Chief Information Security Officer

Social network you want to login/join with:

col-narrow-left

Motability Operations

Edinburgh, United Kingdom

Other

-

Yes

col-narrow-right

5615cf41bd25

23

12.08.2025

26.09.2025

col-wide

About The Role The Chief Information Security Officer (CISO) is a senior leader responsible for establishing and maintaining the organisation's vision, strategy, and programs related to information security. The CISO plays a crucial role in safeguarding the organisation's sensitive data, intellectual property, and information systems from potential threats and cyberattacks.

The CISO collaborates with various departments, including IT, legal, business risk, and business units, to ensure the implementation of effective security measures and adherence to industry best practices and regulatory requirements. As CISO, you will be responsible for:

• Information Security Strategy: Develop and communicate a comprehensive information security strategy that aligns with the overall business goals and objectives. Ensure adherence to this strategy across the entire technology estate.
• Risk Management: Identify, assess, and prioritise security risks, considering potential impact on the organisation's operations, reputation, and finances. Implement security risk mitigation measures and ensure the development of an information security risk-aware organisational culture.
• Security Governance: Work with the Data Protection team to establish and maintain the organisation's information security governance framework and ensure appropriate technical guardrails are in place, including policies, standards, and procedures. Ensure compliance with applicable laws, regulations, and industry standards (e.g., GDPR, ISO 27001, NIST Cybersecurity Framework).
• Incident Response: Oversee the development and testing of technology incident response plans. Coordinate with relevant stakeholders to promptly respond to and resolve cybersecurity incidents, minimising damage and potential downtime.
• IT Continuity: Ensure DR testing takes place and provide support to the Business Risk division to manage IT continuity risks. Represent IT continuity in the Business Risk and DR committee.
• Security Architecture: Collaborate with IT teams to design, implement, and maintain secure IT infrastructure, applications, and networks. Work with the IT Architecture team to ensure security controls are integrated into technology solutions from the outset.
• Vendor and Third-Party Risk Management: Implement a process to assess and monitor the security posture of third-party vendors and service providers with access to the organisation's systems or data.
• Security Compliance and Auditing: Regularly review security measures and support internal audits to assess the effectiveness of security controls. Address findings and ensure timely remediation.
• Security Incident Reporting: Report to leadership on security posture, risks, and initiatives. Communicate effectively to raise awareness and support for security initiatives. Chair or participate in Security Governance forums, including the Risk Management Committee.
• Industry Knowledge and Innovation: Stay updated on cybersecurity threats, trends, and technologies. Evaluate and introduce innovative security solutions to enhance security posture.
• Budgeting, Supplier, and Cost Control: Manage the department budget, control expenses, and ensure value for money. Oversee department suppliers to ensure timely delivery of services aligned with procurement strategies.
• Team Leadership: Lead, mentor, and inspire the security team. Foster a culture of innovation, accountability, and collaboration. Define standards for Information Security and work with partners to build a consistent approach.

About You Minimum Criteria

• Proven significant experience in information security and leadership roles.
• Strong knowledge of cybersecurity principles, standards, and best practices.
• Understanding of data protection and privacy regulations.
• Strong leadership and motivational skills.
• Excellent communication skills for technical and non-technical audiences.
• Strategic thinking aligned with business goals.
• Analytical and problem-solving skills.
• Experience in budgeting and resource management.
• Relevant certifications such as CISSP, CISM, or CISA.

About The Company Motability Operations is a unique organisation that provides worry-free mobility solutions to over 630,000 customers across the UK. We lease a range of vehicles including cars, wheelchair accessible vehicles, scooters, and powered wheelchairs, with insurance, maintenance, and breakdown assistance included.

We are the largest car fleet operator in the UK, purchasing around 10% of all new cars sold, working with around 5,000 car dealers and major manufacturers. Our values are:

• We find solutions
• We drive change
• We care

Benefits include competitive rewards, pension, generous leave, private medical insurance, vehicle schemes, health screenings, and more. We are committed to diversity and inclusion, providing accessible workplaces and flexible working arrangements.