×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Head of Information Security

Job in Harrogate, North Yorkshire, HG1, England, UK
Listing for: Vp plc
Full Time position
Listed on 2026-05-08
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 150000 - 200000 GBP Yearly GBP 150000.00 200000.00 YEAR
Job Description & How to Apply Below

Overview

The Head of Information Security leads the organisation’s cyber, information security and technology risk agenda, ensuring Vp’s platforms, applications, data and digital services remain secure, resilient and compliant. You will define a modern, risk‑aligned security and risk strategy, uplift control maturity, and build a governance, oversight and assurance capability that partners closely with product, data and engineering teams.

Reporting to and working closely with the Group CIO, Technology SLT, Internal Audit and ExCo, you will be Vp’s senior adviser on cyber risk, emerging threats, architectural risks, data protection and security compliance. You will build a small high-performing team focussed on security architecture, governance, risk management and assurance, while collaborating with Service Management (ITSM, service operations and continuity), Infrastructure & Cloud (infrastructure, cloud platforms and resilience) to ensure a well‑coordinated technology control environment.

The role recognises that Vp operates a mixed technology landscape including in‑house written applications, enterprise SaaS platforms, and modern data platforms. You will ensure that the security posture of applications, data flows, pipelines and underlying architectures meet the organisation’s risk appetite and regulatory obligations.

Key Responsibilities
  • Strategy, Governance & Architecture:
    Define and lead the enterprise security and risk strategy aligned to business goals and regulatory requirements. Own policies, standards, and assurance frameworks. Act as security design authority, embedding secure-by-design principles across applications, data platforms (e.g. Snowflake/dbt), and cloud (Azure/AWS). Ensure best practices in identity, encryption, and secure integration
  • Cyber Security Oversight:
    Provide oversight of security operations (e.g. SOC/MSSP), ensuring effectiveness and alignment to risk priorities. Set direction and assurance while Infrastructure & Cloud / Service teams handle operations. Maintain a consolidated view of risks, threats, and control gaps
  • Identity & Access Management:
    Own identity governance, including lifecycle, RBAC, and access certification. Oversee privileged access (PAM), monitoring, and segregation of duties. Ensure identity controls are effective, audited, and well managed operationally.
  • Vulnerability, Threat &

    Risk Management:

    Lead vulnerability management across all platforms (apps, data, cloud, APIs). Define remediation standards and reporting. Commission testing (pen tests, code reviews, red teaming). Maintain and report the enterprise risk register to senior leadership
  • Monitoring, Assurance & Tooling:
    Define monitoring and detection strategy across the stack. Ensure security tooling (SIEM, EDR, IDS/IPS, DLP, etc.) is effective. Embed monitoring into operations and conduct assurance reviews against policies and architecture
  • Regulatory & Compliance:
    Own compliance with GDPR, ISO
    27001, NCSC and related standards. Maintain practical policies embedded in business processes. Lead audits and provide clear reporting on compliance posture
  • Security Culture & Awareness:
    Deliver a targeted security awareness programme across business and technical teams, including training, phishing simulations, and behaviour change initiatives
  • Third-Party Risk:
    Own supplier security framework, including due diligence, contracts, and ongoing assurance. Assess risks across vendors, SaaS, and partners, working with Procurement and Legal
  • Leadership &

    Collaboration:

    Act as the senior security advisor to executives and the Board. Build strong relationships across product, engineering, and data teams to embed security. Lead and develop the security function and align with Infrastructure & Service teams
  • Budgeting & Continuous Improvement:
    Manage security investment and roadmap. Report on risk, incidents, and maturity. Use data, audits, and threat intelligence to continuously improve controls and reduce risk
What We’re Looking For

You will be a senior, credible leader who can combine strong security and risk expertise with pragmatic decision‑making and the ability to influence at all levels. You work collaboratively,…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search