CISO

Full-Time 100000 - 150000 £ / year (est.) No working from home possible
IAG Transform

At a Glance

  • Tasks: Lead cybersecurity strategy and governance for a major airline group.
  • Company: Join IAG, a leading global airline group with a focus on innovation.
  • Benefits: Enjoy health insurance, pension, performance bonuses, and work/life balance.
  • Other info: Be part of a fast-moving industry with excellent career growth opportunities.
  • Why this job: Make a real impact in cybersecurity while working in a dynamic, multicultural environment.
  • Qualifications: 10+ years in senior cybersecurity roles with strong leadership and communication skills.

The predicted salary is between 100000 - 150000 £ per year.

About Us

We are part of International Airlines Group (IAG), one of the world's leading airline groups and owner of some of the biggest brands in the sky. IAG Transform provides creative and innovative solutions to drive sustainable transformation by delivering procurement and airline services, as well as group-wide systems across IAG. Each operating company benefits from the Transform centralised model, driving efficiencies, automation, and economies of scale.

Purpose of the role

The Group CISO is accountable for protecting the organisation through strong cybersecurity leadership, enterprise-wide governance, and strategic oversight of cyber risk. The role ensures that the Group has secure, resilient, and efficient technology capabilities that enable OpCos to confidently lead digital transformation.

Key Responsibilities

  • Cyber Strategy & Leadership: Define and communicate a clear Group Cyber Security Strategy aligned with business goals. Influence Group executives, OpCo CISOs, Boards and senior stakeholders. Drive cultural change that embeds security awareness and resilience.
  • Governance, Risk & Compliance: Own cyber policies and standards; ensure consistent adoption across OpCos. Lead Group Cyber Risk Management in line with enterprise risk frameworks. Ensure compliance with GDPR, NIS2, PCI‑DSS and emerging regulations.
  • Performance, Insight & Reporting: Establish KPIs, dashboards and metrics for cyber maturity. Provide insights and reporting to CIO, Audit Committee and Board. Ensure timely reporting from SOC, Governance, Assurance and Performance teams.
  • Security Operations, Incident & Crisis Management: Provide oversight of SOC, CTI, CIRT and SOAR. Lead high‑impact incident response and crisis communications. Ensure cyber resilience, continuity and recovery practices.
  • Technology & Architecture Governance: Guide secure design principles across technology roadmaps. Influence cloud, data, infrastructure and platform security decisions. Assess risks and opportunities from AI, automation and quantum computing.
  • Assurance & Quality Oversight: Oversee cyber assurance activities across OpCos. Translate assurance findings into improvement plans. Support delivery assurance where required.
  • People, Talent & Operating Model: Lead the Group Cyber & Technology Office leadership team. Upskill teams and close capability gaps. Ensure spans, layers and accountabilities remain fit for purpose.

Competencies (Level 2 - Director)

  • Strategic Leadership: Thinks enterprise‑wide, anticipates future risks, and shapes long‑term direction.
  • Influencing & Stakeholder Management: Engages senior executives and regulators with clarity and credibility.
  • Cyber & Technology Expertise: Deep understanding of cyber operations, governance, threat landscapes, and technology risk.
  • Change Leadership: Drives cultural adoption of security and leads through ambiguity.
  • Crisis & Incident Leadership: Responds decisively during major incidents with structured decision‑making.
  • Talent Development: Builds high‑performing teams and ensures future‑ready capability.
  • Data‑Driven Decision Making: Uses metrics, insights and analytics to shape strategy and priorities.

Your skills, experience and qualifications

Relevant Experience: Extensive experience (10+ years) in senior cybersecurity leadership roles in complex, multinational or regulated environments. Proven track record overseeing Security Operations, Governance, Architecture, and Risk Management functions. Experience interacting with Boards, Audit Committees, regulators, and external partners. Direct experience leading major cyber incidents and crisis response.

Required Skills: Deep knowledge of enterprise cybersecurity frameworks (NIST CSF, ISO 27001, CIS Controls). Strong understanding of cloud security, data protection, identity, and emerging technologies. Exceptional leadership, communication, and stakeholder influence skills. Ability to translate complex cybersecurity concepts into business language. High analytical capability using metrics, dashboards, and performance insights.

Preferred Certifications: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control), CCSP (Certified Cloud Security Professional), SABSA or equivalent enterprise architecture certifications, ITIL or equivalent service management certifications.

What we offer

The chance to enjoy a challenging career in an exciting, fast‑moving environment in a dynamic industry. The opportunity to work in a multi‑cultural environment with great offices in many locations. We support our people in maintaining work/life balance, as well as providing the many benefits one would expect from a global organisation, including health insurance, pension and performance bonuses.

We are an equal opportunities employer and all qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.

CISO employer: IAG Transform

As part of International Airlines Group, we offer an exceptional work environment that fosters innovation and collaboration in the fast-paced airline industry. Our commitment to employee growth is evident through our supportive culture, competitive benefits including health insurance and performance bonuses, and a focus on maintaining work/life balance. Join us to lead in cybersecurity while working alongside diverse teams in a dynamic setting that values your contributions and encourages professional development.

IAG Transform

Contact Details:

IAG Transform Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land CISO

Get Involved in the Cybersecurity Community

Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!

Show Off Your Skills with Capture the Flag Competitions

Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including IAG Transform, love seeing candidates who actively engage in these challenges.

Tailor Your Online Presence

Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!

Apply Directly Through IAG Transform

Don’t forget to head straight to our website and check out any openings for cybersecurity roles at IAG Transform. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.

We think you need these skills to ace CISO

Cybersecurity Leadership
Cyber Risk Management
Governance, Risk & Compliance
GDPR Compliance
NIS2 Compliance
PCI-DSS Compliance
Security Operations Oversight

Some tips for your application 🫡

Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!

Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!

Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at IAG Transform insight into your practical problem-solving abilities and makes your application memorable.

Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to IAG Transform that you’re committed to staying ahead in the game.

How to prepare for a job interview at IAG Transform

Sharpen Your Technical Skills

For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.

Prepare for Scenario-Based Questions

Expect the interviewers at IAG Transform to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.

Highlight Your Certifications

Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at IAG Transform.

Show Your Passion for Cybersecurity

Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.