Our investment advisory client is seeking an experienced Director of Information Security to lead the cybersecurity program of a prestigious, globally recognised portfolio company, ensuring the protection of sensitive intellectual property, critical resources, and global operations. This role combines technical expertise with strategic business engagement, ensuring that security is seamlessly integrated across all commercial activities. This role will oversee the organization's
security strategy, security operations, vulnerability management, incident response, risk identification and mitigation planning / implementation, identity management, network security, privacy, and compliance. The Director will work closely and report to the Group CISO.
Responsibilities
Strategic Leadership & Business Partnership
* Act as a trusted advisor to leadership across operations, engineering, and corporate functions.
* Translate cybersecurity risks into business terms, enabling executives to make informed decisions.
* Partner with various areas within the business to embed security into projects & daily operations.
* Define and drive the overall security roadmap, ensuring it evolves with the business.
* Lead security benchmarking and strategic planning
* Continuous assessment of risk across the organization paired with the ability to implement risk treatment plans that do not hamper innovation.
Technical & Operational Oversight
* Oversee network security architecture, monitoring, and the segmentation of a complex network.
* Manage Privileged Access Management (PAM) platforms, enforcing robust identity and access controls.
* Drive cloud security initiatives across Azure and AWS, including monitoring, workload protection, and identity governance.
* Oversee vulnerability management for hybrid cloud environments, integrating tools such as Wiz, Axonius, and ServiceNow.
* Oversee advanced DLP and insider risk management to protect critical IP.
* Partner with IT and Operations to ensure resilience in the event of cyber incidents or infrastructure outages.
* Coordinate penetration testing, red team exercises, and remediation activities.
* Partner with IT and DevOps teams to embed secure-by-design principles into systems, applications, and IaC.
* Oversight of the Incident Response plan as well as hosting of regular table top simulations for the executive leadership team.
* Reporting of key security metrics to both the CISO and executive leadership team.
Governance, Risk & Compliance
* Maintain a risk register and provide actionable reporting to business leaders and the CISO.
* Ensure compliance with regulations, GDPR, ISO 27001, NIS2, as well as Enterprise security standards.
* Define and track security KPIs/KRIs that measure technical posture and business impact.
* Support internal and external audits, ensuring continuous readiness.
Required experience:
* 7+ years in cybersecurity
leadership
, with proven ability to bridge technical depth and business engagement.
* Strong hands-on experience with:
* Hybrid Microsoft stack (Windows, Active Directory, Azure, O365).
* Linux administration and security.
* PAM solutions (CyberArk, BeyondTrust, or equivalent).
* SOC/SIEM operations and incident response.
* EDR/XDR and endpoint hardening
* Vulnerability management tooling
* Track record of engaging directly with senior business leaders to communicate risk and influence decisions.
Nice to Haves:
* Exposure to Cato Networks, Microsoft Azure, AWS, Wiz, Axonius, ServiceNow.
* Familiarity with DevSecOps, container security, and infrastructure as code.
* Experience in manufacturing, aerospace, defense, or other high-IP, high-performance industries.
* Relevant certifications such as CISSP, CISM, CCSP, or CRISC.
Interested? Apply today Vertex Search is acting as a recruitment agency on this engagement.