Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and manage Information Security initiatives across the UK and Europe.
- Company: Join Cabot, a forward-thinking company prioritising cybersecurity and compliance.
- Benefits: Enjoy a full-time role with opportunities for travel and professional growth.
- Why this job: Be part of a dynamic team shaping the future of information security.
- Qualifications: 12+ years in Information Security with leadership experience required.
- Other info: Professional certifications like CISSP or CISM are essential.
The predicted salary is between 48000 - 84000 £ per year.
An exciting opportunity has arisen for a Head of Information Security within Cabot. This is a permanent role, with travel to Kings Hill, London and within Europe required.
Job Purpose
To act as the primary Information Security business partner in the UK and Europe for all Cabot security organizational activities and will prioritize activities to ensure the ongoing effectiveness of Information Security and Cybersecurity controls, working with risk and control owners to evaluate control design, effectiveness, and standards. The primary areas of focus include ongoing compliance and regulatory activities, operational performance, and enterprise information and cyber risk. This position requires an individual that can effectively balance the elements of each of these activities, while keeping the overall program on track and in alignment with the Global InfoSec strategy and objectives. The Head of Information Security will not only be forward-looking to ensure new requirements are planned but will work with leaders across the business to ensure the goals of Encore and Cabot are met securely, and with compliance to all rules and regulations that may apply.
Key Accountabilities & Responsibilities
- Member of Encore InfoSec leadership team, acting in support of Cabot Group.
- Accountable for the overall security service received by the Business Unit(s) from internal resources, shared services and external partners.
- Responsible for executive committee reporting and strategic decision-making/communications.
- Support Cabot BU leaders who have specific InfoSec responsibilities (including under UK FCA Senior Manager & Certification Regime (SMCR) and Ireland CBI Senior Executive Accountability Regime (SEAR)) with delivery of their accountabilities by undertaking effective risk management, as defined by the company policy, and escalating issues to enable sound and prudent management of the firm, including timely resolution of Risk Events, Internal Audit, Risk and Compliance Monitoring actions.
- Demonstrable delivery of regulatory responsibilities, including the completion of assigned learning and timely and accurate completion of documentation associated with on-going Fitness and Propriety (F&P) activity.
- Manage team members that are direct reports as well as those that are matrixed, helping develop people in their careers and inspiring them to deliver excellence, supporting day-to-day InfoSec responsibilities.
- Maintain awareness of emerging cybersecurity insurance requirements and prioritize related capability maturity activities within the business.
- Support to ongoing program capability that aligns and supports ISO 27001, SOC2, PCI, SOX404, GDPR, CCPA, and other UK, EU, US, India, and Costa Rica requirements.
- Manage and track progress against enterprise Information Security strategy and program goals.
- Working closely with the CISO, IT Risk and Compliance team and InfoSec Program Office to develop and implement strategies for governance and compliance related to corporate-wide security initiatives, operations, and engineering.
- Advise, educate key stakeholders, executives, and business partners on InfoSec trends and technologies.
- Collaborate with the Enterprise Risk team and other specialists including Privacy and Compliance to help optimize the Information Risk management related standards, tools and processes.
- Coordinate security risk measurements, key indicators, and established metrics across BUs.
- Provide oversight and guidance for periodic internal and customer security assessments to ensure compliance with information security policies and established security controls.
- Ensure continual collaboration between InfoSec and cross-functional IT and wider business teams to ensure security controls have been designed effectively and are working as intended.
- Support the CISO with consolidation and harmonisation of security policies, standards, processes and tools.
Person Specification
- 12+ years experience with Information Security preferably in a leadership role with executive and board reporting responsibilities.
- Must have 10+ years experience across common industry security policy areas, including, but not limited to ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, and others.
- Minimum 7+ years of experience in Information Security with an emphasis on IT audit, IT risk management, and/or IT compliance.
- Ability to translate technical risk and vulnerability data into business risk, and effectively communicate potential impacts to the business.
- Excellent analytical, technical and internal assessment skills.
- Excellent organizational and documentation skills.
- Strong project management skills are highly desired.
- Proven ability to manage priorities & deadlines and to work independently in a highly dynamic and diverse environment with multiple concurrent work streams.
- Strong business sense with an ability to balance "business value" vs "security risk".
- Good communication skills with an ability to build strong narratives to highlight the importance of security to employees internally and customers/shareholders externally, including both technical and non-technical audiences.
- Ability to engage and effectively communicate with Executive Management, Legal, Risk, 3rd-party, and IT teams.
- Ability to develop and document policies, standards, and guidelines.
- Excellent oral and written communication skills.
- Professional certification in information security or compliance (for example, CISSP, CISM, or CISA) required or achievable.
Head of Information Security employer: Midland Credit Management, an Encore Capital Group Company
Contact Detail:
Midland Credit Management, an Encore Capital Group Company Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of Information Security
✨Tip Number 1
Network with professionals in the Information Security field, especially those who have experience in leadership roles. Attend industry conferences or local meetups to connect with potential colleagues and learn about the latest trends and challenges in cybersecurity.
✨Tip Number 2
Familiarise yourself with the specific compliance frameworks mentioned in the job description, such as ISO 27001 and GDPR. Being able to discuss these frameworks in detail during interviews will demonstrate your expertise and readiness for the role.
✨Tip Number 3
Prepare to showcase your experience in managing teams and projects effectively. Think of examples where you successfully led initiatives that improved security measures or compliance, as this will be crucial in demonstrating your leadership capabilities.
✨Tip Number 4
Stay updated on the latest cybersecurity threats and trends. Being knowledgeable about current events in the InfoSec landscape will not only help you in interviews but also show your commitment to staying ahead in the field.
We think you need these skills to ace Head of Information Security
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Information Security, especially leadership roles. Emphasise your familiarity with industry standards like ISO, NIST, and PCI, as well as your executive reporting experience.
Craft a Compelling Cover Letter: In your cover letter, clearly articulate your understanding of the role and how your background aligns with Cabot's needs. Mention specific achievements that demonstrate your ability to manage security risks and compliance effectively.
Showcase Your Communication Skills: Since the role requires engaging with various stakeholders, provide examples in your application that showcase your ability to communicate complex security concepts to both technical and non-technical audiences.
Highlight Relevant Certifications: List any professional certifications you hold, such as CISSP, CISM, or CISA, prominently in your application. This will reinforce your qualifications and commitment to the field of Information Security.
How to prepare for a job interview at Midland Credit Management, an Encore Capital Group Company
✨Understand the Regulatory Landscape
Familiarise yourself with key regulations such as ISO 27001, GDPR, and PCI. Be prepared to discuss how these regulations impact the role and how you can ensure compliance within the organisation.
✨Demonstrate Leadership Experience
Highlight your previous leadership roles in Information Security. Share specific examples of how you've managed teams, influenced executive decisions, and driven security initiatives that align with business objectives.
✨Communicate Effectively
Prepare to articulate complex security concepts in a way that resonates with both technical and non-technical stakeholders. Practice explaining how security measures translate into business value to showcase your communication skills.
✨Showcase Your Analytical Skills
Be ready to discuss your approach to risk management and how you analyse security threats. Provide examples of how you've used data to inform decision-making and improve security posture in previous roles.
