Head of Cyber Security in London

Location: Westminster City Hall, 64 Victoria Street, Westminster, SW1E 6QP

Application Deadline: 20th May 2026

About Us

Digital and Innovation in Westminster City Council is a world of extraordinary stories, where creative and enterprising people put local residents and businesses first. Today, Westminster is the most connected borough in London.

The Role

As Head of Cyber Security you can make your own powerful contribution to Westminster’s success. This is a senior security role, where the focus is on helping the organisation do its best work – with security built in, not bolted on. You will lead the Cyber Security team and shape the Council’s security strategy and policies, making sure they are practical and fit for a local government environment. Working closely with colleagues across Digital and Innovation, and alongside the Senior Information Risk Owner (SIRO) and the Data Protection Officer (DPO), you will help embed security into everyday decision‑making and into how services are delivered.

A big part of the role is about continuous improvement. You will lead work to strengthen the Council’s security posture, aligning with industry‑standard control frameworks and staying on top of the wider threat landscape, including the specific risks facing local government. You’ll help the organisation balance delivery, risk and compliance – supporting informed choices rather than blocking progress. You will provide clear leadership and direction for the Cyber Security team, including managing the budget for people, tools and capital projects. You’ll oversee business‑as‑usual security activity, from incident response and vulnerability management through to security engineering improvements and protecting the Council’s supply chain. You’ll also be a visible advocate for good security culture.

You will drive change across the organisation by promoting secure‑by‑design principles, embedding security into the Software Development Lifecycle, and supporting teams to make safer choices when selecting products and services. Through security communication and engagement campaigns, you will help build understanding and shared ownership of security at all levels. The role has a strong external and operational dimension too. You will represent the Council in local, national and international forums and partnerships, sharing insight and learning from others. You will also play a key role in responding to major incidents – supporting Borough Emergency Control Centre activation, taking part in the emergency rota, and coordinating responses with the Executive Team, the Security Operations Centre and cyber incident response partners.

About You

You bring a strong, practical understanding of cyber security and how it supports real business outcomes. You’ve worked with recognised standards such as ISO/IEC 27001 and Cyber Essentials, and you know how to apply information and security legislation – including GDPR, FOI and PCI DSS – in ways that enable delivery rather than restrict it. You also stay close to the evolving threat landscape and understand the organisational challenges that come with managing risk in a local government context. Your technical background gives you deep knowledge of modern security practices across services, infrastructure, hosting and platforms, including open‑source technologies and modern software development approaches.

You’re comfortable working across cloud and on‑premise environments, using tools such as identity and access management, SIEM, firewalls and secure remote access. You understand DevOps and SecOps ways of working, are used to operating at pace in a culture of continuous release, and can set clear service and development standards. You’re confident balancing client, organisational and technical needs, and making the trade‑offs that shape strategy and direction. You’ve worked closely with senior stakeholders and across multiple teams, bringing people together around complex decisions. With experience building and securing complex services in code, you understand how security design choices play out in practice, not just in theory. You communicate clearly and in understandable terminology, bridging the gap between technical detail and user‑centred outcomes. You can assess services, identify risks and vulnerabilities, and work with others to design secure, proportionate solutions that reduce risk while keeping services accessible. Comfortable influencing strategy, policies and behaviours, you adapt your approach as needed and stay effective in a fast‑changing environment.

What We Offer

Westminster is an amazing place. We are home to more than 200,000 residents from all backgrounds, over 50,000 vibrant and vital businesses and three‑quarters‑of‑a‑million people work in Westminster. Westminster City Council’s strategy is to work towards a Fairer Westminster. A Fairer Westminster is one in which our communities are at the heart of our decision‑making and help to determine the city’s future. By working directly with our communities and other partners, we can build a more inclusive city that celebrates our diverse communities, and where residents, workers and visitors from all backgrounds will feel welcome and safe.

At Westminster City Council, we pride ourselves on being an inclusive workplace and employer of choice. We encourage and welcome applications from people from all backgrounds and aim to have a workforce that, at all levels, represents the communities we serve. We champion equality, diversity, inclusion and wellbeing and aim to create a workplace where everyone feels valued, has a sense of belonging and is empowered to be their best, that is the Westminster Way.

As a forward thinking Council we appreciate that people work in different ways, therefore our staff benefit from working a range of flexible working patterns as well as Agile working. The Council is a Disability Confident Employer. If you have declared a disability in your application, we guarantee an interview if you meet the essential criteria of the job. If you are invited for interview, you will be asked if you need any reasonable adjustments in order to attend, and we will make these wherever possible.