Chief Security Officer (CSO)

Worker Type: Employee Application End Date: 07-05-2026We are using and creating technology to transform operations at sea to enable people and the planet to thrive.We are open-minded and fearless in our approach to innovation and don't believe in boundaries. We challenge everything and have massive ambitions to drag aging industries into the tech era.We take safety, equality and education very seriously, and our responsibilities don't stop at our front door. Our business is built on the belief that there's definitely a more environmentally responsible way to operate at sea.We employ people who share our core values. We expect our people to be courageous, trustworthy, and conscientious, driven by a desire to do the right thing. We strive for excellence, work collaboratively, and are genuinely excited by our work.We offer opportunities for our people to develop beyond their role and span a multitude of disciplines. These are open to all, regardless of background and experience level. Working with us means being part of a team that is harnessing technology and creativity to disrupt a traditional industry.We are not your average workplace.Ocean Infinity is seeking a Chief Security Officer (CSO) to provide enterprise level ownership of security risk across the Group, spanning cyber, information, physical and personnel security. This is a senior leadership role responsible for setting direction, standards and assurance, and for representing Ocean Infinity to executives, the Board, auditors, regulators and government / defence customers.The CSO is accountable for security outcomes, not for running day to day operations. Security execution remains federated: entity Security Controllers and the Cyber function retain operational responsibility, with dotted line accountability to the CSO to ensure consistency, auditability and credible leadership ownership.The role reports to the Executive team and works closely with Technology, Legal, HSEQ, Operations and Commercial leadership. What will you do: Enterprise security leadership & accountability Act as the single accountable owner of security risk across Ocean Infinity, covering cyber, information, physical and personnel security. Establish and maintain a clear Group security strategy and operating model aligned to business growth, defence and government requirements. Provide visible, auditable management ownership of security, addressing regulatory and certification expectations (e.g. ISO 27001). Governance, standards and assurance Define and own Group security policies, standards and minimum controls across all entities. Ensure consistent risk assessment, reporting and assurance across the Group. Oversee audit readiness and remediation, and act as executive sponsor for security related audits and certifications. Federated operating model leadership Lead a federated security model, with: + Entity Security Controllers accountable for local delivery (including physical and human security at site level). + The Cyber function retaining delivery responsibility within Technology. Provide direction, challenge and escalation through formal dotted line accountability, without centralising day to day operations. Cyber security oversight Own the enterprise cyber risk posture, ensuring cyber capabilities, controls and response are appropriate to business and threat context. Set expectations for cyber resilience, incident response and recovery, working in partnership with Technology leadership. Physical & personnel security (enterprise level) Own Group level policy, standards and assurance for physical and personnel security. Ensure site level and contract specific requirements are clearly owned and delivered by entity Security Controllers, particularly in defence regulated environments. External credibility & stakeholder engagement Act as the senior security representative for government, defence and regulated customers, insurers, auditors and regulators. Support bids and contracts by providing credible assurance of Ocean Infinity's security posture and leadership ownership. Risk escalation & decision support Provide clear, evidence based security risk advice to the Executive team and Board. Escalate material risks and non compliance, ensuring informed and timely decisions. Who you are: Experience & expertise Extensive senior leadership experience in enterprise security, cyber security or protective security within complex, regulated or defence adjacent environments. Proven experience operating as an accountable executive owner of security risk, rather than solely as a technical or operational specialist. Strong understanding of federated operating models, with the ability to influence and hold leaders to account without direct line management. Experience engaging with auditors, regulators, government or defence customers. Skills & capabilities Strategic thinker with the ability to translate risk into clear executive level insight. High credibility with senior stakeholders; able to act as a trusted advisor to the Executive team and Board. Strong judgement, integrity and discretion when handling sensitive and classified matters. Able to balance pragmatism with rigour in a fast moving, operationally complex environment. Personal attributes (Ocean Infinity values) Thoughtful, thorough and conscientious. Acts in the best interests of the team and the business. Takes ownership and accountability for outcomes. Integrity, credibility and maturity in confidential situations. Clear, confident communicator with strong interpersonal skills. Driven, proactive and comfortable operating with ambiguity. Desirable Experience in defence, critical infrastructure, maritime or highly regulated industries. Familiarity with ISO 27001 and related security and risk frameworks. Experience working with cyber insurance, incident response and crisis management at executive level. Salary for this position: Up to £170,000 per annum Salary : The salary varies for this position as we are recruiting in multiple regional locations and job grades. The salary process is based on skills, abilities, and experience required. What you can expect: At Ocean Infinity, we believe in creating equal opportunities for all, celebrating each and everyone's differences. We are driven by transforming the industry, through our technology, thoughts, behaviours and actions. Being inclusive and respectful to all is fundamental to who we are. It is the right thing to do and enables innovation and creativity to thrive.There is more work to be done, and we know that we aren't perfect, but our commitment to these values is unwavering. They are central to our mission and the impact we have on the industry, meaning, we cannot live without them.