Head of IT Security

The Ellison Institute of Technology (EIT) Oxford’s purpose is to have a global impact by fundamentally reimagining the way science and technology translate into end-to-end solutions and delivering these solutions in programmes and platforms that respond to humanity’s most challenging problems.

EIT Oxford will ensure scientific discoveries and pioneering science are turned into products for the benefit of society that can have high-impact worldwide and, over time, be commercialised to ensure long-term sustainability.

Led by a faculty of world experts, EIT Oxford seeks to solve the world’s most challenging problems across four high-risk, high-reward, high-impact humane endeavours: health and medical science; food security and sustainable agriculture; climate change and clean energy; and government innovation in an era of artificial intelligence.

EIT Oxford is investing significant resources in a new world-class research and development facility in the Oxford Science Park. Set for completion in 2027, the state-of-the-art campus includes 300,000 sq ft of research laboratories, an oncology and preventative care clinic, and educational and meeting spaces. Together, they create the perfect environment for EIT Oxford experts to take ground-breaking ideas from research to broad implementation. The new facility will further EIT’s current partnership with the University of Oxford and become the new home for Ellison Scholars.

EIT Oxford is committed to cultivating a community where excellence is achieved through collaboration, trust, innovation and tenacity. We foster an environment where everyone’s experience and expertise are valued. We are curious and resilient in our efforts to drive long-term, sustainable innovation to meet humanity’s most enduring challenges.

We are seeking an experienced and visionary Head of IT Security to lead our cybersecurity function. Reporting to the IT Director, you will be responsible for safeguarding our critical scientific and technological assets. This role demands a proactive leader with deep expertise in Security Operations, Risk & Compliance Management, Identity & Access Management and the ability to work cross-functionally with IT, research teams and executive leadership. The successful candidate will be instrumental in building and enhancing security systems, frameworks, and processes to support the organisation in achieving multiple industry accreditations within defined industry standards (e.g., ISO 27001 / 27101, NIST, Cyber Essentials, GDPR, GXP, etc.).

Key Responsibilities:

• Build, mentor, and lead a high-performing, professional cybersecurity team.
• Develop and execute a comprehensive cybersecurity roadmap aligned with EIT’s business objectives.
• Collaborate with the wider IT, legal, and compliance teams to implement security best practices.
• Provide expert guidance on cybersecurity risks and strategies to senior leadership and board members.
• Establish, build and maintain strong partnerships with specialist cybersecurity organisations to enhance our cybersecurity posture and incident response capabilities.

Security Operations & Engineering

• Develop, implement, and oversee enterprise-wide security operations to detect, prevent, and respond to cyber threats.
• Lead and enhance Security Information and Event Management (SIEM) and Threat Intelligence capabilities.
• Lead security incident response and forensic investigations, ensuring robust incident handling and mitigation.
• Report on cybersecurity KPIs and manage significant IS risks and their appropriate Risk Treatment Plans.

Risk & Compliance Management

• Define and enforce IT security policies, standards, and procedures.
• Ensure compliance with industry accreditations (e.g., ISO 27001, NIST, GDPR), working closely with external auditors and regulatory bodies.
• Conduct regular risk assessments and vulnerability management, and penetration testing to identify and mitigate security risks.
• Oversee security awareness training programs, ensuring a strong security culture is implemented and embedded throughout the institute.

Identity & Access Management (IAM)

• Design and implement robust IAM frameworks, ensuring least-privilege access, Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) are enforced.
• Manage and improve Privileged Access Management (PAM) solutions to safeguard critical systems.
• Ensure seamless and secure access control for employees, partners, and researchers while maintaining compliance.

Requirements

Essential Skills, Qualifications & Experience:

• Demonstrable experience in cybersecurity leadership roles within enterprise-sized organisations.
• Proven track record in Security Operations, Risk Management, IAM, and Compliance.
• Hands-on experience with security tools such as SIEM, EDR/XDR, Firewalls, IDS/IPS, DLP, and IAM solutions.
• Working knowledge of security frameworks: ISO 27001, NIST, CIS, SOC 2, GDPR, GXP, etc.
• Experience in cloud security.
• Proficient in threat modeling, penetration testing, vulnerability management, and security incident response.
• Demonstrated ability to build security teams and drive cybersecurity initiatives from scratch.
• Experience in supporting organisations through security accreditation processes.
• Strong ability to translate technical risks into business impacts for executive leadership.
• Excellent stakeholder management, communication, and leadership skills.
• Adaptable, agile mindset able to manage and be comfortable with changing business priorities.

Desirable Skills, Qualifications & Experience:

• IT security experience gained within Biotech, Science, Research or Pharma industries.
• Experience in cloud security, within Oracle Cloud Infrastructure security is highly desirable.
• CISSP (Certified Information Systems Security Professional).
• CISM (Certified Information Security Manager).
• CRISC (Certified in Risk and Information Systems Control).
• CCSP (Certified Cloud Security Professional).

We offer the following salary and benefits:

• Salary: £80,000 - £90,000 + bonus and travel allowance.
• Enhanced holiday pay.
• Pension.
• Life Assurance.
• Income Protection.
• Private Medical Insurance.
• Hospital Cash Plan.
• Therapy Services.
• Electric Car Scheme.

Why work for EIT:

At the Ellison Institute, we believe a collaborative, inclusive team is key to our success. We are building a supportive environment where creative risks are encouraged, and everyone feels heard. Valuing emotional intelligence, empathy, respect, and resilience, we encourage people to be curious and to have a shared commitment to excellence. Join us and make an impact!

Terms of Appointment:

You must have the right to work permanently in the UK with a willingness to travel as necessary.

You will live in, or within easy commuting distance of, Oxford and can commit to 3 days per week working from our Oxford office as a minimum.

During peak periods, some longer hours may be required and some working across multiple time zones due to the global nature of the programme.

This role does not have a scheduled closing date for applications, however we encourage all candidates to apply as soon as possible, as we will close the role for applications in the event of receiving a high volume of applications.