VP Information Security

The Deputy CISO is the CISO's principal delegate and second in command, accountable for day to day execution of the global cyber security program, team leadership and for elevating security influence across the enterprise. The role ensures cohesive strategy, robust operations, and clear business alignment in a complex logistics environment, including WMS/TMS platforms and warehouse robotics, IoT, and OT. The Deputy CISO strengthens succession planning, executive decision making, and senior business partnering across the organisation.

Operates in a global role, based at either of our UK corporate HQs (London or Northampton).

• Support the CISO in translating the enterprise risk appetite into an actionable, outcome driven security strategy; and support the multi year roadmap and quarterly OKRs.
• Chair the executive security governance forums and drive enterprise security governance mechanisms.

• Oversee Security Architecture and Engineering; ensure secure by default across cloud, application, data, identity, and infrastructure landscapes.
• Establish IDAM function with clear RACI and coherent operating model.
• Govern the security tooling strategy and operating model (build vs. buy vs. MSSP); maximize value from SIEM, SOAR, IAM, PAM, EDR, DLP, DSPM, and CTI platforms.

• Accountable for SOC performance (24×7 detection, response, threat hunting), DFIR, purple team/assurance, ransomware preparedness, and crisis playbooks.
• Maintain executive incident communications, regulator notifications, and post incident improvements.
• Act as escalation point for any security related service failures or major incidents.

• Support the TVM team in continuously reducing vulnerability levels in the organisation.
• Recommend procedural improvements and reporting to drive constant improvement.
• Drive secure-by-design into applications and ensure all applications and the wider estate are sufficiently tested for signs of vulnerability.

• Ensure audit readiness, control effectiveness (key SOX/ITGC, NIST/ISO mappings), and remediation governance; lead policy lifecycle and attestations.
• Oversee the enterprise risk process (RCSA, KRIs), executive reporting, and board risk briefings.
• Improve third party risk management (carriers, 4PL/3PL partners, SaaS/IaaS providers) and regulatory alignment.

• Ensure the Business Partnering function embeds security in product/platform roadmaps and regional operations (Americas/EMEA/APAC).
• Oversee the Info Sec PMO: portfolio selection, prioritization, benefits tracking, and transparent delivery reporting to business and technology leaders.

• Provide day-to-day management of Info Sec senior leaders (four directors/senior directors) and their teams; build succession paths, mentorship, and leadership development.
• Sponsor Security Awareness & Culture programs and executive engagement; promote inclusive, high performance behaviors.

The role has enterprise wide accountability for the execution of the global cyber security program, ensuring effective risk management, operational resilience, and alignment with business strategy. It influences executive decision making, enterprise risk posture, and regulatory outcomes across a complex global logistics environment.

You will operate in a complex and evolving threat landscape, requiring continuous improvement of security processes, tooling, and operating models. You will address ambiguous and high impact challenges across technology, risk, and business domains with enterprise wide implications.

The role engages extensively with the CISO, regulators, and senior business and technology leaders. It is responsible for executive level incident communications, regulatory engagement, and influencing security outcomes across regions and functions.

You will provide leadership to senior Info Sec leaders and their teams, supporting performance, development, and succession planning across the global security organisation.

• 15+ years in information security…