Head of Information Security
On site
London, United Kingdom
Full Time
18-03-2025
Job Specifications
Job Role: Head of Information Security
Location: London
Hours: 35 hours per week Monday to Friday
We are looking for a highly experienced and strategic Head of Information Security to lead and shape the organisation’s security posture across IT Security, Cyber Security, and Information Security functions. You have a deep understanding of technical and governance-based security practices, with the ability to balance operational resilience, risk management, and business enablement.
In this role which reports to our Chief Information Officer, you will drive the overall security strategy, ensuring that security controls, policies, and technologies effectively protect the organisation’s assets, infrastructure, and data. You will work closely with senior leadership, providing expert guidance on threat mitigation and security best practices. If you thrive in a dynamic environment and have a passion for building and evolving enterprise security programs, we want to hear from you
Main Responsibilities
Define, implement, and oversee technical security controls across the organisation’s Microsoft and Azure-based infrastructure, ensuring robust protection against cyber threats.
Lead vulnerability management and remediation efforts, ensuring timely identification and mitigation of risks across cloud and on-premises environments.
Enhance and manage security monitoring, detection, and response capabilities using Microsoft security tools such as Microsoft Defender, Sentinel, and Entra ID security features.
Drive the security architecture and engineering strategy, ensuring secure design principles are embedded across cloud and hybrid infrastructure.
Oversee identity and access management (IAM), enforcing least privilege principles and securing authentication processes across Microsoft platforms.
Coordinate and lead incident response activities, working with internal teams and third-party providers to contain and remediate security breaches.
Ensure endpoint security for end-user devices, virtual desktops, and cloud-based services, leveraging Microsoft Defender for Endpoint and other relevant tools.
Support M&A security assessments and integrations, ensuring due diligence and risk mitigation for acquired environments.
Maintain an understanding of evolving cyber threats and proactively adapt security measures to stay ahead of emerging risks.
Provide oversight of governance and compliance requirements, ensuring security policies and regulatory obligations (e.g., ISO 27001, NIST, CIS benchmarks) are met.
About You
At least five years’ experience in cyber security leadership roles, with a strong focus on technical security operations and architecture.
Proven track record of securing Microsoft and Azure-based environments, including cloud, hybrid, and on-premises infrastructure.
Hands-on experience in managing and responding to security incidents, threat hunting, and vulnerability remediation.
Strong background in implementing and overseeing security monitoring and detection capabilities using SIEM, EDR, and XDR solutions.
Experience leading security initiatives in complex enterprise environments, including M&A integrations and security due diligence.
Familiarity with security frameworks and compliance standards such as ISO 27001, NIST, CIS benchmarks, and Microsoft Security Best Practices.
Strong stakeholder engagement experience, with the ability to communicate technical security risks and strategies to senior leadership and technical teams.
Technical Skills
Relevant certifications such as CISSP, CISM, Security Blue Team, Microsoft Certified: Azure Security Engineer Associate AZ-500, Microsoft Certified: Security Operations Analyst Associate SC-200, and Microsoft Certified: Cybersecurity Architect Expert SC-100 are highly desirable.
Expertise in Microsoft security solutions, including Microsoft Defender (Endpoint, Identity, Cloud), Microsoft Sentinel (SIEM), Entra ID Security Features, and Microsoft Purview.
Strong knowledge of Azure security controls, including Azure Firewall, Key Vault, Conditional Access, and Azure Network Security.
Deep understanding of identity and access management (IAM), MFA, and privileged access security in Microsoft environments.
Hands-on experience with vulnerability management tools, security patching, and hardening of cloud and on-premises systems.
Proficiency in security automation, scripting, and Infrastructure-as-Code (IaC) using PowerShell, Azure Policy, Azure Automation Accounts, and Logic App workflows.
Experience with network security principles, including zero-trust architecture, segmentation, firewalls, and secure remote access solutions.
Strong understanding of cyber threat intelligence, MITRE ATT&CK framework, and advanced threat detection methodologies.
The Benefits
Our customers deserve the best and the same applies to our people. We’ll support you with all of the technology, training and support that you need to do your job well. We offer competitive salaries and a range of benefit packages. In addition to the core benefits, we also offer a range of exclusive discounts on extra benefits to help you and your family make the most of your money, safeguard your future and look after your health.
Diversity
We’re committed to promoting diversity at Emeria and recruit on merit. We will consider applications from job share applicants.
Ready to Apply?
Click the below apply button to start your application for this role. We will ask you to upload your CV and answer a few questions.
If you meet the criteria for the role we’ll be in touch to arrange a short telephone interview and our shortlist of candidates will be invited to attend interviews with the hiring manager and up to three other key stakeholders.
About the Company
Emeria is the world’s leading provider of real estate services and technologies, providing services to both individuals and businesses. We assist our residential and commercial customers at every stage of their property journey with competitive and comprehensive service offerings: acquisition, lease and renting, block management and sales. The Group operates mainly in Europe in 8 countries and has a strategy of multi branding. Our residential real estate services business is the leader in France, operating under the Foncia ... Know more
Related Jobs
- Company Name
- hackajob
- Job Title
- Security Architect
- Job Description
- hackajob is collaborating with N Brown Group to connect them with exceptional tech professionals for this role. We’re looking for a Security Architect responsible for creating, maintaining, and enforcing the frameworks, processes, and technical designs that safeguard N Brown’s data, systems, and overall digital ecosystem. You’ll serve as the primary bridge between business priorities and security needs, ensuring that all technology initiatives are aligned with robust security principles. You’ll join the Architecture Chapter (Governance and Transformation) whilst being embedded within the Information Security Chapter (engineering and operations) and the GRC Team (governance, risk, and compliance). This unique placement enables the role to integrate security as a core element in business transformations, system operations, and governance activities, providing a 360-degree approach to enterprise security. Additionally, you will support the Data Protection Officer (DPO), ensuring N Brown meets its obligations around privacy and data protection, as well as providing leadership in Cloud Security Architecture and the Secure Development Lifecycle (SDL). What will you do as an Security Architect at N Brown? Information Security Architecture Develop enterprise-wide data security strategies to ensure the confidentiality, integrity, and availability of information assets. Establish and maintain security standards, policies, and guidelines that align with regulatory frameworks, business objectives, and industry best practices. Work closely with the Data Governance team to integrate controls for sensitive data across its lifecycle, including classification, storage, access, and transfer. Drive the adoption of encryption standards and other data protection mechanisms across applications, databases, and file systems. Collaborate with the DPO to ensure security architecture supports privacy obligations under GDPR and other regulations. Cyber Security Architecture Design and implement layered defence architectures to protect against an ever-evolving threat landscape. Define the security posture for enterprise infrastructure, including network segmentation, secure endpoints, and resilient cloud environments. Collaborate with engineering teams to build scalable, secure applications following secure coding principles and frameworks. Develop strategies for integrating security monitoring and detection tools (e.g., SIEM, IDS/IPS) into the organisation's IT landscape to provide real-time threat visibility. Partner with incident response teams to ensure that the architecture supports rapid containment and recovery in the event of a breach or cyberattack. Cloud Security Architecture Define security strategies for hybrid and multi-cloud environments, ensuring consistent protection across all platforms. Evaluate and recommend cloud-native security tools and controls, such as cloud access security brokers (CASBs), cloud firewalls, and key management systems. Collaborate with Cloud Operations and DevOps teams to implement secure infrastructure-as-code practices and cloud deployment pipelines. Ensure compliance with cloud security standards such as CIS benchmarks and shared responsibility models. Secure Development Lifecycle (SDL) Establish and champion the Secure Development Lifecycle across all application development teams. Provide guidance on secure coding practices, static/dynamic application security testing (SAST/DAST), and code review processes. Work with development teams to ensure security is considered at every stage, from design through deployment. Introduce automated tools to enhance SDL efficiency, such as vulnerability scanning in CI/CD pipelines. Drive security awareness among developers, offering training and mentorship on threats and mitigation techniques What skills and experience will you have? A good understanding of cloud security controls and tooling, ideally in AWS but GCP and Azure will also be beneficial. Understanding of secure coding and application design principles. Good knowledge of the ecommerce threat landscape and a pragmatic approach to applying relevant controls to mitigate those threats. Experience of building strong security governance into guard rails. Experience of applying security controls and mitigations iteratively in an agile/DevSecOps environment where all requirements will not be delivered on day one. Excellent communication skills and a proven ability to influence outcomes - strong interpersonal skills are essential. Practical experience of governing solutions in an architecture function. Flexibility and a desire to learn. Awareness of IT industry trends and being vendor and technology neutral to enable best-fit solutions to be found. The ability to plan and rationalise project goals working from limited information and ending in a holistic design. Decisiveness - be capable of presenting proposed solutions with confidence, providing clear guidance for outcomes. Desirable CompTIA Security+ Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Offensive Security Certified Professional (OSCP) Certified Cloud Security Professional (CCSP) AWS Certified Solutions Architect / GCP Cloud Architect / Azure Solutions Architect A broad understanding of current techniques and tooling including API-first design, Cloud Native, Containerisation and PaaS on AWS, Azure or GCP. Experience of working with Product or Agile teams at the same time, effectively governing architectural designs to enable continuous delivery. Retail / Ecommerce experience What’s in it for you? Hybrid working 24 days holiday (+ 8 bank holidays) with the option to buy an additional 10 days Annual bonus scheme Enhanced maternity and adoption leave Access to Apricity, a self-funding IVF benefit at a reduced rate Company pension with up to 8% N Brown contribution Mental Health support both internally and externally, including access to our wellbeing champions and counselling services A range of financial wellbeing support Colleague discount across all N Brown brands Onsite café with subsidised rates and local restaurant discounts! Life Assurance and Private Medical Insurance Paid volunteer time - all our colleagues can take a full day paid to volunteer for a charity of their choice N Brown - who we are and why work for us? At N Brown, we’re committed to building a diverse workforce and creating an inclusive environment that values equality for all. Our vision is that by ‘championing inclusion, we’ll become the most loved and trusted fashion retailer’. Diversity, Equity, Inclusion and Belonging are, therefore, at the heart of our culture. We’re a forward-thinking digital retailer with a financial services proposition to be proud of. We’re customer-obsessed, serving them through three core brands: JD Williams, Simply Be, and Jacamo. We’re experienced, with over 160 years of trading under our belt...
- Company Name
- Digital Waffle
- Job Title
- Cyber Security Engineer
- Job Description
- Job Title: Cybersecurity Engineer Location: Omagh (Hybrid) The Role: We are seeking a highly skilled and proactive Cybersecurity Engineer to join a dynamic security team. The ideal candidate will play a critical role in defending the organization against cyber threats by managing and improving the Security Operations Center (SOC), responding to incidents, and enhancing overall cybersecurity posture. This position offers an exciting opportunity to work in a fast-paced environment, handling cutting- edge technology and complex cybersecurity challenges. Benefits Internal training on products and services provided. Company rewards program. End-of-year staff bonus. Additional bonus if annual company targets are achieved. Paid day off on your birthday. Mileage reimbursement for site visits. Death in Service: Coverage at 2x annual salary. Health Insurance: Available to all employees. Work From Home: Hybrid work environment available. Salary Sacrifice Electric Car Scheme: Employees can opt into an electric vehicle scheme Key Responsibilities: Incident Response (IR): Investigate and respond to security incidents, ensuring rapid containment, eradication, and recovery.Conduct root cause analysis of security breaches and create detailed incident reports. Collaborate with stakeholders to refine and enhance the incident response plan and playbooks. Security Operations Center (SOC): Monitor and analyse security alerts and logs from various tools such as SIEM, IDS/IPS, and endpoint detection systems.Identify and escalate potential security threats or vulnerabilities in real-time. Continuously optimize SOC workflows, tools, and processes for greater efficiency. Threat Intelligence and Analysis: Proactively research and assess emerging threats, vulnerabilities, and attack vectors. Develop strategies to mitigate risks based on threat intelligence. Stay up to date on the latest cybersecurity trends and regulatory requirements. System and Network Security: Perform vulnerability assessments and penetration testing on systems and networks. Implement and maintain security tools such as firewalls, endpoint protection, and email security systems. Collaborate with IT teams to ensure secure configurations and best practices are applied across systems. Desirable CISSP, CEH, GCIH, GCIA, CISM, or other relevant cybersecurity certifications. 4+ years of experience in cybersecurity, preferably in SOC, incident response, or threat analysis roles. Technical Requirements: Strong knowledge of firewalls, IDS/IPS, endpoint protection, and threat-hunting tools. Experience with scripting and automation using Python, PowerShell, or similar languages. Understanding of networking concepts, protocols, and security controls. Familiarity with cloud security (Azure, M365) is a plus. Experience configuring & supporting Windows Server (2016, 2019, 2022).
- Company Name
- hackajob
- Job Title
- Security Solutions Architect
- Job Description
- hackajob is collaborating with Computershare to connect them with exceptional tech professionals for this role. Location: Edinburgh or Bristol (Hybrid) This is a hybrid position primarily based in Edinburgh or Bristol. We’re committed to your flexibility and wellbeing and our hybrid strategy currently requires three days a week in the office, giving you the option to work remotely for some of your working week. Find out more about our culture of flexible working. We give you a world of potential Computershare has an exciting opportunity available for a permanent full-time Security Solutions Architect to join our Global Information Security (GIS) team. A role you will love As a Security Solutions Architect, you’ll be responsible for delivering, executing and implementing security solution architectures for assigned projects in line with the enterprise security architecture and vision. You’ll also maintain strong vendor relationships and provide IT insight and innovation to our Business and Technology Services Teams and enhance overall security posture and awareness of security best practice as you deliver on project engagements. Key Responsibilities Include Defining and maintaining security solutions architecture, definitions and articulate associated benefits and costs aligned to technology solutions to delivering projects advancing the security architecture direction. Consulting for and engaging with our Technology Services teams including architecture teams in delivering security solutions architecture with a passion for working collaboratively across global teams. Initiating significant change, identify opportunities for improving Security and managing the implementation of continuous improvement/new ideas and approaches. Reporting key architecture recommendations and implications, themes and trends to the Chief Security Architect. Maintaining a forward-looking perspective on emerging security and technology developments and their relevance to Business and Technology Strategies. Assisting in defining and maintaining the Security Enterprise Architecture. Establishing, maintaining and leveraging effective working relationships with all areas of Technology Services and external stakeholders to improve the overall service provided by Global Information Security. What will you bring to the role? You have strong communication skills which enable you to articulate often complex security risks so that they can be understood by a wide range of stakeholders, both technical and non-technical. You’re a self-starter; capable of setting and achieving challenging personal targets. You also have excellent time, resource and project management skills to manage multiple parallel engagements with conflicting priorities to successful completion. You’ll Also Bring Broad experience in the field of Solution Architecture and considerable experience in Information Security Familiarity with information security risk management Conversant with NIST cyber security framework and knowledge of the ISO/IEC 27000 series of information security standards and other related industry best-practice standards Strong analytical skills coupled with the ability to understand complex and sometimes conflicting security drivers Ability to work across multiple geographical borders and time zones Experience dealing with the most senior business and IT people and SMEs and major IT suppliers Project management experience and familiarity with project management frameworks like Prince 2 would be useful Bonus Points If You Have The Open Group Architecture Framework (TOGAF) Certification University degree in information security, computer science, telecommunications, networking, engineering, or another computer-related field Certification - CISSP - Certified Information Systems Security Professional or CISM - Certified Information Security Manager (ISACA) Rewards designed for you Flexible work to help you find the best balance between work and lifestyle. Health and wellbeing rewards that can be tailored to support you and your family. Invest in our business by setting aside salary to purchase shares in our company, and you’ll receive a company contribution as well. Extra rewards ranging from recognition awards and team get togethers to helping you invest in your future. And more. Ours is a welcoming and close-knit community, with experienced colleagues ready to help you grow. Our careers hub will help you find out more about our rewards and life at Computershare, visit computershare.com/careershub.
- Company Name
- G4S
- Job Title
- Fire and Security Engineer
- Job Description
- An opportunity has arisen for a Systems Engineer in our Fire & Security Systems business team. You will be based remotely and cover the High Wycombe and surrounding territory. What you will be doing Attend to calls for maintenance (on site and or by telephone) as directed by team co-ordinators Rectify all faults on the first visit where rectification is within your control. Carry out rolling programme of preventative maintenance visits. Collection/recording of site configuration information. Maintain accurate and timely records. Provide cover on an out of hour’s basis on a rotating basis. Commission small projects when required. Ensure that audits are carried out of quality procedures. Provide training to customers and colleagues as required. Carry out any additional tasks that may be required. What we are looking for Previous experience installing & servicing a wide product base of access control systems, CCTV systems and intruder alarm systems. Experience of installing and servicing fire alarm systems, ideally GENT based. An IT qualification and or Electrical/Electronic qualification A broad technical IT knowledge, i.e. Installing various Windows Operating Systems; networking etc Knowledge of basic electrical principals such as measuring voltage and current drain Good attention to detail in order to ensure that all paperwork is correctly completed, and procedures are followed within the allotted timescales. An enthusiastic team player who is able to work well under pressure and maintain a professional approach at all times. The benefits of working for G4S Salary up to £38,000 Company Car 25 days holiday Pension/Life assurance