Head of Cyber Security

Location: Hybrid working, Kings Hill base with to other sites as required

Salary/package: £100,000 - £110,000 per annum

Contract type: Permanent

Hours: Full time, 37 hours per week

We are looking for an experienced and forward-thinking cyber security leader to join our Corporate Services division as Head of Cyber Security. This is a senior strategic role with organisation-wide visibility and impact. If you have the vision, expertise and influence to embed robust cyber security across a complex and fast-growing business, we want to hear from you.

Commercial Services Group is one of the UK's largest local authority‑owned trading organisations, comprising 33 diverse businesses that operate across education, local government, the NHS and beyond. We provide services in recruitment, energy, procurement, legal, IT, HR, education supplies, facilities management and more. With more than 1,800 employees and a global footprint, we combine commercial excellence with social impact, reinvesting a significant proportion of our profits into public services.

Corporate Services underpins the success of all Commercial Services Group trading divisions by providing the infrastructure, expertise and governance needed to enable growth, innovation and resilience. The Cyber Security function sits within Corporate IT and plays a central role in protecting the Group's digital assets, data and reputation.

As Head of Cyber Security, you will be responsible for shaping and delivering CSG's cyber security vision and strategy. You will lead the development and continual improvement of a Group‑wide security programme, ensuring that our digital infrastructure, applications and data are secure, compliant and resilient. This is a strategic leadership role that also holds operational oversight and will act as the organisation's Chief Information Security Officer (CISO).

• Provide strategic leadership for the Group's cyber security vision, strategy and programme
• Collaborate closely with the Cyber Operations team and wider IT colleagues to align strategy, governance and operational security activities
• Monitor and improve the organisation's information security posture, ensuring initiatives are aligned to business goals
• Oversee the Information Security Management System (ISMS) and maintain compliance with relevant standards including ISO 27001, NIST‑CSF and Cyber Essentials Plus
• Lead on policies, controls and risk mitigation in collaboration with technical and operational teams
• Provide assurance over incident response capabilities and governance, ensuring effective escalation procedures
• Ensure compliance with all relevant regulatory requirements such as GDPR, NIS and the UK Data Protection Act
• Act as the accountable officer for information security across CSG
• Report regularly to the Executive Board and Audit & Risk Committee on strategic security matters
• Promote a strong culture of cyber security awareness through training and internal engagement
• Act as a key liaison for auditors, regulators and law enforcement
• Maintain alignment with Kent County Council's CISO on governance and assurance

• Significant experience leading cyber security strategy and governance in a complex, multi‑entity organisation
• Professional certification such as CISM, CISSP or CISA
• Hands‑on experience managing ISMS and compliance with frameworks such as ISO 27001, NIST, CIS‑20CSC and Cyber Essentials
• Strong understanding of security legislation and regulatory requirements, including GDPR and PCIDSS
• Confident presenting to Executive Boards, Audit Committees and external stakeholders
• A collaborative and credible leader, able to influence technical and non‑technical audiences
• Experience working at a senior level within IT infrastructure and cyber architecture
• Comfortable operating across operational and strategic levels with matrix leadership responsibilities

• Salary of £100,000-£110,000 per annum
• 25 days annual leave increasing with service, plus your birthday off
• Life assurance cover (4x salary)
• Single cover health cash plan
• Pension scheme with 6 percent employer contribution
• Additional benefits including retail and gym discounts, wellbeing programme and cycle to work scheme
• Volunteer days and access to a wide range of learning and development opportunities
• A collaborative and ambitious working environment with real purpose

Commercial Services Group is the UK's largest local authority‑owned trading company (LATCO), generating over £800 million in revenue and supporting 16,000 education and public sector customers worldwide. With more than 1,800 employees across the UK, Dubai and Bangkok, we are working towards becoming the global leader in education and public sector solutions.

We are expanding rapidly, with annual growth of around 25 percent, supported by a blend of organic development, acquisitions and strategic partnerships. Our 33 trading businesses deliver a wide range of services including education management, IT, HR, legal, energy, procurement and supplies.

CSG is wholly owned by local authorities, and a significant proportion of our profits is reinvested into frontline public services. Over £77 million has already been returned, reflecting our commitment to combining commercial performance with meaningful social impact.

We are committed to fostering a diverse and inclusive workplace where everyone feels valued and respected. We encourage applications from suitably qualified people of all backgrounds.

We are committed to providing reasonable adjustments throughout our application and interview process; please let us know if you require any.