Kids Planet is a prominent nursery group in the United Kingdom, currently operating at more than 270 locations.
Kids Planet Day Nurseries are seeking someone keen to take the next step up in their career as a Head of InfoSec to lead governance, risk, compliance, and security awareness initiatives across an organisation at a time of significant modernisation. This pivotal role ensures a robust security posture by developing and enforcing policies, standards, and training programmes aligned with business objectives and regulatory requirements. Reporting directly to the Chief Technology Officer, this role is responsible for safeguarding the organisation’s digital assets and ensuring compliance with all relevant data protection legislation, including GDPR. The successful candidate will work collaboratively across the organisation to foster a culture of security and ensure the highest standards of data handling for the safety and privacy of our children, families, and staff.
Key Responsibilities
* Lead the development and enforcement of enterprise-wide information security policies and standards
* Drive security governance and cyber maturity through compliance, assurance reviews, and gap analysis
* Oversight and improvement of the Information Security Risk Management frameworks and processes
* Conduct in-depth supplier due diligence / third-party assurance processes
* Manage audit readiness and support internal/external audit activities
* Own and deliver the organisation's security awareness programme, including campaigns and tailored training
* Manage third‑party security and data governance relationships, including vetting suppliers and ensuring contractual compliance with security requirements
* Lead and develop a small team responsible for info/data security, data protection and governance, providing coaching and training to ensure high performance
* Act as the primary point of contact for security incidents, coordinating incident response and recovery plans and liaising with external authorities when necessary
* Maintain up-to-date knowledge of evolving threats, technologies and regulations relevant to the childcare sector
Person Specification
* Education: Degree in Computer Science, Information Security, or a related field. Relevant professional certifications (e.g., CISSP, CISM, CISA, ISO 27001 Lead Implementer / Auditor, GDPR Practitioner) are highly desirable.
* Experience: Demonstrable experience in a senior InfoSec and/or data governance role, ideally within the education, childcare or not‑for‑profit sectors.
* Technical Expertise: In-depth knowledge of cybersecurity frameworks, best practices, and tools. Strong understanding of UK and EU data protection legislation, including GDPR.
* Leadership: Proven ability to lead, inspire, and develop teams. Experience in managing projects and influencing at a senior level.
* Analytical Skills: Strong problem‑solving abilities and a proactive approach to identifying risks and implementing solutions.
* Communication: Excellent verbal and written communication skills with the ability to explain complex technical issues to non‑specialists.
* Integrity and Discretion: High level of personal integrity and ability to handle sensitive and confidential information appropriately.
* Resilience: Comfortable working under pressure and managing multiple priorities in a fast‑paced environment.
* Knowledge of security frameworks (ISO/IEC 27001, NIST CSF, CIS Controls, Cyber Essentials).
* Pro‑active, pragmatic self‑starter with the ability to effectively lead a small team, including those with potentially differing skill sets, to their own.
Key Relationships
* C Suite and Senior Management Team
* IT and Digital Teams
* Nursery Managers and Operational Staff
* External vendors, consultants and regulatory bodies
What We Offer
* Highly discounted childcare
* Free breakfast, lunches and healthy snacks including fresh fruit
* Birthday leave
* Enhanced Maternity, Paternity, Fertility and Adoption leave
* Fertility leave
* Anniversary awards
* Employee Assistance Programme
* Professional Development
#J-18808-Ljbffr