-
View all jobs
About You
Do you thrive on shaping information security goals and setting the direction and vision of information security, specifically in a hybrid cloud environment?
Does identifying potential security vulnerabilities across multiple platforms and planning remediation activities come as second nature to you?
Do you have the technical security expertise to ‘shift left’ when it comes to increasing the maturity of information security operations as part of cloud development?
Do you have hands-on experience managing information, cybersecurity incidents, and data breaches?
If so, then you could be just what we are looking for. Read on to find out more…
The role
As Head of Information Security at Heywood, your role will be to develop, shape and update the Company’s information security capability, ensuring our hybrid cloud environment remains secure against an ever-changing threat landscape.
Key Responsibilities Include
Information security strategy
Continue to develop the Information Security Strategy, ensuring alignment to the Company’s IT strategy and business goals and create the required metric reporting to track progress to be presented to the Board
Communicate the information security strategy to relevant parties, as well as developing supporting policies and procedures required to meet the strategy
Develop, maintain, and expand the Cyber Risk Management Framework as part of the overall Information Security Management System (“ISMS”)
Responsible for the Company’s information security capabilities, including the technical training and awareness of colleagues, ensuring it remains prepared against an ever-changing threat landscape
Work with the other department heads to develop a security community and security conscious culture.
Operational input
Contribute to design and architectural decisions and improve the approach to the Company’s threat modelling
Lead on information security incidents and work directly with internal teams and external parties on containment and mitigation activities, as well as preparing for incidents by running threat simulations, tabletop and red team exercises
Assess emerging and potential security threats using the Cyber Risk Management Framework and act proactively to mitigate relevant threats
End-to-end vulnerability management across the hybrid cloud environment
Manage security toolset, including managing the relationship with the third-party provided SOC
Provide security reviews of new technologies to support business strategy such as AI
Provide a standard assurance response to customers regarding our security posture
Support bid and tender responses by providing relevant information.
Preferred Skills, Qualifications And Experience
Industry certifications such as CISSP, CCSP, CISM, or equivalent
Expert in information security
Strong understanding of cloud security principles and best practices, particularly in AWS
Experience in managing security incidents and leading incident response
Excellent knowledge of security frameworks, standards, and regulations, including ISO 27001, SOC 2, HIPAA, GDPR, etc.
Good communication and interpersonal skills, with the ability to effectively communicate security-related questions to technical and non-technical stakeholders (employees, customers, and/or partners)
Project management skills, with the ability to manage projects such as processes implementation and improvement, security systems implementation
Ability to collaborate cross-functionally and influence stakeholders at all levels of the organisation.
Do you thrive on shaping information security goals and setting the direction and vision of information security, specifically in a hybrid cloud environment?
Does identifying potential security vulnerabilities across multiple platforms and planning remediation activities come as second nature to you?
Do you have the technical security expertise to ‘shift left’ when it comes to increasing the maturity of information security operations as part of cloud development?
Do you have hands-on experience managing information, cybersecurity incidents, and data breaches?
If so, then you could be just what we are looking for. Read on to find out more…
The role
As Head of Information Security at Heywood, your role will be to develop, shape and update the Company’s information security capability, ensuring our hybrid cloud environment remains secure against an ever-changing threat landscape.
Key Responsibilities Include
Information security strategy
Continue to develop the Information Security Strategy, ensuring alignment to the Company’s IT strategy and business goals and create the required metric reporting to track progress to be presented to the Board
Communicate the information security strategy to relevant parties, as well as developing supporting policies and procedures required to meet the strategy
Develop, maintain, and expand the Cyber Risk Management Framework as part of the overall Information Security Management System (“ISMS”)
Responsible for the Company’s information security capabilities, including the technical training and awareness of colleagues, ensuring it remains prepared against an ever-changing threat landscape
Work with the other department heads to develop a security community and security conscious culture.
Operational input
Contribute to design and architectural decisions and improve the approach to the Company’s threat modelling
Lead on information security incidents and work directly with internal teams and external parties on containment and mitigation activities, as well as preparing for incidents by running threat simulations, tabletop and red team exercises
Assess emerging and potential security threats using the Cyber Risk Management Framework and act proactively to mitigate relevant threats
End-to-end vulnerability management across the hybrid cloud environment
Manage security toolset, including managing the relationship with the third-party provided SOC
Provide security reviews of new technologies to support business strategy such as AI
Provide a standard assurance response to customers regarding our security posture
Support bid and tender responses by providing relevant information.
Preferred Skills, Qualifications And Experience
Industry certifications such as CISSP, CCSP, CISM, or equivalent
Expert in information security
Strong understanding of cloud security principles and best practices, particularly in AWS
Experience in managing security incidents and leading incident response
Excellent knowledge of security frameworks, standards, and regulations, including ISO 27001, SOC 2, HIPAA, GDPR, etc.
Good communication and interpersonal skills, with the ability to effectively communicate security-related questions to technical and non-technical stakeholders (employees, customers, and/or partners)
Project management skills, with the ability to manage projects such as processes implementation and improvement, security systems implementation
Ability to collaborate cross-functionally and influence stakeholders at all levels of the organisation.
Key Skills
Ranked by relevance
cloud
cloud security
cybersecurity
cissp
hipaa
gdpr
cism
ccsp
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Cybersecurity Engineer
2026-06-19
Full-time
Not Applicable
Turkey
Research Services
Information Technology
View Job Details
Related
UX Designer
2025-03-25
Full-time
Mid-Senior
United Kingdom
IT Services
Information Technology
View Job Details
Related
Network Lead
2026-06-19
Contract
Mid-Senior
United Kingdom
IT Services
Information Technology
Login to Apply
- Posted
- Jun 04, 2025
- Type
- Full-time
- Level
- Director
- Location
- Altrincham
- Company
- Heywood
Industries
IT Services
IT Consulting
Categories
Information Technology
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Cybersecurity Engineer
2026-06-19
Full-time
Not Applicable
Turkey
Research Services
Information Technology
View Job Details
Related
UX Designer
2025-03-25
Full-time
Mid-Senior
United Kingdom
IT Services
Information Technology
View Job Details
Related
Network Lead
2026-06-19
Contract
Mid-Senior
United Kingdom
IT Services
Information Technology