Head of security

Preston (Lancashire)
GBV Ltd
Head of security
Posted: 18 June
The role

Head of Digital Security, Risk & Governance

📍 Preston, Lancashire (On-site – 5 days per week)

💰 £95,000 + Bonus + Company Car + Comprehensive Benefits


Lead Security, Risk & Governance for a Global Infrastructure Organisation


A major international infrastructure and engineering business is seeking an experienced Head of Digital Security, Risk & Governance to lead and evolve its enterprise-wide security, risk and governance capability.


This is a strategic leadership role with responsibility for protecting a complex, multi-region estate spanning thousands of employees, multiple operational sites and critical infrastructure environments across the UK and international markets. You'll own the security strategy, governance framework and risk posture, while leading a high-performing team across cyber security, security operations, identity & access management, compliance and digital trust.


The Opportunity


Reporting directly to the Digital Technology Director, you will lead a team of senior managers responsible for:

  • Security Operations
  • Cyber Security
  • Identity & Access Management
  • Governance, Risk & Compliance / Digital Trust

You will shape and develop a wider security function, providing strategic leadership across cyber security, operational resilience, risk management, assurance, privacy and regulatory compliance.

This is an opportunity to influence board-level decision making, partner with executive stakeholders and help build a world-class security function that supports ambitious business growth and transformation programmes.


Key Responsibilities


Security Strategy & Leadership

  • Define and deliver the organisation's security, risk and governance strategy.
  • Act as the senior advisor to executive leadership and board stakeholders on cyber, information and operational risk.
  • Lead, mentor and develop a multidisciplinary security team.
  • Drive a culture of accountability, continuous improvement and operational excellence.
  • Represent the business with clients, regulators, auditors and industry partners.


Cyber Security & Operational Resilience

  • Own security across cloud, infrastructure, networks, identity, endpoints and business applications.
  • Oversee strategic relationships with managed security providers and security partners.
  • Sponsor major incident response activities and crisis management.
  • Drive improvements in threat detection, vulnerability management, security monitoring and response capabilities.
  • Champion secure-by-design principles across technology delivery and engineering teams.


Governance, Risk & Compliance

  • Lead enterprise security governance and assurance programmes.
  • Maintain security policies, standards, control frameworks and risk registers.
  • Oversee audit programmes, certifications and regulatory compliance activities.
  • Ensure risks are effectively identified, assessed and managed.
  • Drive continuous improvement across governance and control frameworks.


Identity, Digital Trust & Assurance

  • Own identity governance and privileged access assurance.
  • Lead supplier security, privacy, client assurance and regulatory readiness initiatives.
  • Support major bids, tenders and customer assurance activities.
  • Partner with Legal, HR, Procurement and Operational teams to strengthen security across the business.


What We're Looking For


Essential Experience


Proven experience in a senior security leadership role such as:

  • Head of Security
  • Head of Information Security
  • Head of Cyber Security
  • CISO


  • Equivalent enterprise security leadership position
  • Experience leading multidisciplinary security functions across operations, governance, risk, compliance and identity management.


Strong understanding of:

  • ISO 27001
  • ISO 27701
  • ISO 22301
  • NIST CSF
  • NIS2
  • Cyber Essentials Plus
  • Experience managing managed SOC, MDR or major security service providers.
  • Track record of leading major incident response and executive stakeholder engagement.
  • Excellent communication skills with the ability to translate technical risks into business outcomes.


Desirable

  • CISSP, CISM, CRISC, CISA or equivalent certifications.
  • Experience within critical infrastructure, utilities, energy, telecommunications or similarly regulated environments.
  • Exposure to M&A due diligence and integration activities.
  • Experience with GRC platforms and enterprise governance tooling.
  • Experience engaging with Boards, Audit Committees and regulatory bodies.


Why Apply?

This is a rare opportunity to join a growing, highly ambitious organisation where security is viewed as a strategic business enabler. You'll have genuine executive visibility, ownership of a significant security portfolio and the chance to shape the future direction of security, risk and governance across a large-scale international operation.


📍 Preston (5 days per week on-site)

💰 £95,000 Base Salary

🎯 Bonus Scheme

🚗 Company Car

🏥 Excellent Benefits Package


For a confidential discussion or to express interest, please apply directly or contact us for further information.

Apply
Create E-mail Alert
Job alert activated
Saved
Save
See more jobs
Similar jobs
Security jobs in Preston (Lancashire)
jobs Preston (Lancashire)
jobs Lancashire
jobs England
Apply
Create E-mail Alert
Job alert activated
Saved
Save