Head of Data Security

About the Organisation

This organisation is a global specialty insurer operating in a highly dynamic and regulated environment. It is recognised for its expertise within selected markets, disciplined approach to risk management, and strong financial foundations.

The organisation places equal emphasis on long‐term sustainability, innovation, and creating an environment where individuals are empowered to deliver high‐quality outcomes. Collaboration, accountability, and forward‐looking thinking underpin how teams operate across the business.

The Function

The role sits within a central technology and operations capability that enables the organisation to operate effectively at scale. This function is responsible for the delivery, resilience, and continuous improvement of technology, data, and security services that support business objectives globally.

The team works closely with business and risk stakeholders to ensure that platforms, services, and controls are secure, compliant, and aligned with strategic priorities. The culture is inclusive and delivery‐focused, encouraging innovation while maintaining strong operational discipline.

Role Purpose

The Head of Data Security provides strategic and technical leadership for enterprise‐wide data security, with particular emphasis on data leakage prevention and long‐term cryptographic resilience.

The role is accountable for defining and embedding the organisation’s approach to protecting sensitive information throughout its lifecycle, while preparing the business for emerging risks associated with advances in cryptography and quantum computing. It plays a key role in influencing risk reduction initiatives across technology, business, and governance domains.

Key Accountabilities

  • Define and lead the organisation’s data security strategy, with end‐to‐end ownership of data leakage prevention across applications, platforms, and endpoints.
  • Design, implement, and mature data loss prevention (DLP) capabilities, including policy, tooling, monitoring, and response processes.
  • Establish enterprise governance for data classification, handling standards, encryption controls, and secure data lifecycle management.
  • Lead the assessment of cryptographic risk and define a pragmatic roadmap for quantum and post‐quantum cryptographic readiness.
  • Evaluate and oversee the adoption of cryptographic technologies aligned with current best practice and emerging industry standards.
  • Work closely with technology, architecture, legal, compliance, and risk teams to embed data protection and security by design.
  • Track external developments in regulation, threat landscape, and industry guidance relevant to data security and cryptography.
  • Act as a senior subject‐matter expert during data‐related security incidents and investigations.
  • Manage relationships with specialist technology vendors and advisory partners.

Measures of Success

  • A clearly articulated, organisation‐wide data security and DLP strategy with defined ownership, governance, and reporting.
  • Demonstrable reduction in data leakage exposure, supported by effective controls and improved visibility of data risk.
  • Delivery of a credible and prioritised post‐quantum or cryptographic‐readiness roadmap aligned to business risk appetite and regulatory expectations.

Required Experience and Capabilities

  • Substantial experience in senior data security, information security, or cyber security leadership roles.
  • Strong expertise in data loss prevention, data classification, encryption technologies, and secure data lifecycle controls.
  • Solid understanding of cryptographic principles, key management practices, and secure data architectures.
  • Hands‐on experience designing and implementing enterprise‐scale DLP solutions across cloud, on‐premises, and endpoint environments.
  • Demonstrated ability to articulate complex technical risks in a clear and pragmatic manner to senior, non‐technical stakeholders.
  • Proven ability to operate across multiple stakeholder groups within technology, risk, and the wider business.
  • Relevant professional certifications (e.g. CISSP, CISM, CCSP, or specialist cryptography‐related qualifications).
  • Awareness of emerging regulatory and industry standards, including post‐quantum cryptography guidance.

Desirable Experience

  • Practical exposure to quantum or post‐quantum cryptography initiatives, or broader cryptographic agility programmes.
  • Experience operating in highly regulated industries such as insurance, financial services, or healthcare.
  • Involvement in leading or supporting significant data security incidents or breach investigations.

Reward and Environment

The organisation offers a competitive remuneration and benefits package, alongside the opportunity to work within a global, fast‐evolving business. The role provides significant scope to shape strategy, influence senior stakeholders, and deliver long‐term value in a critical risk domain.

The organisation is committed to equal opportunity and building a diverse and inclusive workplace.

Apply Now
Apply Now

Job Details

Company
Opus Recruitment Solutions
Location
London Area, United Kingdom
Posted