Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and enhance our cybersecurity framework while managing a high-performing security team.
- Company: Dynamic tech company focused on innovative security solutions.
- Benefits: Competitive salary, hybrid work model, and opportunities for professional growth.
- Why this job: Make a real impact in shaping our security strategy and protecting vital information.
- Qualifications: Proven experience in information security leadership and strong understanding of regulatory standards.
- Other info: Join a culture of continuous improvement and achieve Cyber Essentials Plus within your first year.
The predicted salary is between 80000 - 100000 £ per year.
As Head of Information Security, you will be accountable for building, maintaining, and continuously improving a proportionate, risk-based cybersecurity framework aligned to NIST CSF 2.0. This is a hybrid leadership and technical delivery role: while governance, assurance, and influencing across the business are critical, you will also roll up your sleeves to implement and oversee technical security controls where necessary.
You will lead the security strategy, risk management, and compliance initiatives, working closely with IT, Engineering, Product, and third-party partners, while reporting regularly to the CTO, CEO and executive team on risk posture and security priorities.
What You’ll Do:
- Lead the development and operation of our information security program in line with NIST CSF 2.0.
- Own and manage an active risk management framework, ensuring risks are identified, assessed, treated, and monitored.
- Report security posture and key risks clearly to CTO, CEO and executive leadership.
- Define and oversee technical security controls across identity, endpoint, cloud, and network environments.
- Govern outsourced security services (e.g., MDR/SOC) to ensure effective detection, response, and remediation.
- Define and implement a vulnerability management programme.
- Lead incident response planning, testing, and lessons-learned processes.
- Embed security into the delivery lifecycle and ensure secure practices across teams.
- Develop and maintain security awareness programs and training for staff.
- Manage and mentor a high-performing security team including an ISMS coordinator and security engineer, fostering a culture of continuous improvement.
- Achieve Cyber Essentials Plus within first 12 months.
- Maintain, and oversee information security and data governance policies, standards, and procedures.
- Provide oversight and assurance for third-party and supplier security risk management.
What We’re Looking For:
- Proven experience leading information security programs in a scaling or high-change environment.
- Deep understanding of regulatory standards (ISO 27001, NIS2, NIST CSF 2.0, PCI DSS, GDPR) and security frameworks.
- Strong understanding of modern cyber controls: IAM, endpoint security, vulnerability management, cloud security, logging, monitoring, and secure delivery practices.
- Experience managing outsourced security services (MDR/SOC) and vendors.
- Strong leadership, influence, and stakeholder management skills within a matrix delivery model.
- Ability to operate at both strategic and hands-on levels.
- Desirable: CISSP, CISM, CISA, or relevant cloud/security technical certifications.
Head of Information Security in London employer: CyberNorth
Contact Detail:
CyberNorth Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of Information Security in London
✨Tip Number 1
Network like a pro! Reach out to your connections in the cybersecurity field, attend industry events, and join relevant online forums. The more people you know, the better your chances of hearing about job openings before they even hit the market.
✨Tip Number 2
Showcase your expertise! Create a personal website or LinkedIn profile that highlights your achievements in information security. Share articles, insights, or case studies related to NIST CSF 2.0 and other frameworks to demonstrate your knowledge and passion.
✨Tip Number 3
Prepare for interviews by brushing up on both technical and leadership skills. Be ready to discuss how you've implemented security controls and managed risks in previous roles. We want to see your hands-on experience as well as your strategic thinking!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are genuinely interested in joining our team and contributing to our security strategy.
We think you need these skills to ace Head of Information Security in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV speaks directly to the job description. Highlight your experience with information security programs and any relevant certifications like CISSP or CISM. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about cybersecurity and how you can lead our security strategy. Be sure to mention your experience with frameworks like NIST CSF 2.0.
Showcase Your Leadership Skills: Since this role involves leading a high-performing team, don’t forget to highlight your leadership experience. Share examples of how you've influenced stakeholders and managed teams in previous roles.
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. It helps us keep track of your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at CyberNorth
✨Know Your Frameworks
Make sure you’re well-versed in NIST CSF 2.0 and other relevant standards like ISO 27001 and GDPR. Brush up on how these frameworks apply to risk management and security controls, as you’ll need to demonstrate your understanding during the interview.
✨Showcase Your Leadership Skills
Prepare examples of how you've led information security initiatives in previous roles. Highlight your experience in managing teams and influencing stakeholders, as this role requires strong leadership and communication skills.
✨Be Ready for Technical Questions
Expect to dive into technical discussions about IAM, endpoint security, and vulnerability management. Be prepared to explain how you’ve implemented these controls in past projects and how they align with business objectives.
✨Demonstrate Continuous Improvement Mindset
Talk about how you foster a culture of continuous improvement within your teams. Share specific instances where you’ve implemented training programs or security awareness initiatives that have made a tangible impact on security posture.