Head of InfoSec

Head of Information Security

Location: London Rate: Up to £1,000/day outside IR35 Hybrid: 50% of time onsite Sector: Strong regulated industries Contract Type: 6-9 months contract Job Summary: Our client, a leading legal firm, is seeking an experienced Head of Information Security to lead their security function and drive enterprise-wide strategy. This senior leadership role requires someone with a strong legal sector background who can quickly assess their current security posture, identify improvement opportunities, and establish strategic roadmaps.

The ideal candidate will bring substantial exposure to data processing, enterprise applications, and outsourced systems, with proven experience in systems design, project management, and crisis management. You will be a highly technical, hands-on CISO with strong credentials and proven leadership experience. They strongly prefer candidates from law firms or regulated industries who have maintained technical involvement rather than purely strategic oversight roles. The ideal candidate will demonstrate collaborative skills, cultural fit, and flexibility to integrate quickly into their established team environment.

Key responsibilities:

• Develop, implement, and manage enterprise-wide security strategy in partnership with senior stakeholders
• Assess current information security maturity and develop a strategic roadmap to achieve the target state
• Take ownership of ongoing audit projects and ensure successful completion and remediation
• Establish and maintain a governance framework for Information Security Management System (ISMS)
• Lead ISO 27001 compliance initiatives and accreditation processes across the organization
• Design and execute crisis management exercises to enhance organizational cyber readiness
• Chair the Enterprise Information Security Forum and participate in the Enterprise Risk Committee

Qualifications and Requirements

• Extensive experience leading enterprise-level Information Security functions within the legal sector or regulated industries
• Demonstrated ability to assess current security posture and develop strategic improvement roadmaps
• Experience managing audit projects and remediation activities with a successful delivery track record
• Strong people management skills with experience leading and developing security teams
• Demonstrated success implementing ISO 27001 across multiple organizations with accreditation experience
• Strong background in developing and executing security policies, standards, and remediation programs
• Industry certifications such as ISC2 CISSP/SSCP, SANS/GIAC GSEC, or ISACA CISM/CISA
• Outstanding communication skills with ability to present complex security concepts to diverse audiences

To be considered, please ensure you complete your application on the Computappoint website. Services offered by Computappoint Limited are those of an Employment Business and/or Employment Agency in relation to this vacancy .