Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the security strategy and manage information and IT risk across the organisation.
- Company: The Law Society, a leading professional body focused on innovation and resilience.
- Benefits: Competitive salary, professional development, and the chance to shape security culture.
- Why this job: Make a real impact on security posture and influence technology strategy.
- Qualifications: Proven experience in enterprise-level information security and strong leadership skills.
- Other info: Join a dynamic team at the forefront of technology and change.
The predicted salary is between 72000 - 108000 £ per year.
The Law Society is seeking an experienced and visionary Head of Information and Cyber Security to lead their enterprise-wide security strategy. You will define and deliver the security roadmap, manage information and IT risk, and embed a strong security culture across the organisation. Reporting to the Executive Director of Technology & Change, you will act as a trusted adviser, translating complex risks into clear business terms and ensuring they remain secure, resilient, and agile.
Key Responsibilities
- Provide strategic leadership for information and cyber security across the organisation.
- Define and implement the security roadmap, ensuring compliance with regulatory frameworks.
- Manage enterprise-wide security and IT risk, including risk registers, control testing, and executive reporting.
- Develop and embed a cross-organisation security awareness culture.
- Oversee security operations and incident response at a leadership level.
- Ensure robust business continuity, disaster recovery, and operational resilience frameworks.
- Design and manage security assurance and audit programmes.
About You
We’re looking for a proven security leader with:
- A track record in leading enterprise-level information security functions or programmes (Head of, Deputy CISO, or equivalent).
- Deep knowledge of governance, risk management, compliance, and frameworks such as ISO 27001, GDPR, Cyber Essentials, and NIST.
- Ability to balance security risk with business agility using a pragmatic, risk-based approach.
- Experience developing and embedding security awareness across an organisation.
- Strong expertise in cloud security (Azure, M365), data protection, identity & access management, and modern security tooling.
- Understanding of AI, automation, and emerging technology risk management.
- Leadership experience in security operations and incident response.
- Knowledge of business continuity, disaster recovery, and operational resilience frameworks.
- Experience designing and managing security assurance and audit programmes.
Why Join Us?
This is a unique and exciting opportunity to shape the security posture of a leading professional body, ensuring resilience and trust in their systems and services. You’ll work at the heart of the Technology & Change function, influencing strategy and enabling innovation.
Head of Information and Cyber Security employer: Anderson Quigley
Contact Detail:
Anderson Quigley Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of Information and Cyber Security
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on platforms like LinkedIn. We can’t stress enough how important it is to make those personal connections that could lead to job opportunities.
✨Tip Number 2
Prepare for interviews by researching the company and its security culture. Understand their challenges and think about how you can contribute. We recommend practising common interview questions and even doing mock interviews with friends to boost your confidence.
✨Tip Number 3
Showcase your expertise! Create a portfolio or a presentation that highlights your past achievements in information and cyber security. We believe that demonstrating your skills through real-world examples can set you apart from other candidates.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we often have exclusive roles listed there that you won’t find anywhere else. Let’s get you that dream job!
We think you need these skills to ace Head of Information and Cyber Security
Some tips for your application 🫡
Tailor Your CV: Make sure your CV speaks directly to the job description. Highlight your experience in leading information security functions and any relevant frameworks like ISO 27001 or GDPR. We want to see how your background aligns with our needs!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for the Head of Information and Cyber Security role. Share specific examples of how you've managed security risks and built a strong security culture in previous roles.
Showcase Your Leadership Skills: We’re looking for someone who can lead and inspire. In your application, make sure to highlight your leadership experience in security operations and incident response. Tell us about times you’ve successfully guided teams through challenges!
Apply Through Our Website: Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for this exciting opportunity. We can’t wait to see what you bring to the table!
How to prepare for a job interview at Anderson Quigley
✨Know Your Security Frameworks
Make sure you brush up on your knowledge of key frameworks like ISO 27001, GDPR, and Cyber Essentials. Be ready to discuss how you've applied these in previous roles, as this will show your depth of understanding and ability to implement compliance effectively.
✨Showcase Your Leadership Skills
Prepare examples that highlight your leadership experience in security operations and incident response. Think about specific challenges you've faced and how you led your team through them. This will demonstrate your capability to manage and inspire others in a high-stakes environment.
✨Translate Risks into Business Terms
Practice explaining complex security risks in simple, business-friendly language. The interviewers will want to see that you can act as a trusted adviser, so being able to communicate effectively with non-technical stakeholders is crucial.
✨Emphasise a Security Culture
Be prepared to discuss how you've developed and embedded a security awareness culture in past organisations. Share specific initiatives or training programmes you've implemented, as this will show your proactive approach to fostering a secure environment.
