Head of Information Security

Head of Information Security

Salary: £80,000 – £100,000

Location: Manchester (Hybrid)

Overview

I'm currently working with a well-established technology company that delivers innovative digital solutions across cloud and on-premise platforms. They have a strong footprint in regulated industries and are investing heavily in their cloud infrastructure and security capabilities. As part of their growth and transformation journey, they’re looking to appoint a Head of Information Security to lead and mature their infosec function.

This is a great opportunity for someone who thrives in a strategic, hands-on role, shaping the future of security operations and embedding security-first thinking across the business.

The Role

As Head of Information Security, you’ll be responsible for developing and delivering the company’s information security strategy and operations. You’ll play a key role in ensuring the organisation’s hybrid cloud environment is secure, compliant, and resilient against an evolving threat landscape.

Key Responsibilities

Strategic Leadership

• Develop and maintain the Information Security Strategy aligned with IT and wider business goals
• Build and implement policies, procedures, and board-level metrics to support the strategy
• Lead on the development and maturity of the organisation’s Cyber Risk Management Framework
• Drive a security-aware culture across departments through training, communication, and engagement

Operational Security Oversight

• Support architectural decisions and strengthen the company’s threat modelling approach
• Lead incident response efforts and run simulations, red team exercises, and readiness activities
• Conduct proactive assessments of emerging threats and implement mitigation strategies
• Oversee vulnerability management across a hybrid cloud estate
• Manage security tooling and third-party SOC relationships
• Assess new technologies from a security standpoint, including AI initiatives
• Provide support to commercial teams with security input for tenders, bids, and customer inquiries

Experience and Skills Required

• Professional certifications such as CISSP, CISM, CCSP (or equivalent)
• Proven track record in senior information security roles, ideally in a hybrid cloud environment
• Strong technical understanding of cloud security, particularly AWS
• Experience leading incident response and security operations
• Familiarity with compliance standards such as ISO 27001, SOC 2, HIPAA, GDPR
• Excellent communication skills; able to influence both technical and non-technical stakeholders
• Project management capabilities and experience delivering key security initiatives