Start Hiring Start Applying
Start Applying

StudySmarter Job Board

Head of Information Security
Job Board
Companies
Verne Global
Head of Information Security

Head of Information Security

Full-Time 72000 - 108000 ÂŁ / year (est.) No home office possible
Go Premium
Verne Global

At a Glance

  • Tasks: Lead the global IT security and Cybersecurity programs to protect vital data.
  • Company: Join a leading organisation focused on age-inclusive employment.
  • Benefits: Hybrid work model, competitive salary, and opportunities for professional growth.
  • Why this job: Make a significant impact in safeguarding critical infrastructure and data.
  • Qualifications: 10+ years in information security with leadership experience preferred.
  • Other info: Dynamic role with a focus on strategic security leadership and team development.

The predicted salary is between 72000 - 108000 ÂŁ per year.

This job is brought to you by Jobs/Redefined, the UK's leading over-50s age inclusive jobs board.

Department: Compliance & Security

Reports To: Head of Compliance and Security

Location: Hybrid, UK (London)

Role Purpose

As Head of Information Security, you will define the enterprise information security vision and protect the confidentiality, integrity, availability and authenticity of data across all data center campuses, corporate environments and critical OT/IT systems. You will build and lead the global IT security and Cybersecurity programs spanning security operations, system and infrastructure architecture, governance, applications, vendor risk, physical-to-cyber integration and regulatory compliance.

Key Responsibilities

  • Strategy & Governance: Define and annually refresh the information security strategy, roadmap and operating model; integrate with compliance, enterprise risk and resilience frameworks. Own and maintain the Information Security Management System (ISMS), ensuring alignment with ISO 27001/2, regulatory requirements and relevant DC industry standards. Set enterprise security KPIs and metrics for executive and board-level reporting. Establish policy frameworks in areas covering for example data protection, identity and access management, acceptable use, OT/ICS security, vendor security, secure development, and incident reporting.
  • Security Architecture & Engineering: Oversee security architecture for IT, cloud, network, data‑center infrastructure and OT systems. Define technical baselines including hardening standards, segmentation and encryption requirements. Partner with Development, Design and Operations to define secure designs for cooling systems, generators, SCADA/ICS/BMS/EPMS etc. Lead vulnerability management, penetration testing and red‑team programs.
  • Identity, Access & Privileged Management: Own enterprise IAM and PAM strategy including MFA, RBAC and privileged controls. Design and implement an organisational approach for zero trust. Implement strong controls for contractor and supplier remote access and device hardening.
  • Security Operations, Detection & Response: Lead the SOC strategy and threat‑monitoring capability. Maintain incident response plans, playbooks and conduct exercises. Build threat intelligence capabilities aligned to critical‑infrastructure threats.
  • Cyber‑Physical Integration: Coordinate with Physical Security on integrated access controls and incident response. Take a combined approach to enterprise risk management activities.
  • Vendor, Supply Chain & Customer Security: Own supplier security assurance for high‑risk categories. Support hyperscale, neocloud and enterprise customer audits, RFPs and security reviews.
  • Regulatory, Compliance & Assurance: Maintain compliance with for example, NIS2, DORA and critical‑infrastructure regulation. Coordinate internal/external audits of the ISMS and remediation cycles.
  • Data & Technology: Own security tooling including SIEM, EDR/XDR, IAM/PAM, OT monitoring. Maintain enterprise security architecture, artefacts and standards.
  • Culture and Resilience: Own development and delivery training including onboarding, refresh and annual activities. Support travel security efforts. Build and run resilience planning including IT DRP, critical asset identification and backup policies.
  • Leadership & Budget: Build and lead a high‑performing InfoSec team. Secure budget for toolsets, SOC operations and improvements. Drive security culture through training and role‑based learning.

Required Qualifications & Experience

  • Bachelor's degree in a relevant subject or similar experience and professional certification required. Master's degree or level 7 equivalent preferred.
  • 10+ years of progressive experience in information security, cyber risk, or technology governance.
  • 5+ years in information security leadership roles in critical‑infrastructure or DC environments is considered a plus.
  • Strong knowledge and delivery of ISO 27001, NIST CSF, SOC2 and CIS Controls and other example frameworks and Zero Trust architectural principles.
  • Experience securing OT/ICS systems and maturing SOC/IR programs.
  • Relevant Industry certifications such as those from ISACA and ISC2.

Skills & Competencies

  • Strategic security leadership, risk‑based decision‑making.
  • Strong documentation, audit readiness and compliance discipline.
  • Communication and influence across senior and operational teams.

Working Model - Hybrid with 3 days a week in the office, 25% travel to sites and suppliers.

Head of Information Security employer: Verne Global

As an employer, we pride ourselves on fostering a dynamic and inclusive work culture that values innovation and collaboration. Our hybrid working model allows for flexibility while ensuring that our employees have access to cutting-edge resources and professional development opportunities. With a strong commitment to employee growth and a focus on maintaining a secure and resilient environment, we offer a unique chance to lead impactful cybersecurity initiatives in the heart of London.
Verne Global

Contact Detail:

Verne Global Recruiting Team

View Verne Global Profile

StudySmarter Expert Advice 🤫

We think this is how you could land Head of Information Security

✨Tip Number 1

Network like a pro! Reach out to folks in the industry, attend events, and connect on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.

✨Tip Number 2

Prepare for interviews by researching the company and its security practices. Be ready to discuss how your experience aligns with their needs, especially around ISO 27001 and cyber risk management.

✨Tip Number 3

Showcase your leadership skills! Talk about your experience building and leading teams, especially in high-pressure environments. Companies want to see that you can drive a security culture and manage budgets effectively.

✨Tip Number 4

Apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who are proactive and engaged with our platform.

We think you need these skills to ace Head of Information Security

Information Security Management System (ISMS)
ISO 27001/2
Cybersecurity Programs
Security Architecture
Identity and Access Management (IAM)
Privileged Access Management (PAM)
Multi-Factor Authentication (MFA)
Zero Trust Principles
Security Operations Centre (SOC) Strategy
Threat Intelligence
Regulatory Compliance (NIS2, DORA)
Security Tooling (SIEM, EDR/XDR)
Risk Management
Leadership in Information Security
Communication and Influence

Some tips for your application 🫡

Tailor Your CV: Make sure your CV is tailored to the Head of Information Security role. Highlight your experience in information security leadership and any relevant certifications. We want to see how your skills align with our needs!

Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how you can contribute to our mission at StudySmarter. Keep it concise but impactful!

Showcase Your Achievements: When detailing your experience, focus on specific achievements that demonstrate your ability to lead security initiatives. We love numbers, so if you can quantify your successes, even better!

Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy!

How to prepare for a job interview at Verne Global

✨Know Your Stuff

Make sure you brush up on the latest trends and frameworks in information security, especially ISO 27001 and Zero Trust principles. Being able to discuss these topics confidently will show that you're not just familiar with the basics but are also up-to-date with industry standards.

✨Showcase Your Leadership Skills

As a Head of Information Security, you'll need to demonstrate your ability to lead a team effectively. Prepare examples of how you've built high-performing teams or driven security culture in previous roles. This will help interviewers see your potential as a leader.

✨Prepare for Scenario Questions

Expect to face scenario-based questions that assess your problem-solving skills in real-world situations. Think about past experiences where you had to manage incidents or implement security measures, and be ready to explain your thought process and outcomes.

✨Understand the Company’s Security Landscape

Research the company’s current security posture and any recent news related to their information security practices. This will allow you to tailor your responses and show genuine interest in how you can contribute to their specific challenges and goals.

Head of Information Security
Verne Global
Go Premium

Land your dream job quicker with Premium

You’re marked as a top applicant with our partner companies
Individual CV and cover letter feedback including tailoring to specific job roles
Be among the first applications for new jobs with our AI application
1:1 support and career advice from our career coaches
Go Premium

Money-back if you don't land a job in 6-months

>