Head of Information Security

Head of Information Security

Salary: £95,000 - £99,000 per annum

Department:Technology, Chief Operating Office

Hours: Full-time (we're happy to discuss flexible working arrangements)

Location: Stratford, London Office-based with high flexibility (typically 1-2 days per week in the office).

Closing date: 3rd August.

This vacancy may close earlier if a high volume of applications are received or once a suitable candidate is found.

At Cancer Research UK, we exist to beat cancer.

We are professionals with purpose, beating cancer every day. But we need to go much further and much faster. That's why we're looking for someone talented, someone determined, someone like you.

We have an exciting opportunity for a Head of Information Security to join us.

In this position, you'll be responsible for developing and implementing Cancer Research UK's information security strategy, ensuring the protection of sensitive data, and maintaining compliance with relevant regulations. You'll lead a team of security professionals, manage security incidents, and foster a culture of security across the organisation, working very closely with CRUK's Cyber programme.

In a supportive working environment, you'll discover something new every day, whether it's a new connection, a new method of engagement or a talent you never knew you had. You'll also be surrounded by people who are as dedicated to beating cancer as you are.

What will be some of the main responsibilities?

• Strategic Leadership: Develop and execute CRUK's information security strategy, aligning with organisational goals and risk appetite.
• Incident Management: Oversee security incidents and investigations, ensuring effective response and remediation.
• Compliance and Governance: Ensure compliance with UK GDPR, Data Protection Act 2018, PCIDSS v4.0, and other relevant regulations. Collaborate with Data Privacy, Risk, and Audit teams.
• Security Operations: Implement and enhance security controls across various platforms (Microsoft 365/Azure, AWS, Salesforce, etc.). Manage threat intelligence, monitoring, and incident response.
• Policy Development: Develop and maintain information security policies, procedures, and guidance.
• Stakeholder Engagement: Communicate effectively with C-suite, trustees, regulators, and technical teams. Represent CRUK in external security networks.
• Lead and develop a growing team of information security specialists (7+ FTE).

What skills are we looking for?

• Significant experience of senior information security leadership in a multisite, data-rich environment, as well as hands-on experience with security architecture for cloud and hybrid networks.
• Highly effective people manager, of both technical and non-technical teams.
• Confidence engaging C-suite, trustees, regulators and technical teams alike; clear, persuasive communicator.
• Proven communication skills with the ability to influence and negotiate through risk-based decision making.
• Continuous improvement mindset with the ability to find creative solutions to problems and a willingness to challenge conventional thinking by the development of alternative solutions.
• Highly organised with excellent project, service and supplier management skills.
• Certifications: CISSP, CISM, CCSP, or ISO 27001 Lead Auditor/Implementer.

What will I gain?

Each and every one of our employees contributes to our progress and is supporting our work to beat cancer. We think that's impressive.

In return, we make sure you are supported by a generous benefits package, a wide range of career and personal development opportunities and high-quality tools, policies and processes to enable you to do your job well.

Our benefits package includes a substantial retirement plan, a generous and flexible leave allowance, discounts on anything from travel to technology, gym membership, and much more.

We don't forget people have lives outside of work too and so we actively encourage a flexible working culture.

Our work - from funding cutting-edge research to developing public policy - will change the world. It's exciting to be part of our team.

How do I apply?

We operate an anonymised shortlisting process in our commitment to equality, diversity and inclusion. CVs are required for all applications; but we won't be able to view them until we invite you for an interview. Instead, we ask you to complete the work history section of the online application form for us to be able to assess you quickly, fairly and objectively.

For more information on this career opportunity please visit our website or contact us.

For more updates on our work and careers, follow us on: Linked In, Facebook, Instagram, Twitter and YouTube.