Job Description
Head of Information Security
Salary: £80,000 - £100,000
Location: Manchester (Hybrid)
Overview
I'm currently working with a well-established technology company that delivers innovative digital solutions across cloud and on-premise platforms. They have a strong footprint in regulated industries and are investing heavily in their cloud infrastructure and security capabilities. As part of their growth and transformation journey, they’re looking to appoint a Head of Information Security to lead and mature their infosec function.
This is a great opportunity for someone who thrives in a strategic, hands-on role, shaping the future of security operations and embedding security-first thinking across the business.
The Role
As Head of Information Security, you’ll be responsible for developing and delivering the company’s information security strategy and operations. You’ll play a key role in ensuring the organisation’s hybrid cloud environment is secure, compliant, and resilient against an evolving threat landscape.
Key Responsibilities
Strategic Leadership
* Develop and maintain the Information Security Strategy aligned with IT and wider business goals
* Build and implement policies, procedures, and board-level metrics to support the strategy
* Lead on the development and maturity of the organisation’s Cyber Risk Management Framework
* Drive a security-aware culture across departments through training, communication, and engagement
Operational Security Oversight
* Support architectural decisions and strengthen the company’s threat modelling approach
* Lead incident response efforts and run simulations, red team exercises, and readiness activities
* Conduct proactive assessments of emerging threats and implement mitigation strategies
* Oversee vulnerability management across a hybrid cloud estate
* Manage security tooling and third-party SOC relationships
* Assess new technologies from a security standpoint, including AI initiatives
* Provide support to commercial teams with security input for tenders, bids, and customer inquiries
Experience and Skills Required
* Professional certifications such as CISSP, CISM, CCSP (or equivalent)
* Proven track record in senior information security roles, ideally in a hybrid cloud environment
* Strong technical understanding of cloud security, particularly AWS
* Experience leading incident response and security operations
* Familiarity with compliance standards such as ISO 27001, SOC 2, HIPAA, GDPR
* Excellent communication skills; able to influence both technical and non-technical stakeholders
* Project management capabilities and experience delivering key security initiatives