Head of Information Security

London (Central), London (Greater)
£65,000 - £80,000 dependent on experience
31 Jul 2019
28 Aug 2019
IT, Security
Contract Type

Job title:                      Head of Information Security 

Location:                    London, SW1H 9NP

Hours:                         Full-time

Salary:                        £65,000 - £80,000 dependent on experience

Employer:                  The Go-Ahead Group plc 

 Duration:                    Permanent  


The Go-Ahead Group plc is seeking a Head of Information Security to lead Information Security Department. 

Key responsibilities 

The Head of Information Security will: 

·         manage and mitigate Information Security risks and threats across the Go-Ahead group throughout personnel, processes and Information Security platforms;

·         oversee maturing of Go-Ahead’s Information Security governance, risk and compliancy ensuring that the Go-Ahead is safe and secure at all times for employees and customers;

·         build and develop an Information Security team, providing a day to day leadership and management to the team, employee development and develop their overall function;

·         develop and operate a cyber security incident detection and response capability, including interfaces with required stakeholders and agencies, threat intelligence services, forensics and root-cause analysis;

·         manage the identification and remediation of cyber security threats both as BAU and as part of delivery of new systems and capabilities;

·         develop and maintain the Information Security Management System framework across the Go-Ahead group both nationally and internationally ensuring alignment to the associated process and procedures to manage information security delivery and incident management;

·         develop and mature the Information Security strategy, roadmap and architectural principles working alongside Information Security colleagues and Operating Company senior executives and colleagues;

·         develop strong and collaborative matrix-managed relationships with Go-Ahead’s operating company Information Security leads and directors;

·         support and assist Go-Ahead’s operational colleagues as required during security incidents, ensuring any such events are quickly identified and mitigated accordingly;

·         ensure that all work is carried out in accordance with the Go-Ahead’s risk assessment practices and health & safety policy requirements;

·         ensure compliancy to relevant Information Security legislation in accordingly with Go-Ahead’s relevant legislative and regulatory requirements including the General Data Protection Regulation (GDPR), Network and Information Systems (NIS) and PCI-DSS guidance.

Criteria for selection 

The candidate must have the following:

Specialist knowledge and skills  

·         significant knowledge around core Information Security (IS) platforms including areas such as SIEM’s, Threat Intelligence, Vulnerability Management, Firewalls, Proxies, End-User AV, Encryption & DDOS protections; 

·         significant knowledge around IS incident management and security operations centre best-practices;

·         significant working expertise around IS governance, risk and compliancy best practices including an understanding of NIST, CIS-20, ISO-27001/2;

·         intermediate knowledge around PSI/DSS compliancy and EU directives GDPR/NIS compliancy;

·         intermediate knowledge on the principles of Cyber Security, IS and DDoS protection;

·         the ability to analyse complex technical and business-driven risks and to formulate well-reasoned and logical propositions to mitigate and manage the associated risks;

·         understanding and correlating disconnected documentation and information into structured architecture models and principles that support IS transformation and meet our compliancy needs;

·         working knowledge around IT infrastructure including datacentres, WAN/LAN networking, Security Infrastructure (Firewalls/Load-Balancers/DDoS);

Relevant experience

·         significant experience in managing IS teams and organisations in a highly-complex, global organisation;

·         significant experience in developing an IS practice from conception and maturing in-line with board expectations;

·         significant experience in developing and operating security processes, procedures and standards aligned with IS best-practices;

·         experience in managing security operations in an outsourced environment through global partners;

·         experience of scoping/designing IS projects within a complex, multi-stakeholder environment;

·         experience in direct people management and/or managing security specialist in a matrix-management environment including cross-functional working groups and steering boards;

Interpersonal and communication skills

·         possess excellent stakeholder management capability with external and internal customers, peers and suppliers, including the ability to engage at CxO level engagement;

·         possess the ability to transfer IS terminology/jargon into business terminology enabling simple/comprehensive understanding at a senior level;

·         excellent verbal and written communication skills, including the ability to represent Go-Ahead within industry forums, workshops or technical forums;

·         interacts with senior management/employees in developing solutions to problems & creating efficiencies in IS processes to mitigate risk;

·         strong technical capability with the ability to engage in constructive dialogue around the merits of varying IS solutions or technical principles; and

·         be self-starter, able to work independently and as part of a team/matrix-team in a fast-paced/risk-based environment.

To apply, submit your CV and covering letter via the portal.  

Date posted:     31 July 2019

Closing date:     28 August 2019

Apply for Head of Information Security

Already uploaded your CV? Sign in to apply instantly


Upload from your computer

Or import from cloud storage

Your CV must be a .doc, .pdf, .docx, .rtf, and no bigger than 1MB

Upload from your computer

Or import from cloud storage

Your Supporting Document or cover letter must be a .doc, .pdf, .docx, .txt, .rtf, and no bigger than 8MB

4000 characters left

When you apply for a job we will send your application to the named recruiter, who may contact you. By applying for a job listed on Fish4.co.uk you agree to our terms and conditions and privacy notice. You should never be required to provide bank account details. If you are, please email us.