Chief Information Security Officer (Interim) in Leeds

Location: Leeds/London (Hybrid)

Contract: Fixed Term - 6-9 months

Working Pattern: Full Time

The CISO is responsible for ensuring that the organisation has a clear vision and direction for cyber security and information security operations. The role will implement and oversee the information security strategy to protect the business’ members, employees, assets and data and make good use of third‑party relationships to support the ongoing delivery, acting as the principal authority on security risk for the organisation. This is a senior leadership role requiring regular engagement with the executive team, board, regulators, and key stakeholders.

Responsibilities

• Define and own the organisation’s information security strategy, roadmap, and operating model.
• Govern, maintain, and continually improve the ISO/IEC 27001‑certified ISMS, including oversight of internal and external audits.
• Provide clear, risk‑based reporting and assurance to the executive team and board, providing regular performance indicators to MPS executive leadership.
• Identify, assess, and manage information security and cyber risks across people, process, technology, and third parties.
• Ensure compliance with relevant legal, regulatory, and contractual requirements.
• Oversee security operations, incident response, and crisis management, including executive‑level communications and regulatory engagement.
• Embed security and privacy by design across systems, data platforms, and transformation initiatives.
• Lead third‑party and supply‑chain security assurance and risk management.
• Partner closely with IT, legal, compliance, risk, HR, and business leaders to deliver effective security outcomes.
• Lead, develop, and mature the information security function and its leadership team.
• Drive a strong security culture through awareness, training, and accountability across the organisation.

Qualifications

• Extensive senior leadership experience in information or cyber security within regulated environments.
• Experience of working with multiple 3rd parties to deliver complex change projects.
• Experience in defining and embedding technology security standards.
• Proven experience operating and evolving an ISO/IEC 27001‑accreditation at enterprise scale.
• Strong understanding of data protection, confidentiality, and risk management within medicolegal and/or financial services or insurance in a regulated environment, and across multiple IT security disciplines.
• Demonstrated ability to communicate complex security and risk issues clearly at executive and board level.
• Broad technical knowledge of modern enterprise security, including cloud, identity, data protection, and application security.
• Pragmatic, resilient leader able to balance regulatory rigor with business agility.
• Excellent people skills driving good colleague engagement.
• One or more of CISSP, CISM, CRISC, CSSP or other similar industry certifications.

We welcome applicants from all backgrounds, and we encourage you to apply even if you feel you do not match 100% of the technical requirements. We celebrate diversity, promote inclusivity and strive to create a work environment which ensures everyone can be heard.

Benefits

• 11% pension contribution (3% from you, 8% from us – optional additional matched 3% contributions, e.g. 6% from you, 11% from us)
• 30 days annual leave (pro rata)
• Flexible public holidays and option to buy/sell additional leave
• Private Medical Cover
• Car Salary Sacrifice scheme
• 6× salary death in service
• Holistic health and wellbeing support package
• A truly flexible hybrid‑working arrangement
• A culture that promotes inclusivity, wellbeing and rewards hard work

Who We Are

Medical Protection Society (MPS) is the world’s leading protection organisation for Doctors, Dentists and healthcare professionals. We protect and support the professional interests of almost 300,000 Members around the world. We are a not‑for‑profit organisation, meaning our Members’ premiums are kept safe should our Members require support for complaints or claims arising from professional practice, or invested into bettering the organisation, our colleagues and our products. Our philosophy is to support safe practice in medicine and dentistry by helping to avert problems in the first place. We also actively campaign for regulatory and legal reforms that benefit Members and the wider healthcare professions. To do this, we need colleagues who are trusted and supported to deliver their best work, whether that be through leadership development, fully‑funded training courses or peer‑to‑peer support. We want our colleagues to feel empowered enough to deliver positive change, display ambition to push themselves and are determined when faced with a challenge, whilst ensuring our Member’s best interests are at the core.

Next Steps

If you are interested in finding out more, looking for a new role and want to join an organisation that truly values its employees, take a look at the role profile to find out more about the role to apply. Our Talent Acquisition team are always on hand should you have any questions, are having any technical issues or wish to understand how MPS can support you with your application and interview. You can contact our Talent Acquisition team by emailing careers@medicalprotection.org.

Seniority Level: Director

Employment Type: Full-time

Job Function: Management, Information Technology, and Strategy/Planning

Industries: Legal Services and Financial Services