Head of Security

Position Head of Security (Cyber Security) Reporting to CTO Location Remote - United Kingdom Job Type Full-time, Permanent Salary Competitive, based on experience + benefits + bonus potential About the Company The Investigo Group (TIG) is a dynamic coalition of cutting‑edge tech firms specialising in Platform, Software, Data, AI and other bleeding‑edge technology solutions. Our innovative prowess spans the globe while proudly hailing from the United Kingdom. The group is multi‑functional with a large portfolio of B2B products and services. IIS provides secure internet access in both the public and private sectors. Its mission is to deliver world‑class secure internet capabilities enhancing productivity across diverse skillsets and organisations. Vestigo Consulting is our training and consultancy company, tailored around specialist sector‑specific knowledge, and provides regular courses and CPD for our community. The consultancy side concentrates on expert support of our customers as well as specifically assigned individual deployments. Collaboraite is a bleeding‑edge company that provides our Data and AI capability. A collaborative partner for designing user‑centred secure data solutions to overcome operational hurdles, delivered through design thinking and agile coaching. Diversity, Equity, and Inclusion (DEI) are at the heart of TIG. We're dedicated to creating a workplace where people from all backgrounds are not only welcome but empowered to excel. We actively seek diverse talent, promote fairness, and foster an inclusive environment where every voice matters, driving innovation and progress in our dynamic tech community. About You You are an accomplished security leader with the credibility to influence at Board level and the technical depth to guide teams across cyber, physical, personnel, and operational resilience. You thrive in complex, high‑stakes environments where risk management, regulatory compliance, and innovation must coexist. You are equally comfortable defining long‑term strategy as you are rolling up your sleeves to solve immediate challenges. With a strong track record of building and leading multidisciplinary teams, you foster a culture of accountability, collaboration, and continuous improvement. You bring proven experience of shaping security functions in government, defence, critical national infrastructure, or highly regulated commercial sectors, and are fluent in the language of both security operations and business transformation. Above all, you see security as a business enabler; protecting today while preparing for tomorrow. About the Team The Security & Resilience team spans cyber, physical, personnel, and operational resilience. The function is responsible for delivering the organisation‑wide Security Strategy, overseeing security operations, architecture, compliance, and risk management, as well as leading resilience and incident response activities. As Head of Security, you will build and lead this cross‑disciplinary team, ensuring continuous development, resource alignment, and the delivery of targeted training and awareness programmes. The team works closely with engineering, DevSecOps, compliance, legal, and senior leadership to embed security‑by‑design and enable scalable, business‑aligned security practices. About the Role We’re looking for a seasoned and strategic Head of Security to take ownership of our organisation’s entire security landscape, spanning cyber, physical, personnel, and operational resilience. This is a senior leadership role at the heart of the business, ensuring that security not only protects but also enables our growth. You will set and deliver a comprehensive security strategy that balances commercial ambitions with risk management, regulatory compliance, and resilience. Acting as a trusted advisor to the Board, you’ll provide clear visibility of emerging threats, opportunities, and priorities while shaping security as a true business enabler. Leading a high‑performing, cross‑disciplinary team, you will drive innovation across security operations, architecture, risk, and assurance, embedding a security‑first culture that supports our long‑term success. Key Responsibilities Strategic Leadership & Governance Report on key performance indicators (KPIs), threat landscape, and security posture to the Board of Directors. Lead the development and delivery of the organisation‑wide Security Strategy. Align security operations with commercial expansion goals and emerging geopolitical and sector trends. Champion a security‑first culture across all departments. Shape security as a business‑enab​ing capability. Security Operations & Architecture Oversee the design, implementation, and operation of a modern Security Operations Centre (SOC), resilience programmes, red‑team­ing, insider threat monitoring, and secure architecture consulting. Lead proactive threat intelligence, detection, and response efforts. Drive the implementation of security‑by‑design principles in collaboration with engineering and DevSecOps teams. Create and mature a Security Architecture function supporting SSDLC and product security. Risk, Compliance & Assurance Own the enterprise risk register, redefining the organisation’s approach to risk and resilience. Ensure full compliance with local, international, and sector‑specific standards (GDPR, etc.). Oversee supply chain and third‑party risk assessments, security onboarding, and vendor compliance. Lead ISMS development and manage external audits and certifications. Team Leadership & Development Build and lead a cross‑disciplinary security team (cyber, physical, personnel, and resilience). Ensure continuous development and resource alignment across the function. Deliver targeted training, simulations, and awareness campaigns to build a secure‑by‑default workforce. Establish performance tracking dashboards and feedback loops to measure effectiveness and drive continuous improvement. Engagement & Stakeholder Management Actively participate in the Senior Leadership Team, contributing to enterprise‑level transformation and strategy. Collaborate with legal, compliance, and engineering teams to ensure holistic and scalable security practices. Engage with external regulators, government bodies, and strategic partners to share intelligence and influence standards. Resilience & Incident Management Lead organisation‑wide incident response, recovery, and post‑incident review processes. Design and scale resilience testing (e.g. tabletop exercises, scenario simulations) to improve organisational maturity and customer trust. Success in This Role Looks Like A clear, board‑approved Security Strategy is in place, actively aligning security priorities with business growth and regulatory requirements. The organisation has full visibility of key risks, with proactive reporting and measurable improvements to security posture and resilience. A high‑performing, cross‑disciplinary security team is established, continuously developed, and recognised as a trusted partner across the business. Security operations, including SOC, threat intelligence, incident response, and secure architecture are running effectively, with security‑by‑design embedded into products and services. Compliance with sector‑specific standards is demonstrable through successful audits, certifications, and vendor risk management. Incident response and resilience exercises are embedded into business‑as‑usual, strengthening customer trust and organisational readiness. A strong security culture is visible across the workforce, supported by awareness campaigns, training, and leadership engagement. Why Join Us Play a critical role in shaping the future of security in a fast‑growing, mission‑driven organisation. Work closely with the Board and Senior Leadership Team to influence real change. Lead innovative security programmes at the intersection of commercial, operational, and national security domains. Access to unique sector opportunities, collaborative government networks, and meaningful impact on society. Requirements Proven experience in a senior InfoSec or Head of Security role, preferably in government, defence, law enforcement, or highly regulated sectors. Deep understanding of risk management, compliance, and resilience within complex organisations. Strong leadership and communication skills, with experience advising C‑level stakeholders and Boards. Technical fluency across cybersecurity, security architecture, threat intelligence, and secure development lifecycles. Demonstrable track record of building high‑performing, cross‑functional security teams. Experience with security standards and frameworks. Strategic thinker capable of translating evolving threat landscapes into actionable business outcomes. Security Clearance Requirements Please note that holding current SC clearance is not essential at the point of application, but eligibility is required. This role requires the successful candidate to be eligible for Security Check (SC) clearance. To meet this requirement, applicants must: Have the right to work in the UK. Have lived in the UK continuously for the past 5 years. Not have spent more than 6 months outside the UK in total during that period. Be willing to undergo security vetting as part of the onboarding process. Benefits Flexible Working: We offer a hybrid & remote working models. Private Medical Inclusive Culture: Enjoy an inclusive culture and environment. Flexible Benefits: A flexible benefits programme to suit your needs (discounts etc). Holiday: Generous holiday allowance. Learning: Access to continuous learning and development opportunities. Bonus Potential: Bonus potential based on performance and business‑related factors. Discounts: Discounts on a wide range of products and services. Pension: Pension scheme contributions with Government Top‑Up. EV Car Scheme More Benefits: Explore additional benefits on our career site. Our Process Our talent acquisition team will be in touch if you're successful, the team will arrange a short screening call (max 30 minutes) to learn more about you, and what you are looking for and answer any questions you may have. If all goes well, the team will share your profile with the hiring manager for review. Our interview process is tailored to each role but typically the first half of the process is run remotely with a final stage on‑site. For this position, you can expect a two‑stage interview process: 1st stage – An informal 30‑minute video call with the hiring team to discuss your skills and relevant experience. This is an excellent opportunity to learn more about the role and ask any questions. 2nd stage – A 60‑90‑minute formal interview where you can anticipate competency and technical questions. As an inclusive employer, please inform us if you require any reasonable adjustments. Equal Opportunities Here at TIG we are committed to equal opportunities and value diversity, equity and inclusion at our company. We do not discriminate based on race, religion, colour, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. As a Group, we seek to ensure that individuals with disabilities receive reasonable accommodation throughout the hiring process and ultimately within the job itself. Please contact us to request any accommodations. #J-18808-Ljbffr