Head of Information Security
On site
London, United Kingdom
Full Time
18-03-2025
Job Specifications
Job Role: Head of Information Security
Location: London
Hours: 35 hours per week Monday to Friday
We are looking for a highly experienced and strategic Head of Information Security to lead and shape the organisation’s security posture across IT Security, Cyber Security, and Information Security functions. You have a deep understanding of technical and governance-based security practices, with the ability to balance operational resilience, risk management, and business enablement.
In this role which reports to our Chief Information Officer, you will drive the overall security strategy, ensuring that security controls, policies, and technologies effectively protect the organisation’s assets, infrastructure, and data. You will work closely with senior leadership, providing expert guidance on threat mitigation and security best practices. If you thrive in a dynamic environment and have a passion for building and evolving enterprise security programs, we want to hear from you
Main Responsibilities
Define, implement, and oversee technical security controls across the organisation’s Microsoft and Azure-based infrastructure, ensuring robust protection against cyber threats.
Lead vulnerability management and remediation efforts, ensuring timely identification and mitigation of risks across cloud and on-premises environments.
Enhance and manage security monitoring, detection, and response capabilities using Microsoft security tools such as Microsoft Defender, Sentinel, and Entra ID security features.
Drive the security architecture and engineering strategy, ensuring secure design principles are embedded across cloud and hybrid infrastructure.
Oversee identity and access management (IAM), enforcing least privilege principles and securing authentication processes across Microsoft platforms.
Coordinate and lead incident response activities, working with internal teams and third-party providers to contain and remediate security breaches.
Ensure endpoint security for end-user devices, virtual desktops, and cloud-based services, leveraging Microsoft Defender for Endpoint and other relevant tools.
Support M&A security assessments and integrations, ensuring due diligence and risk mitigation for acquired environments.
Maintain an understanding of evolving cyber threats and proactively adapt security measures to stay ahead of emerging risks.
Provide oversight of governance and compliance requirements, ensuring security policies and regulatory obligations (e.g., ISO 27001, NIST, CIS benchmarks) are met.
About You
At least five years’ experience in cyber security leadership roles, with a strong focus on technical security operations and architecture.
Proven track record of securing Microsoft and Azure-based environments, including cloud, hybrid, and on-premises infrastructure.
Hands-on experience in managing and responding to security incidents, threat hunting, and vulnerability remediation.
Strong background in implementing and overseeing security monitoring and detection capabilities using SIEM, EDR, and XDR solutions.
Experience leading security initiatives in complex enterprise environments, including M&A integrations and security due diligence.
Familiarity with security frameworks and compliance standards such as ISO 27001, NIST, CIS benchmarks, and Microsoft Security Best Practices.
Strong stakeholder engagement experience, with the ability to communicate technical security risks and strategies to senior leadership and technical teams.
Technical Skills
Relevant certifications such as CISSP, CISM, Security Blue Team, Microsoft Certified: Azure Security Engineer Associate AZ-500, Microsoft Certified: Security Operations Analyst Associate SC-200, and Microsoft Certified: Cybersecurity Architect Expert SC-100 are highly desirable.
Expertise in Microsoft security solutions, including Microsoft Defender (Endpoint, Identity, Cloud), Microsoft Sentinel (SIEM), Entra ID Security Features, and Microsoft Purview.
Strong knowledge of Azure security controls, including Azure Firewall, Key Vault, Conditional Access, and Azure Network Security.
Deep understanding of identity and access management (IAM), MFA, and privileged access security in Microsoft environments.
Hands-on experience with vulnerability management tools, security patching, and hardening of cloud and on-premises systems.
Proficiency in security automation, scripting, and Infrastructure-as-Code (IaC) using PowerShell, Azure Policy, Azure Automation Accounts, and Logic App workflows.
Experience with network security principles, including zero-trust architecture, segmentation, firewalls, and secure remote access solutions.
Strong understanding of cyber threat intelligence, MITRE ATT&CK framework, and advanced threat detection methodologies.
The Benefits
Our customers deserve the best and the same applies to our people. We’ll support you with all of the technology, training and support that you need to do your job well. We offer competitive salaries and a range of benefit packages. In addition to the core benefits, we also offer a range of exclusive discounts on extra benefits to help you and your family make the most of your money, safeguard your future and look after your health.
Diversity
We’re committed to promoting diversity at Emeria and recruit on merit. We will consider applications from job share applicants.
Ready to Apply?
Click the below apply button to start your application for this role. We will ask you to upload your CV and answer a few questions.
If you meet the criteria for the role we’ll be in touch to arrange a short telephone interview and our shortlist of candidates will be invited to attend interviews with the hiring manager and up to three other key stakeholders.
About the Company
Emeria is the world’s leading provider of real estate services and technologies, providing services to both individuals and businesses. We assist our residential and commercial customers at every stage of their property journey with competitive and comprehensive service offerings: acquisition, lease and renting, block management and sales. The Group operates mainly in Europe in 8 countries and has a strategy of multi branding. Our residential real estate services business is the leader in France, operating under the Foncia ... Know more
Related Jobs
- Company Name
- hackajob
- Job Title
- Digital Trust & Security - Senior Consultant
- Job Description
- hackajob is collaborating with Capgemini to connect them with exceptional tech professionals for this role. Digital Trust & Security - Senior Consultant At Capgemini Invent, we believe difference drives change. As inventive transformation consultants, we blend our strategic, creative and scientific capabilities, collaborating closely with clients to deliver cutting-edge solutions. Join us to drive transformation tailored to our client's challenges of today and tomorrow. Informed and validated by science and data. Superpowered by creativity and design. All underpinned by technology created with purpose. YOUR ROLE The Invent Digital Trust & Security (DT&S) practice focuses on ensuring secure business outcomes for our clients, providing Cybersecurity advisory and transformation consulting in areas such as security strategy, risk management, human risk management, data and identity security, secure intelligent industry, Gen-AI risk, and security operations modernisation. Our security specialists and innovators enable our clients to evaluate cyber risks, redesign Cybersecurity operating models, modernise digital identity capabilities, lead programmes to drive security culture change, and transform security and compliance regimes to make them efficient, effective, sustainable, and resilient. For this role, we are looking for individuals with experience in Cybersecurity to help embed security culture and practices. We continuously recruit across a range of experienced hire grades for our DT&S practice. Depending on experience, you will be comfortable with exploring ambiguity with a business outcome mindset while applying business analysis and enabling skills including communications and stakeholder engagement as a key delivery contributor, a subject matter expert (SME) in the team and/or manager of a workstream of consultants and client staff. We Are Looking To Grow Our Diverse Team At The Senior Consultant grade With Those Who Have Demonstrated Expertise And Experience In One (or More) Of The Following Domains: Generative AI - Enabling the secure design and adoption of Gen AI for business, IT and/or security functions in alignment with the evolving regulatory landscape (e.g. EU AI Act, GDPR, DPA 2018, etc.). Security Architecture - Improving the security posture of the Enterprise and/or applications through the assessment, design or implementation of effective and secure architectural patterns that align with industry standards (e.g. CIS L1/2, NIST, ISO27001, COBIT, etc.). Operational Technology - Ensure the security of critical infrastructure aligns with industry standards and regulatory requirements (e.g. NIST SP 800-82, CAF, DPA 2018, etc.). Operational Resilience - Shaping and/or transforming client operational resilience capabilities in compliance with leading regulatory standards (e.g., DORA, Bank of England, FCA, NIST, etc.). Cybersecurity Operating Model Transformation - Assessing, designing and implementing effective and outcome orientated security operating models. As An Experienced Consultant In The Business You’ll Help Set The Direction, Grow Our Business, Model Our Values And Behaviours, And Coach And Develop Junior Members Of The Team. Key Expectations From This Role Include: Engaging in projects for our clients which transform their Cybersecurity, Architecture and Operational Resilience capabilities, and reduce business and technology risk. Providing expertise in the strategic, organisational, and human aspects of Cybersecurity. For example, security strategy definition and high-level operating model design, which are often the first steps in engaging our clients, helping to influence the board and CxO with top-down buy-in and understanding. Providing insight for threat modelling, risk management and security overlay approaches by conducting security maturity assessments. Providing a business understanding of technical domains and tailoring these to help clients maximise value and leverage quick wins on their transformation journey. Engaging with clients in business, IT and/or security to positively influence the board and senior stakeholders to the required outcomes. Collaborating with teams and stakeholders to deliver security strategy, governance, security testing, identity & access management (IAM), security architecture, privacy, and cyber data analytics. As Part Of Your Role, You Will Also Have The Opportunity To Contribute To The Business And Your Own Personal Growth, Through Activities That Form Part Of The Following: Business Development - Leading/contributing to proposals, RFPs, bids, proposition development, client pitch contribution, client hosting at events. Internal contribution - Campaign development, internal think-tanks, whitepapers, practice development (operations, recruitment, team events & activities), offering development. Learning & development - Training to support your career development and the skills demand within the company, certifications etc. YOUR PROFILE To be successful in this role you would need to have the below mixture of skills and experience: Experience in one or more Cybersecurity domains. (e.g., Security & Risk Management, Security Architecture, Asset Security, Security Engineering, Communications & Network Security, Identity & Access Management, Security Education and Awareness, Security Assessment & Testing, Security Operations, or Software Development Security). Desired Cybersecurity experience is as follows: Working with SOC teams, OT Security, Security Architecture, Security Op Model Transformation projects and Cybersecurity Assessments. Familiarity with core Cybersecurity frameworks and industry frameworks (e.g., NIST CSF, ISO27001, CIS Critical Controls), regulations (e.g., NIS2) and financial regulations (e.g., DORA, FCA, Bank of England, etc.). Have an understanding of the future of Gen AI and the impact on cyber security. Relevant Cybersecurity qualifications such as CISSP / CISM / CompTIA Security+ preferred. Currently working in an established Consulting firm, and/or in industry but having a Consulting background. Proven ability to be successful in a matrixed organisation, and to enlist support and commitment from peers in selling and delivering consulting solutions. Experience of proposition building and delivery. Cross-sector or SME sector experience in core Capgemini sectors. (e.g., Financial Services; Public Sector; Energy, Utilities & Chemicals; Consumer Products Retail Distribution; Manufacturing, Automotive & Life Sciences; Telco, Media & Technology). Bring excellent communication skills and the confidence to influence senior stakeholders to the role. Experience in managing and leading delivery in Cybersecurity projects. Experience of proposition building and delivery. SC cleared (or above), or eligible. WHAT YOU'LL LOVE ABOUT WORKING HERE? We are delighted to have received the “Glassdoor Best Places to work UK’ accolade for 4 consecutive years. To see what it’s like to work at Ca...
- Company Name
- hackajob
- Job Title
- Senior Information Security Analyst
- Job Description
- hackajob is collaborating with Bet365 to connect them with exceptional tech professionals for this role. A Senior Information Security Analyst who will focus on the technical side of information security to ensure IT systems are built and operated in a secure manner. The Information Security team monitors live operations, creating and reacting to alerts and anomalies identified through automated tools or manual analysis. The Security Operations Centre (SOC) owns the end-to-end process from alert to resolution and are a major part of the cyber incident management process. As such, they are both a reviewer of alerts and the resolver group, not necessarily fixing, but certainly identifying the issue. As part of SOC function, you will work closely with the engineering team to define tool requirements and onboard new functionality. You will also collaborate with colleagues in governance and compliance to ensure appropriate data usage. We use industry-leading, enterprise tools to identify threats, along with in-house scripts and internet research. The day-to-day work is fast-paced and dynamic, responding to business priority and threat landscape changes. This role is eligible for inclusion in the Company’s hybrid working from home policy. Preferred Skills And Experience Experience of taking a lead role championing information security aspects, both up front and throughout the project lifecycle. Demonstrate a high level of hands-on technical experience securing operating systems and use of security related tools. Experience of security related technical investigations. Working knowledge of industry standard information security practices. Knowledge of developments in security technologies and their applications. Awareness of Payment Card Industry Data Security Standard (PCI DSS) at current version. Excellent communication and documentation skills, as well as high attention to detail. Strong organisational skills and the ability to work to deadlines. Pragmatic approach to the administration of governance and risk. Display a committed, flexible, can-do attitude towards work. Main Responsibilities Owning the technical aspect of the incident management process related to information security issues. Undertaking security related investigations. Overseeing the daily security operational processes and acting as an escalation point where necessary. Responding to, and reporting on, system alerts from various monitoring technologies. Leading the project process to ensure that information security aspects are considered up front and throughout the project lifecycle. Developing a thorough understanding of the Business, whilst supporting other members of the team. Liaising with the Business to ensure that information security requirements within each of the different jurisdictions in which we operate are complied with. Creating technical documentation. Taking an active role in audits as necessary.
- Company Name
- G-Research
- Job Title
- Security Threat Specialist
- Job Description
- Do you want to tackle the biggest questions in finance with near infinite compute power at your fingertips? G-Research is a leading quantitative research and technology firm, with offices in London and Dallas. We are proud to employ some of the best people in their field and to nurture their talent in a dynamic, flexible and highly stimulating culture where world-beating ideas are cultivated and rewarded. This role is based in our new Soho Place office – opened in 2023 - in the heart of Central London and home to our Research Lab. The role The Security Threat Specialist, working in collaboration with the business, will be responsible for both proactive and targeted threat and vulnerability identification for cyber and insider threats across the organisation. You will translate these findings into tactical fixes and help advise on the strategic remediation. Key responsibilities of the role include: Threat Hunting and Analysis Performing in-depth reviews of systems and processes to determine weaknesses and control gaps in securing against attack chains to our most valuable assets Authoring technical security documentation and threat modelling at all security levels (high level logical down to low level components) Working with the Cyber Security & Incident Response Team and Vulnerability Assessment Team to validate findings, and alongside the business to coordinate remediation Developing and delivering training and awareness to improve the business’s ability to self-identify security weaknesses Automating threat hunting activities to deliver continuous confidence in security of attack chains Security Design, Architecture, and Risk Management Providing detailed technical design advice on relevant projects, including for the long-term where required Authoring technical security documentation, including policies, standards and technical implementation guidance Making technical security recommendations to improve the security of new or existing applications, services, infrastructure and processes Assisting developers and systems administrators in designing and evaluating secure solutions Identifying key points that will require auditing to ensure future compliance with internal policy/standards or, where relevant, any indicators of potential compromise Supporting the business in making appropriate risk management decisions Driving improvements that balance security vs productivity by architecting secure-by-design systems and processes that are integrated with a good user experience Who are we looking for? The ideal candidate will be a capable and hands-on contributor. You must be both experienced and enthusiastic about your area of expertise and have a track record of excellence. The ideal candidate will have the following skills and experience: Demonstrable expertise in one of the major security specialist areas, such as penetration testing, incident response, endpoint security, network security, malware analysis or identity access management Experience in Security Architecture or Security Risk Management Practical experience of threat modelling and risk assessment of applications, services and infrastructure Technical experience reviewing engineering designs and implementations, including code reviews, for example, high level programming languages, yaml and json Excellent knowledge and a passion for information and technical security, as well as its technologies An interest in and desire for focusing on team and personnel-related matters as opposed to focusing solely on isolated challenges Sufficiently confident about security to make quick but justified commercial-based decisions Behavioural competencies Collaboration: Works well with cross-functional teams, fostering a collaborative and supportive environment Initiative: Proactively identifies opportunities for improvement and takes the necessary action to implement changes Problem Solving: Capable of assessing complex security issues and devising effective response strategies Communication: Excellent communication skills, both upwards and downwards, through a variety of media, and with the ability to convey complex information to both technical and non-technical stakeholders Why should you apply? Highly competitive compensation plus annual discretionary bonus Lunch provided (via Just Eat for Business) and dedicated barista bar 30 days’ annual leave 9% company pension contributions Informal dress code and excellent work/ life balance Comprehensive healthcare and life assurance Cycle-to-work scheme Monthly company events G-Research is committed to cultivating and preserving an inclusive work environment. We are an ideas-driven business and we place great value on diversity of experience and opinions. We want to ensure that applicants receive a recruitment experience that enables them to perform at their best. If you have a disability or special need that requires accommodation please let us know in the relevant section
- Company Name
- Saepio Information Security
- Job Title
- Senior Security Solutions Architect
- Job Description
- Senior Security Solutions Architect Location: Hybrid, London or High Wycombe, United Kingdom Salary: £80k basic, £120k OTE Year 1, Attractive Share Options Hours: Full Time - (Mon – Fri, 9am – 6pm) Reporting To: Solutions Director Who are Saepio? Saepio is an Cyber Security Solutions Provider that work with UK based corporate customers with between 100-10,000 users. We help them to protect their employees, data, users, applications, and systems from being the victims of cyber-attack. As the cyber threat landscape continues to evolve, Saepio is growing rapidly to meet the increasing demand for best fit cybersecurity solutions. To support our growth, we are recruiting a Senior Solutions Architect to join our Solutions Team. As an NCSC Assured Service Provider that partners with UK organisations to reduce cyber risk and drive security improvement, the solutions architecture team are trusted advisors to Saepio customers, helping integrate security improvements into their business objectives. They also build close relationships with Saepio’s vendor and service partners to ensure the best cyber resilience outcomes for customers. The world of cyber security is fast paced and exciting, so why not join our journey and be part of a fun and successful company with a real community atmosphere whilst helping beat the cyber criminals?! What will you be doing? Championing Saepio - highlight to prospective clients how as a service provider, Saepio can become their trusted advisor. Architecting security solutions to help address client risks through a combination of people, technology and process enhancements. Running security briefing sessions, technical reviews and workshops to ensure Saepio have the best understanding of our clients’ needs. Building relationships with disruptive vendors to stay at the forefront of the technology market curve. Sharing knowledge with Saepio account managers and vCISOs to deepen their understanding of Saepio’s security solutions. Training and mentoring colleagues in the Solutions Architecting team. Working closely with marketing to create content and run events for industry and clients, including public speaking and evangelising. Qualifications A-Level or equivalent qualifications (required). Minimum of 6 years’ experience working in technical sales, presales or solutions architecture. Security qualifications or industry certifications are desirable. Be relentlessly passionate about client satisfaction and willing to go the extra mile. Have a passion for understanding our clients’ businesses and what makes them successful. Highly motivated to continue to learn in a constantly evolving industry. Excellent interpersonal and communication skills to effectively communicate with technical and non-technical stakeholders. Be highly organised, especially with good time management. A team player and mentor – you'll be working alongside every part of the Saepio team to get the best outcomes for customers. What do we offer? Having a happy and healthy team provides the foundation for our energy and drive. · Uncapped commission · Incentive trips exploring the globe · Wellness perks and gym membership · Happy Hour Fridays · Casual dress · Free onsite parking · Pension · Flexible holidays · Hybrid remote working practices · Cycle to work scheme · Regular company social events Saepio presents a genuinely rare opportunity to be part of an ambitious, open minded, modern company with potential for career development in a fast-moving and growing industry. There couldn’t be a better time to join us so if you like what you read, we'd love to hear from you.