Chief Information Security Officer (CISO)

Chief Information Security Officer (CISO)

My client, a top International Insurance firm based in London, is looking for a Chief Information Security Officer. The role requires working two days per week in the office.

Key non negotiable requirements:

• Come from a tech background i.e. be hands on
• Been involved in Security technology transformation projects
• Been able to operate in a product agile way
• Dealing directly with regulators
• Know security inside out around applications/infrastructure, security products

About the CISO role:

Job overview: Are you a strategic security leader with a passion for safeguarding assets, data, and reputation in a complex financial environment? My client is committed to protecting their customers, employees, and business operations through innovative security strategies and industry leading practices. As their UK&I Chief Security Officer, you'll be at the forefront of defining and executing our security vision, ensuring regulatory compliance, and driving resilience across our organisation. This is a unique opportunity to make a tangible impact at a leading insurer, shaping the future of security in an evolving industry.

Key responsibilities:

• Lead the development and execution of the UK&I security strategy, ensuring alignment with corporate standards and regulatory requirements.
• Oversee security governance frameworks, monitor KPIs and KRIs, and report on security performance to senior leadership and the board.
• Manage risk assessment and mitigation activities, including control implementation, assurance programs, and audit responses.
• Drive incident response, business continuity, and resilience initiatives to safeguard physical and information security.
• Ensure ongoing compliance with FCA, PRA, and other relevant regulatory standards; support audits and maintain certifications.
• Lead, motivate, and develop security teams and collaborate with Group security functions to ensure consistency and effectiveness.
• Promote a security aware culture through training, awareness campaigns, and embedding security best practices across the organisation.
• Represent my client at external industry forums, regulators, and security bodies to influence standards and maintain the organisation's reputation.

Work arrangements: At my client they work smart, empowering our people to balance their time between home and the office in a way that works best for them, their team and our customers. You'll work at least two days a week (40%) away from home, moving to three days a week (60%) in the future. Away from home means attending the office, visiting clients or attending industry events.

Your skills & experience:

• Extensive experience managing security in large, complex organisations, within the financial services sector.
• Strong leadership and influencing skills, with the ability to manage and motivate large teams and engage stakeholders at all levels.
• Deep expertise in information security architecture, cloud security, risk assessment, and control frameworks (ISO 27001, NIST).
• Proven ability to develop and implement strategic security initiatives aligned with business objectives.
• Demonstrated experience managing substantial budgets and leading large scale security projects.
• Excellent communication skills, capable of articulating complex security concepts to non technical audiences and senior executives.
• A degree in Information Technology, Cybersecurity, or a related field; professional certifications such as CISM, CISSP, or ISO 27001 Lead Implementer are preferred.
• Resilience, adaptability, and a proactive approach to emerging threats and industry trends.

Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates.

About the job

Contract Type: Permanent
Focus: Information Security
Workplace Type: Hybrid
Experience Level: Executive
Location: London
Salary: £250,000 - £300,000 per annum