Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the information security strategy and manage compliance with ISO standards.
- Company: Join a dynamic online retail business focused on innovation and security.
- Benefits: Enjoy flexible working options and opportunities for professional growth.
- Why this job: Make a real impact on cybersecurity while mentoring teams in a supportive culture.
- Qualifications: Proven experience with ISO27001 & ISO9001 accreditations is essential.
- Other info: Ideal for those passionate about shaping security practices in a fast-paced environment.
The predicted salary is between 43200 - 72000 £ per year.
Head of Information Security required for online retail business. The role will initially be focused on ISO27001 & ISO9001 recertifications.
Responsibilities
- Lead on information security strategy and implementation of security roadmap
- Develop security KPIs and track their progress
- Advise senior management on risk levels and any changes impacting security posture, including emerging threats
- Create, maintain, and implement information security policies
- Continuously validate the firm against policies and procedures to ensure compliance against ISO 27001, ISO 9001, Cyber Essentials+, and GDPR
- Manage and continuously improve the firm's Information Security Management System
- Oversee the information security training and awareness program
- Lead on internal and external audits and track audit findings through to mitigation
- Identify and communicate emerging security threats with relevant stakeholders
- Provide security due diligence in procurement processes and oversee continuous supplier assurance
- Manage security incidents and coordinate incident response processes
- Select and implement GRC controls and assist in selection and implementation of information security technologies
- Identify security requirements specific to an information technology (IT) system in all phases of the system life cycle
- Develop new, or enhance current, security procedures to reduce or eliminate potential threats
- Ensure that cybersecurity requirements are embedded into new programs of work
- Provide management and mentorship to security teams and supporting staff
- Create and then lead the Security Operations Centre (SOC), ensuring real-time monitoring and incident response
- Drive security awareness training and governance, risk, and compliance (GRC) initiatives
- Creation and presentation of reporting to senior stakeholders, highlighting threats, compliance gaps, and mitigation progress
- Conduct risk assessments, maintain risk registers, and design risk treatment plans
- Support oversight of vulnerability tooling & processes, assess risk and prioritise remediation
- Lead internal/external audits (ISO 27001 and ISO 9001) and ensure compliance with regulations (GDPR)
- Support wider IT project requirements through management of defined gates, provision of guidance and assessment of controls
As an ideal candidate, you will have a proven track record of bringing organisations through ISO27001 & ISO 9001 accreditations. ISO27001 lead implementer or auditor qualifications are essential.
Head of Information Security employer: Barclay Simpson
Contact Detail:
Barclay Simpson Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of Information Security
✨Tip Number 1
Network with professionals in the information security field, especially those who have experience with ISO27001 and ISO9001. Attend industry conferences or webinars to connect with potential colleagues and learn about the latest trends and challenges in the sector.
✨Tip Number 2
Familiarise yourself with the specific compliance requirements of ISO27001 and ISO9001. Understanding these standards inside out will not only help you in interviews but also demonstrate your commitment to the role and its responsibilities.
✨Tip Number 3
Prepare to discuss your previous experiences in leading security initiatives and managing teams. Be ready to share specific examples of how you've successfully implemented security policies or handled incidents, as this will showcase your leadership skills.
✨Tip Number 4
Stay updated on emerging threats and trends in cybersecurity. Being knowledgeable about current issues will allow you to engage in meaningful discussions during interviews and show that you are proactive about security management.
We think you need these skills to ace Head of Information Security
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with ISO27001 and ISO9001 accreditations. Include specific examples of how you've led information security strategies and implemented security roadmaps in previous roles.
Craft a Compelling Cover Letter: In your cover letter, emphasise your proven track record in managing information security management systems and your ability to advise senior management on risk levels. Mention any relevant certifications, such as ISO27001 lead implementer or auditor qualifications.
Showcase Leadership Skills: Since the role involves managing teams and providing mentorship, be sure to include examples of your leadership experience. Discuss how you've driven security awareness training and governance initiatives in past positions.
Highlight Compliance Experience: Detail your experience with compliance frameworks like Cyber Essentials+ and GDPR. Provide examples of how you've conducted risk assessments, maintained risk registers, and led internal/external audits to ensure compliance.
How to prepare for a job interview at Barclay Simpson
✨Showcase Your Expertise in ISO Standards
Make sure to highlight your experience with ISO27001 and ISO9001 during the interview. Be prepared to discuss specific examples of how you've successfully led organisations through these accreditations, as this will demonstrate your capability to fulfil a key requirement of the role.
✨Prepare for Technical Questions
Expect to be asked about various information security frameworks and compliance requirements, including Cyber Essentials+ and GDPR. Brush up on your knowledge of these areas and be ready to explain how you would implement and maintain compliance within the organisation.
✨Demonstrate Leadership Skills
As the Head of Information Security, you'll need to lead teams and manage stakeholders. Prepare to discuss your leadership style and provide examples of how you've mentored staff or driven security initiatives in previous roles. This will show that you're not just technically proficient but also capable of guiding others.
✨Communicate Clearly About Risk Management
Be ready to talk about your approach to risk assessments and how you prioritise remediation efforts. Use specific examples to illustrate your thought process and decision-making skills when it comes to managing security incidents and communicating risks to senior management.
