Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the development and execution of the company's information security strategy.
- Company: Join Heywood, a market leader in software and data solutions for financial journeys.
- Benefits: Enjoy hybrid work, performance bonuses, and a range of health and wellbeing perks.
- Why this job: Shape the future of information security while enjoying a vibrant, innovative culture.
- Qualifications: Must have industry certifications like CISSP, CISM, or equivalent and strong cloud security knowledge.
- Other info: Participate in fun social events and continuous learning opportunities.
The predicted salary is between 85000 - 95000 £ per year.
About you
Do you thrive on shaping information security goals and setting the direction and vision of information security?
Does identifying potential security vulnerabilities across multiple platforms and planning remediation activity come as second nature to you?
Do you have the technical security expertise to increase the maturity level of information security operations?
Do you have a good track record of success in managing information and cyber security incidents and data breaches?
If so, then you could be just what we are looking for. Read on to find out more…
The role
As Head of Information Security, your role will be to develop, shape and update the Company’s information security capability, ensuring it remains secure against an ever-changing threat landscape.
Key responsibilities include:
- Information security strategy
- Create and maintain the Company’s strategy, ensuring alignment to the Company’s strategy and business goals
- Communicate the information security strategy to relevant parties, providing assurance of policies, procedures, and systems
- Develop, maintain, and expand the information security management system (‘ISMS’)
- Responsible for the Company’s information security capability, ensuring it remains secure against an ever-changing threat landscape
- Operational input
- Contribute to design and architectural decisions and improve approach to the Company’s threat modelling
- Lead on information security incidents and work directly with internal teams and external parties on containment and mitigation activities
- Execute threat simulations
- Assess emerging and potential security threats and act proactively to mitigate relevant threats
- End to end vulnerability management
- Manage security toolset
- Experience/qualifications
- Industry certifications such as CISSP, CISM, CISA, or equivalent
- Expert in information security
- Excellent knowledge of security frameworks, standards, and regulations, including ISO 27001, SOC 2, HIPAA, GDPR, etc
- Strong understanding of cloud security principles and best practices, particularly in AWS/Azure
- Experience in managing security incidents and leading incident response
- Good communication and interpersonal skills, with the ability to effectively communicate security-related questions to technical and non-technical stakeholders (employees, customers, or partners)
- Project management skills, with the ability to manage projects such as processes implementation and improvement, security systems implementation
- Ability to collaborate cross-functionally and influence stakeholders at all levels of the organisation
About us
Heywood combines a passion for software with Agile methodologies to create modern software and data solutions and services for businesses, pension providers and third parties that help transform how their members and customers manage their lifelong financial journeys.
Working for an expanding established market leader, you will have a real voice to influence our evolution. Continued learning and progression is ingrained in our daily life, encouraged through a variety of forums from e-learning subscriptions and a monthly community day (“Hive Day”) and communities of practice for learning and experimentation. Our open culture encourages wide participation and innovation.
We also reward our hard work through regular socials, organised by our people. Social events include fiercely competitive bake-offs, Pride month office parties, sporting events, games nights and much more!
We are committed to a hybrid working model, combining the best of remote and office-based working.
Job Types: Full-time, Permanent
Pay: £85,000.00-£95,000.00 per year
Additional pay:
- Performance bonus
Benefits:
- Bereavement leave
- Casual dress
- Company events
- Company pension
- Cycle to work scheme
- Enhanced maternity leave
- Enhanced paternity leave
- Free flu jabs
- Free parking
- Health & wellbeing programme
- Life insurance
- On-site parking
- Paid volunteer time
- Private medical insurance
- Referral programme
- Sick pay
- Work from home
Schedule:
- Monday to Friday
Work Location: Hybrid remote in Altrincham
#J-18808-Ljbffr
Head of Information Security employer: Heywood Limited
Contact Detail:
Heywood Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of Information Security
✨Tip Number 1
Make sure to stay updated on the latest trends and threats in information security. Follow industry leaders on social media and participate in relevant forums to demonstrate your knowledge and passion for the field.
✨Tip Number 2
Network with professionals in the information security space. Attend conferences, webinars, or local meetups to connect with others and learn about potential job openings that may not be advertised.
✨Tip Number 3
Showcase your leadership skills by volunteering for projects that involve cross-functional collaboration. This will help you build a reputation as someone who can effectively communicate and influence stakeholders at all levels.
✨Tip Number 4
Prepare for interviews by practicing how to articulate your experience with security frameworks and incident management. Be ready to discuss specific examples of how you've successfully managed security incidents in the past.
We think you need these skills to ace Head of Information Security
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in information security, particularly your expertise in managing incidents and developing security strategies. Use keywords from the job description to align your skills with what the company is looking for.
Craft a Compelling Cover Letter: In your cover letter, express your passion for shaping information security goals and your track record in managing security incidents. Be specific about how your previous experiences align with the responsibilities of the Head of Information Security role.
Showcase Relevant Certifications: List your industry certifications such as CISSP, CISM, or CISA prominently in your application. These qualifications are crucial for this role and demonstrate your commitment to the field of information security.
Prepare for Technical Questions: Anticipate technical questions related to security frameworks, incident response, and cloud security principles during the interview process. Be ready to discuss your approach to threat modeling and vulnerability management.
How to prepare for a job interview at Heywood Limited
✨Show Your Strategic Vision
Be prepared to discuss how you would develop and maintain the company's information security strategy. Highlight your experience in aligning security goals with business objectives and how you've successfully communicated these strategies to various stakeholders.
✨Demonstrate Technical Expertise
Make sure to showcase your technical knowledge in information security frameworks and regulations like ISO 27001, SOC 2, and GDPR. Be ready to provide examples of how you've applied this knowledge in previous roles, especially in managing security incidents.
✨Discuss Incident Management Experience
Prepare to talk about your past experiences in managing information and cyber security incidents. Share specific examples of how you led incident response efforts and what measures you took to mitigate risks and improve security posture.
✨Highlight Collaboration Skills
Since the role requires cross-functional collaboration, be ready to discuss how you've influenced stakeholders at all levels. Provide examples of successful projects where you worked with different teams to implement security improvements or processes.
