Head of Information Security, Risk and Compliance in Watford

Head of Information Security, Risk and Compliance in Watford

Watford Full-Time 66000 - 88000 £ / year (est.) No working from home possible
Travelodge Hotels Limited

At a Glance

  • Tasks: Lead security strategy and manage risk for a top UK travel brand.
  • Company: Join Travelodge, a leading name in the travel industry with a focus on inclusivity.
  • Benefits: Competitive salary, car allowance, hybrid working, and generous holiday.
  • Other info: Dynamic role with opportunities for professional growth and team development.
  • Why this job: Make a real impact by safeguarding a beloved brand's digital landscape.
  • Qualifications: Expertise in security frameworks and strong leadership skills required.

The predicted salary is between 66000 - 88000 £ per year.

Find where you belong! Are you a "trust-nothing" technical expert with the commercial savvy to influence the C‑suite, who is ready to lead and execute the "defence in depth" strategy for one of the UK’s most iconic travel brands? If yes, our Head of Information Security, Risk & Compliance position might be the right next move for you.

What’s it all about? Our Head of Information Security, Risk and Compliance is a senior leadership position within the IT Operations team. The primary mission is to reduce security risks through robust controls that align with Travelodge’s commercial strategy.

Core responsibilities

  • Strategic Leadership: Develop a continuously evolving security roadmap and "defence in depth" strategy; manage both internal teams and strategic third‑party partners.
  • Operational Management: Oversee 24x7x365 security operations, including continuous monitoring, threat assessment, incident response (CIRT).
  • Risk & Compliance: Develop and maintain an industry‑standard Risk Management framework; ensure compliance with PCI‑DSS, GDPR, and NIST frameworks.
  • Governance & Policy: Maintain Information Security policies and conduct regular audits of processes and controls.
  • Technical Oversight: Coordinate vulnerability management, penetration testing, and code reviews; provide "Secure by Design" architectural guidance for all new initiatives.
  • Supply Chain & Budget: Manage a portfolio of security vendors to ensure value and responsiveness; oversee the OPEX and CAPEX budgets that enable your function to operate and continuously improve.
  • Business Integration: Act as a trusted advisor to senior leadership and collaborate with Project Delivery to ensure risk reduction is baked into every project as well as BAU Operations.
  • Testing and Readiness: Lead company‑wide staff awareness, testing and education campaigns, as well as regular audits, scenario‑based testing and penetration testing.

Why Travelodge? We believe in creating an inclusive workplace where everyone can be their true self and belong. We work hard to improve the diversity of our teams and celebrate our differences. And we care about our colleagues’ wellbeing, so we ensure there are plenty of resources available so everyone can look after their emotional, physical, financial and work wellbeing. We call this “Better Me”.

Who will this appeal to? We are seeking a pragmatic, hands‑on leader who can balance the mindset of a "trust‑nothing" security defender with the commercial awareness of a strategic business partner. You must be a master of communication, capable of translating complex technical threats into actionable insights for IT colleagues and C‑suite executives alike, while fostering a culture of security across the organisation. As a self‑starter, you will recruit and coach a high‑performing team, utilising a methodical approach to manage internal talent and external partners while aligning security investments with broader business value.

Your technical expertise should be rooted in securing critical B2B and B2C eCommerce platforms, particularly within hosted and SaaS‑heavy environments. You will bring expert‑level knowledge of perimeter, cloud, network, and data security, alongside a proven track record of embedding industry frameworks like NIST, ISO27001, or CIS into a large‑scale operation. Beyond technical defence, your role requires strong commercial acumen to navigate contract negotiations and vendor management, ensuring the business remains resilient, compliant, and agile in an evolving threat landscape.

Desired Qualifications

  • Certifications: CCSP, CISSP-ISSMP, or CISM.
  • Methodologies: ITIL v4 Foundation; FAIR Risk Modelling; experience in Project Management or Business Change.
  • Advanced Tech: Experience defining Zero Trust Architecture (ZTA) and implementing security controls within public cloud environments (IaaS/PaaS).

What are the extra benefits of working for Travelodge? Up to £110,000 & Annualise Bonus, Car Allowance, Contributory pension scheme, Hybrid working - a minimum of 60% of your time should be spent in the office and or visiting suppliers, 50% personal discount for hotel bookings and great friends and family discounts too! 25 days holiday +

Head of Information Security, Risk and Compliance in Watford employer: Travelodge Hotels Limited

Travelodge Hotels Limited is an exceptional employer, offering a dynamic work environment where creativity and strategic thinking are highly valued. With a strong focus on employee development and a culture that encourages collaboration, team members have ample opportunities to grow their careers while contributing to impactful PR campaigns across the UK and Spain. The company's commitment to innovation in the hospitality sector, combined with its supportive atmosphere, makes it an attractive place for professionals seeking meaningful and rewarding employment.

Travelodge Hotels Limited

Contact Details:

Travelodge Hotels Limited Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Head of Information Security, Risk and Compliance in Watford

Tip Number 1

Network like a pro! Get out there and connect with industry professionals on LinkedIn or at events. You never know who might have the inside scoop on job openings or can put in a good word for you.

Tip Number 2

Prepare for interviews by researching the company and its culture. Tailor your responses to show how your skills align with their needs, especially around security strategies and risk management.

Tip Number 3

Practice your pitch! Be ready to explain your experience and how it relates to the role of Head of Information Security, Risk and Compliance. Keep it concise but impactful.

Tip Number 4

Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search.

We think you need these skills to ace Head of Information Security, Risk and Compliance in Watford

Information Security
Risk Management
Compliance (PCI-DSS, GDPR, NIST)
Strategic Leadership
Operational Management
Incident Response (CIRT)
Vulnerability Management

Some tips for your application 🫡

Tailor Your CV:Make sure your CV speaks directly to the role of Head of Information Security, Risk and Compliance. Highlight your experience with security frameworks like NIST and ISO27001, and don’t forget to showcase your leadership skills in managing teams and projects.

Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re the perfect fit for this role. Mention your commercial savvy and how you can influence the C-suite while maintaining a 'trust-nothing' approach to security.

Showcase Your Technical Expertise:Don’t hold back on your technical skills! Detail your experience with cloud security, vulnerability management, and incident response. This is your opportunity to demonstrate your hands-on knowledge and how it aligns with our needs at Travelodge.

Apply Through Our Website:We encourage you to apply through our website for a smoother process. It’s the best way for us to receive your application and ensure it gets the attention it deserves. Plus, you’ll find all the details you need about the role there!

How to prepare for a job interview at Travelodge Hotels Limited

Know Your Stuff

Make sure you brush up on the latest trends in information security, risk management, and compliance. Be ready to discuss frameworks like NIST and PCI-DSS, and how they apply to the role. This shows you're not just a candidate, but a knowledgeable leader who can drive the security strategy.

Show Your Leadership Skills

Prepare examples of how you've led teams or projects in the past. Highlight your experience in managing security operations and working with third-party partners. This is a senior role, so demonstrating your ability to lead and influence at all levels is crucial.

Communicate Clearly

Practice explaining complex technical concepts in simple terms. You’ll need to translate security risks into actionable insights for non-technical stakeholders, including C-suite executives. Being able to communicate effectively will set you apart from other candidates.

Align with Their Values

Familiarise yourself with Travelodge's commitment to inclusivity and employee wellbeing. Be prepared to discuss how you can contribute to their culture and values, especially in fostering a security-aware environment across the organisation. This shows you’re not just interested in the role, but also in being part of their team.