Head of IT Security

Mecsia is a leading UK provider of technical inspection, maintenance, and engineering services, aiming to transform the industry with a ‘Local Service, National Reach’ approach. The company has grown significantly through organic expansion and strategic acquisitions, serving large clients across commercial offices, healthcare, and educational facilities. Under private equity ownership since 2020, Mecsia has expanded to approximately 1,200 employees, including 700 engineers. In 2024, Mecsia was acquired by Synova, recognised as the PE house of the year for four of the last seven years, and supports an ambitious growth strategy through service excellence and further acquisitions.

This role is based remotely with occasional travel.

The Head of IT Security is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. This role leads the organisation’s cybersecurity initiatives, risk management, and compliance efforts, ensuring alignment with business objectives. It combines strategic security leadership with hands‑on oversight of tooling, suppliers, controls, and assurance activities. The position will act as the organisation’s day‑to‑day security authority, working closely with IT, engineering, operations, and third‑party security partners.

One of the main ambitions of the Group is to bring all Group companies to Cyber Essentials Plus level and to obtain ISO 27001 accreditation. The Head of Information Security will lead and drive this initiative, focusing on Microsoft‑centric security architectures, outsourced SOC management, and security governance and compliance (GDPR, Cyber Essentials Plus, ISO 27001).

• Define, maintain, and execute Mecsia’s information security strategy, aligned with business growth and risk appetite.
• Own security policies, standards, and control frameworks across the group.
• Provide regular security risk reporting to the CIO and senior leadership team.
• Act as the organisation’s primary security design authority.

• Own and optimise the Microsoft security stack, including Microsoft Defender (Endpoint, Identity, Office 365, Cloud Apps), Microsoft Sentinel (SIEM / SOAR), Entra ID (Conditional Access, Identity Protection), and Intune / MDM for mobile and endpoint security.
• Ensure security controls are proportionate for a mixed workforce (mobile‑only users and desktop/laptop users).

• Act as service owner for the outsourced 24/7 SOC (Microsoft Sentinel‑based).
• Define use‑cases, alerting thresholds, escalation paths, and response playbooks.
• Oversee supplier performance, SLAs, and continuous improvement.
• Coordinate incident response across internal teams and external partners.

• Own security architecture and policy oversight for Cato SASE.
• Ensure effective integration between network security, identity, endpoint, and SIEM tooling.
• Work closely with infrastructure and cloud teams to ensure secure‑by‑design solutions.

• Own and maintain compliance with GDPR (in collaboration with Legal / DPO where applicable).
• Obtain and maintain Cyber Essentials Plus accreditation.
• Obtain and maintain ISO 27001 accreditation (ISMS operation, audits, continuous improvement).
• Manage risk registers, DPIAs, supplier security assessments, and audit findings.
• Lead internal and external audits and remediation activities.

• Own and test incident response plans, playbooks, and escalation models.
• Coordinate response to security incidents, including regulatory and customer communications where required.
• Support business continuity and disaster recovery planning from a security perspective.

• Act as a trusted advisor to IT, operations, and senior management.
• Provide pragmatic security guidance to non‑technical stakeholders.
• Lead security awareness and training initiatives across the organisation.

Essential:

• Proven experience in an Information Security Manager / Cyber Security Manager role.
• Strong hands‑on experience with Microsoft 365 security tooling, especially Defender and Sentinel.
• Experience working with outsourced SOC services and MSSPs.
• Solid understanding of GDPR, including DPIAs and incident reporting.
• Practical experience delivering and maintaining Cyber Essentials Plus.
• Experience operating or contributing to an ISO 27001 ISMS.
• Strong knowledge of identity, endpoint, network, and cloud security principles.
• Experience supporting environments with mobile‑first and frontline workers.

Preferred:

• Experience in multi‑entity or acquisitive organisations.
• Familiarity with SASE platforms (especially Cato Networks).
• Knowledge of NCSC / NIST / CIS security frameworks.
• Experience working in regulated or safety‑critical environments.

• CISSP, CISM, or equivalent.
• ISO 27001 Lead Implementer / Auditor.
• Microsoft Security certifications (SC‑200, SC‑300, SC‑400, etc.).

• Pragmatic and risk‑based (not “checkbox security”).
• Comfortable balancing strategic leadership with operational oversight.
• Able to influence without authority and work cross‑functionally.
• Calm and structured under pressure during incidents.
• Strong written and verbal communication skills.

• £80,000 – £100,000 (depending on experience).
• Bonus / performance incentives.
• Pension and benefits.
• Hybrid working.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, colour, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability.

Need more info? Yasmin will answer your questions.

y.hussain@mecsia.com