. Use this as a practical, step-by-step checklist to sharpen your CV, LinkedIn profile, cover letter and portfolio before you apply on www.cybersecurityjobs.tech .

Education

The Skills Gap in Cyber Security Jobs: What Universities Aren’t Teaching

Cyber security has become one of the most critical disciplines in the modern economy. From protecting financial systems and healthcare data to securing national infrastructure, cloud platforms and supply chains, cyber security professionals now sit at the frontline of digital trust. Demand for cyber security talent in the UK has surged. Job vacancies remain high, salaries continue to rise, and organisations across every sector report difficulty hiring skilled professionals. Yet despite this demand, many graduates struggle to break into cyber security roles and employers consistently report that candidates are not job-ready. The problem is not intelligence, ambition or academic effort. It is a persistent and widening skills gap between university education and real-world cyber security work. This article explores that gap in depth: what universities teach well, what they routinely miss, why the gap exists, what employers actually want, and how jobseekers can bridge the divide to build sustainable careers in cyber security.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.