The Opportunity
We are delighted to support our client, a large and complex regulated consumer services organisation based in the North of England, in the search for an experienced Head of Cyber Security to lead its enterprise-wide cyber strategy. This pivotal role is accountable for the organisation’s cyber resilience, regulatory compliance, and protection of critical services and data. Providing both leadership and technical expertise, you will play a key role within the technology leadership team and will be the lead in running of day to day security activities, achieving credibility and buy in from stakeholders across the business.
You’ll advise senior leadership and the board on cyber risks, drive ISO 27001 alignment, and lead incident response and continuous improvement initiatives. This is a strategic and hands-on leadership role, ideal for someone passionate about embedding security into the heart of business operations.
Travel to offices across the North will be required.
The Role
Key responsibilities include:
* Strategic Leadership: Develop and implement a cyber strategy aligned with business goals and regulatory expectations
* Risk & Compliance: Manage cyber risks, ensure compliance with GDPR, NIS2, and maintain ISO 27001 readiness.
* Governance & Advisory: Advise the Board and Executive on cyber threats, resilience, and strategic decisions.
* Incident Response: Lead response to cyber incidents, ensuring rapid recovery and regulatory communication.
* Team Leadership: Build and mentor a high-performing cyber team, fostering a culture of accountability and innovation.
* Technology & Controls: Acting as a SME for IT security through to Exec and Board level, overseeing security infrastructure, cloud security, and modern tooling
* Stakeholder Engagement: Collaborate across departments (IT, Risk, Legal, Compliance) to embed security enterprise-wide.
The Person
As a strategic thinker with strong leadership, communication and technical skills, you will have proven experience leading a cyber security function within a regulated business.
Specifically, you will possess:
* Extensive risk management, and regulatory compliance experience
* Strong technical knowledge of security infrastructure, cloud platforms and modern security tooling (SIEM, SOAR).
* Excellent communication and stakeholder engagement skills.
Most importantly you will have a track record of building high-performing teams.