Banner Default Image

Director Information Security

Back to job search

Director Information Security

  • Location:


  • Job type:


  • Salary:


  • Contact:

    Jessica Bhard

  • Contact email:

  • Contact phone:

    0203 854 2230

  • Published:

    29 Tage her

  • Expiry date:


Role: Director Information Security

Location: Gloucestershire, UK

Salary: Dependent on experience

Locke & McCloud are seeking an experienced Information Security professional who is looking to develop and own a GRC function, providing numerous services to clients. You will have consultancy experience and look for new ways to increase services to the organisation's client base.

The work includes large projects working across, but not limited to: financial services, insurance, defence, retail and energy.

You will report directly into the COO.

Key Responsibilities:

  • To deliver and oversee consistently high-quality GRC based information security consultancy services to new and existing clients.

  • To be responsible for a team that delivers high quality GRC services to clients and prospects.

  • To be responsible for an agreed level of utilisation of own and GRC team delivery.

  • To effectively manage a GRC team that meets company objectives, including required profit margins.

  • To deliver and oversee consistently high-quality GRC based information security consultancy services to our clients.

  • Engaging with colleagues in the technical / testing and sales teams to drive future client requirements and support sales/pre-sales initiatives.

  • To produce client reports describing the output of your work to a consistently high standard and in a timely manner.

  • Drive the QA process in respect of peer reviews and manage this in line with existing workloads and demands.

  • Own and develop the vCISO service.

  • Development of new service lines to meet customer requirements and the strategic objectives of the business such as DPOaaS, or services linked to emerging legislation (e.g. DORA).

  • To assist with internal business operations such as GRC service line developments, sales and process improvements.

About you:

  • GRC certifications, for example: PCI QSA / NCSC CCP / Chartered Status (e.g. with BCS, CIISEC, or equivalent).

  • Excellent communication skills (written and verbal).

  • Ability to work independently on-site and in the home work environment.

  • Experience in supporting security control frameworks, such as NIST and ISO27001/2.

  • Experience of ISO27001/ISMS implementation or audit.

  • Recognised industry qualification (CISSP, CISM, CEH, CISA).

  • Able to translate Information Security and IT risk language into business language.

  • Risk Management methodologies, frameworks, and standards (ISO 27001, ISO31000, ITIL, COBIT).

  • Able to build and maintain relationships and influence key stakeholders across the business.

  • A creative and analytical mind with good stakeholder interfacing and excellent communication skills.


Locke & McCloud are the UK’s leading cyber security & information security staffing company – through having a sole focus on the cyber & information security space we have been able to foster solid relationships with some of the UK’s most exciting cyber security consultancies & end users. Our focus on the information security space allows us to be able to help you find the most exciting opportunities in the cyber security market. If you are on the lookout for your next cyber security or information security role, please get in touch!