Head of Cyber Security

Company Description

Smiths Detection, a global leader in threat detection and screening technologies for aviation, ports & borders, defense, and urban security. Our expertise is spread across 5 R&D centers, 21 global offices, and 7 manufacturing sites with 3,000 brilliant minds contributing for over 40 years at the frontline, enabling us to deliver the solutions needed to protect our society from any threat and illegal passage of explosives, prohibited weapons, contraband, toxic chemicals, and narcotics.

Every minute of every day, our technology and talented team members help make the world a safer place –

Own and lead Smiths Detection's enterprise cybersecurity posture through separation and into steady‑state operations. Establish an effective security operating model (internal + vendors), reduce cyber risk, and embed security into technology delivery and day‑to‑day operations. This is a hybrid role based in Hemel Hempstead, Hertfordshire.

• Cyber strategy & operating model: define and execute the detection cybersecurity strategy aligned to business priorities and the separation roadmap; establish “Day 1 secure” and “Day 100 independent” outcomes.
• Security operations & incident response: lead detection's incident management, response readiness, and crisis communications; ensure effective monitoring and detection via SOC/MDR partners; maintain playbooks and conduct exercises.
• Threat & vulnerability management: run vulnerability management across endpoints, servers, network and cloud; coordinate remediation with IT and product/engineering stakeholders; track risk exceptions.
• Identity & access security (with IT Ops/IAM): ensure strong IAM controls (MFA/SSO, privileged access, joiner/mover/leaver governance) and access reviews.
• Security architecture & engineering partnership: define security patterns/standards; partner with enterprise architecture and solution architects to approve designs; ensure security is built into programmes.
• Third‑party and supplier security: oversee security requirements for vendors, including separation suppliers and managed services; assure contractual controls and evidence.
• Security metrics & reporting: build meaningful KPI/KRI reporting (risk posture, patch/vuln SLAs, incident trends, control health) for CIO, leadership, and (where required) customers/auditors.
• Security awareness & culture: drive practical security behaviours and training, tailored to detection's environment.

• Senior cybersecurity leadership across enterprise IT (and ideally global/multi‑site environments)
• Strong incident response and operational security background; ability to lead under pressure
• Experience managing SOC/MDR, penetration testing, and security vendors with measurable outcomes
• Solid grasp of modern security controls: IAM/PAM, EDR, email security, network security, cloud security
• Risk‑based thinking and ability to communicate trade‑offs to business and technology leaders
• Experience in regulated / critical infrastructure / high‑assurance customer environments
• Familiarity with security frameworks (e.g., ISO 27001, NIST CSF) and audit evidence expectations
• Exposure to product/OT security governance and supply‑chain assurance (SBOM, vulnerability disclosure)
• Eligible to obtain UK SC level clearance.

• Bachelor's degree in Computer Science, Engineering, Information Security, or equivalent experience. Master’s degree preferred.
• Relevant security certifications desirable (e.g., CISSP, CISM, CCSP, GIAC).

To find out more about life at Smiths Detection check out our Linked In  and follow our story.

We believe that different perspectives and backgrounds are what make a company flourish. All qualified applicants will receive equal consideration for employment regardless of race, colour, religion, sex, sexual orientation, gender identity, national origin, economic status, disability, age, or any other legally protected characteristics. We are proud to be an inclusive company with values grounded in equality and ethics, where we celebrate, support, and embrace diversity.

At no time during the hiring process will Smiths Group, Smiths Detection, or any of our recruitment partners ever request payment to enable participation, including interviews or testing. Avoid fraudulent requests by applying directly through our career website: