Chief Information Security Officer

A rare opportunity to lead enterprise-wide cyber security and information protection at one of the most critical moments in an organisation’s evolution.

We are partnering with a global consulting and project-led business undergoing major technology transformation, standalone environment separation and international digital modernisation. Security, resilience and trust sit at the heart of this journey.

This is not a traditional “keep the lights on” CISO role.

This is a high-impact executive leadership position with direct influence across Board governance, cyber strategy, operational resilience, client trust, digital transformation and investor confidence.

The Opportunity

The Chief Information Security Officer will define and lead the organisation’s global security strategy, protecting highly confidential client, commercial, regulated and national-security-sensitive information across multiple international jurisdictions.

You will operate at Executive level while leading enterprise-wide cyber governance, security operations, resilience, data protection and transformation security.

This role will be central to:

• Building a mature, risk-led global security capability
• Securing complex technology separation and TSA exit programmes
• Leading cyber resilience and emergency response
• Embedding security into cloud, collaboration, AI and digital services
• Managing global data sovereignty and cross-border compliance obligations
• Protecting enterprise reputation, operational continuity and client trust

The Environment

The organisation operates globally across complex, highly regulated and confidentiality-sensitive environments with clients spanning infrastructure, critical services, public sector and complex international programmes.

The successful individual must be comfortable operating in:

✔ Global multi-jurisdiction environments

✔ Board and investor-facing settings

✔ High-growth transformation programmes

✔ Complex cloud and collaboration ecosystems

✔ Crisis and incident leadership situations

✔ Highly confidential and regulated delivery environments

What We’re Looking For

We are seeking a commercially minded, technically credible and highly pragmatic security leader who can balance security, compliance, usability and business growth.

You will bring:

• Significant senior leadership experience in information security, cyber risk or CISO-level roles within a global, regulated, complex or professional services environment.
• Proven experience securing organisations that handle highly confidential client, commercial, personal, regulated or national-security-sensitive information in a global capacity.
• Deep practical knowledge of global data sovereignty, data residency, international data transfers, privacy, encryption, access segregation and lawful processing.
• Experience operating across multiple jurisdictions, ideally including the UK, EU, US, Middle East and Asia-Pacific.
• Strong understanding of GDPR, UK data protection requirements, international transfer mechanisms, client contractual controls and cyber/security regulatory expectations.
• Proven experience providing board-level cyber risk reporting, including clear articulation of risk posture, control maturity, investment priorities, incident exposure, remediation progress and decisions required.
• Experience engaging with executive committees, audit/risk committees, investor stakeholders and non-technical senior leaders on cyber risk, compliance exposure and operational resilience.
• Experience leading emergency cyber response, including incident triage, containment, executive escalation, recovery, legal/regulatory coordination, client communication and post-incident improvement.
• Experience leading security through major transformation, carve-out, separation, divestment, TSA exit, cloud migration or operating model change.
• Strong knowledge of cloud security, identity and access management, Microsoft security, DLP, endpoint protection, SOC/SIEM/XDR, vulnerability management, zero trust and third-party risk.
• Experience working with system integrators, managed security providers, cloud providers, legal teams, compliance teams, regulators, auditors and external advisers.
• Demonstrable ability to balance security, compliance, usability, delivery pace and commercial outcomes in a complex, fast-moving environment.