Our people are what make our family great. As a proud family-run business, we see childcare as a profession, not just a job. We’re passionate about helping our teams grow and be the best they can be! Kids Planet is a prominent nursery group in the United Kingdom, currently operating at more than 270 locations. Established in 2008 with only 4 sites, the company has experienced substantial growth over the years. Kids Planet Day Nurseries are seeking someone keen to take the next step up in their career as a Head of InfoSec to lead governance, risk, compliance, and security awareness initiatives across an organisation at a time of significant modernisation. This pivotal role ensures a robust security posture by developing and enforcing policies, standards, and training programmes aligned with business objectives and regulatory requirements. Reporting directly to the Chief Technology Officer, this role is responsible for safeguarding the organisation’s digital assets and ensuring compliance with all relevant data protection legislation, including GDPR. The successful candidate will work collaboratively across the organisation to foster a culture of security and ensure the highest standards of data handling for the safety and privacy of our children, families, and staff. Key Responsibilities · Lead the development and enforcement of enterprise-wide information security policies and standards · Drive security governance and cyber maturity through compliance, assurance reviews, and gap analysis · Oversight and improvement of the Information Security Risk Management frameworks and processes · Conducting in-depth supplier due diligence / third-party assurance processes · Manage audit readiness and support internal/external audit activities · Own and deliver the organisation's security awareness programme, including campaigns and tailored training · Manage third-party security and data governance relationships, including vetting suppliers and ensuring contractual compliance with security requirements. · Lead and develop a small team responsible for info/data security, data protection, and governance, providing coaching and training to ensure high performance. · Act as the primary point of contact for security incidents, coordinating incident response and recovery plans, and liaising with external authorities when necessary. · Maintain up-to-date knowledge of evolving threats, technologies, and regulations relevant to the childcare sector. Person Specification · Education: Degree in Computer Science, Information Security, or a related field. Relevant professional certifications (e.g., CISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor, GDPR Practitioner) are highly desirable. · Experience: Demonstrable experience in a senior InfoSec and/or data governance role, ideally within the education, childcare, or not-for-profit sectors. · Technical Expertise: In-depth knowledge of cybersecurity frameworks, best practices, and tools. Strong understanding of UK and EU data protection legislation, including GDPR. · Leadership: Proven ability to lead, inspire, and develop teams. Experience in managing projects and influencing at a senior level. · Analytical Skills: Strong problem-solving abilities and a proactive approach to identifying risks and implementing solutions. · Communication: Excellent verbal and written communication skills with the ability to explain complex technical issues to non-specialists. · Integrity and Discretion: High level of personal integrity and ability to handle sensitive and confidential information appropriately. · Resilience: Comfortable working under pressure and managing multiple priorities in a fast-paced environment. · Knowledge of security frameworks (ISO/IEC 27001, NIST CSF, CIS Controls, Cyber Essentials). · Pro-active, pragmatic self-starter with the ability to effectively lead a small team, including those with potentially differing skill sets, to their own. Key Relationships · C Suite and Senior Management Team · IT and Digital Teams · Nursery Managers and Operational Staff · External vendors, consultants, and regulatory bodies What We Offer The company offers great benefits such as: · Highly discounted childcare · Free breakfast, lunches and healthy snacks including fresh fruit. · Birthday Leave · Enhanced Maternity, Paternity, Fertility and Adoption leave. · Fertility Leave · Anniversary Awards · Employee Assistance Programme · Professional Development