2 of 2 Permanent Head of Information Security Jobs in the North East

Head of Information Security Governance, Risk and Compliance & Awareness - Doxford, SR3 3XP Arriva is a leading European passenger transport partner, operating in 11 countries across the UK and Europe. The company employs around 35,000 people, delivering more than 1.5 billion passenger journeys connecting people and communities safely, reliably and sustainably. We have strong roots dating … growth and sustainability agenda, and a continuously developing relationship with I Squared Capital – a global infrastructure investment fund manager - who acquired Arriva in 2024. We are looking for a Head of Information Security Governance, Risk, Compliance (GRC) & Awareness to join our Information Security Team on a full time, permanent basis, based from either our … Doxford office, Sunderland or Lacon House, London. Reporting to the Group Chief Information Security Officer, the Head of InfoSec GRC & Awareness is responsible for leading the governance, risk, and compliance functions within the Information Security domain. This role ensures that the organisation maintains a robust security posture through the development and enforcement of More ❯

TrueNorth are working with a fast growing tech company who are looking to recruit a dedicated Head of Information Security to join the team. The right candidate for this role will have extensive experience of the implementation and maintenance of various information security standards including: ISO27001, CyberEssentials (Plus), GDPR, NIST etc - you … would also naturally be the person leading responses to audit and information requests too. You will ideally have worked with a company of a similar size or larger, circa 500 employees - it would also be beneficial to have experience in organisations that are tech companies or heavily tech focussed as well as using a lot of SAAS … products. Key skills and experience required: Excellent leadership and stakeholder engagement. Detailed understanding of information security frameworks (ISO 27001, GDPR, Cyber Essentials Plus), and how to implement, apply and maintain them Incident investigation, reporting, and post-incident review capabilities. Design, implementation, and maintenance of ISMS and security controls. In-depth understanding of security More ❯