Head of Information Security

We are looking for an experienced and results-driven Information Security leader with a deep background in insurance, Azure Cloud, and identity and access management. The ideal candidate will bring expertise in security frameworks, cloud solutions, and active directory services to lead our security strategy, manage risk, and ensure compliance with regulations.

About the Team:

Join a fast-paced, dynamic team shaping the future of enterprise technology, digital, and data strategy. We value innovation, collaboration, and agility, with a focus on delivering top-tier user experiences.

Role Overview:

As Head of Information Security, you'll report to the CISO and lead our security operations, focusing on Azure Cloud, Defender, Sentinel, and Entra ID to safeguard critical information assets across the organization.

Key Responsibilities:

• Drive and maintain a robust Cyber Security strategy in line with business objectives and regulatory requirements (e.g., FCA, ISO 27001, NIST).
• Lead security operations, including monitoring, incident response, and vulnerability assessments.
• Ensure top-tier security for Azure Cloud environments, including Microsoft Defender, Sentinel, and Entra ID solutions.
• Manage audits, compliance, and supplier security profiles, ensuring adherence to industry standards.
• Oversee risk management and threat detection to minimize vulnerabilities.
• Lead the Security Operations Center (SOC) for continuous monitoring and response.
• Develop and implement technical security solutions (e.g., firewalls, encryption, IDS/IPS).
• Ensure effective security awareness programs and training.
• Collaborate across teams to integrate secure design practices and enhance security posture.
• Report regularly on security incidents, performance metrics, and risk assessments.

Key Requirements:

• Experience: Minimum 10 years in information security, with 4+ years in a leadership role.
• Insurance Background: Experience within the insurance industry is a must.
• Technical Expertise: Proficiency in Microsoft Azure security (Defender, Sentinel, Azure AD, Entra ID) and risk management.
• Strong knowledge of security standards such as NIST, ISO/IEC 27000 series, and SOC 2.
• Familiar with regulatory compliance, including FCA standards and data protection laws.
• Certifications: CISSP, CISM, or CISA certifications are a plus.

Personal Attributes:

• High-level problem-solving and decision-making abilities.
• Strong leadership, communication, and interpersonal skills.
• Ability to thrive in high-pressure environments and adapt to an evolving cyber threat landscape.
• Detail-oriented with a commitment to excellence and security best practices.