Head of IT Security

About the Role

The Head of IT Security is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. This role leads the organization’s cybersecurity initiatives, risk management, and compliance efforts, ensuring alignment with business objectives.

This role combines strategic security leadership with hands-on oversight of tooling, suppliers, controls, and assurance activities. The position will act as the organisation’s day-to-day security authority, working closely with IT, engineering, operations, and third-party security partners.

One of the main ambitions of the Group is to get all Group companies to Cyber Essentials Plus level and to obtain ISO 27001 accreditation. The Head of Information Security will lead and drive this initiative.

The role is particularly focused on Microsoft-centric security architectures, outsourced SOC management, and security governance and compliance (GDPR, Cyber Essentials Plus, ISO 27001).

Key Responsibilities

Security strategy & governance

• Define, maintain, and execute Mecsia’s information security strategy, aligned with business growth and risk appetite

• Own security policies, standards, and control frameworks across the group

• Provide regular security risk reporting to the CIO and senior leadership team

• Act as the organisation’s primary security design authority

Microsoft security platform ownership

• Own and optimise the Microsoft security stack, including:

• Microsoft Defender (Endpoint, Identity, Office 365, Cloud Apps)

• Microsoft Sentinel (SIEM / SOAR)

• Entra ID (Conditional Access, Identity Protection)

• Intune / MDM for mobile and endpoint security

• Ensure security controls are proportionate for a mixed workforce (mobile-only users and desktop/laptop users

SOC & third-party security management

• Act as service owner for the outsourced 24/7 SOC (Microsoft Sentinel-based)

• Define use-cases, alerting thresholds, escalation paths, and response playbooks

• Oversee supplier performance, SLAs, and continuous improvement

• Coordinate incident response across internal teams and external partners

Network & cloud security

• Own security architecture and policy oversight for Cato SASE

• Ensure effective integration between network security, identity, endpoint, and SIEM tooling

• Work closely with infrastructure and cloud teams to ensure secure-by-design solutions

Compliance, assurance & risk

• Own and maintain compliance with:

• GDPR (in collaboration with Legal / DPO where applicable)

• Obtain and maintain Cyber Essentials Plus accreditation

• Obtain and maintain ISO 27001 accreditation (ISMS operation, audits, continuous improvement)

• Manage risk registers, DPIAs, supplier security assessments, and audit findings

• Lead internal and external audits and remediation activities

Incident response & resilience

• Own and test incident response plans, playbooks, and escalation models

• Coordinate response to security incidents, including regulatory and customer communications where required

• Support business continuity and disaster recovery planning from a security perspective

Stakeholder engagement & education

• Act as a trusted advisor to IT, operations, and senior management

• Provide pragmatic security guidance to non-technical stakeholders

• Lead security awareness and training initiatives across the organisation

Skills and Experience

Essential:

• Proven experience in an Information Security Manager / Cyber Security Manager role

• Strong hands-on experience with Microsoft 365 security tooling, especially Defender and Sentinel

• Experience working with outsourced SOC services and MSSPs

• Solid understanding of GDPR, including DPIAs and incident reporting

• Practical experience delivering and maintaining Cyber Essentials Plus

• Experience operating or contributing to an ISO 27001 ISMS

• Strong knowledge of identity, endpoint, network, and cloud security principles

• Experience supporting environments with mobile-first and frontline workers

Preferred:

• Experience in multi-entity or acquisitive organisations

• Familiarity with SASE platforms (especially Cato Networks)

• Knowledge of NCSC / NIST / CIS security frameworks

• Experience working in regulated or safety-critical environments

Qualifications & certifications (desirable)

• CISSP, CISM, or equivalent

• ISO 27001 Lead Implementer / Auditor

• Microsoft Security certifications (SC-200, SC-300, SC-400, etc.)

Personal attributes

• Pragmatic and risk-based (not “checkbox security”)

• Comfortable balancing strategic leadership with operational oversight

• Able to influence without authority and work cross-functionally

• Calm and structured under pressure during incidents

• Strong written and verbal communication skills

Salary & package

• £80,000 – £100,000 (depending on experience)

• Bonus / performance incentives

• Pension and benefits

• Hybrid working

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, colour, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability.