We’re Hiring: Head of Security

Head of Security

Location: London

Reporting to: Group CEO

The Role:

As a member of the Conosco Leadership Team, the primary role of the Head of Security is to oversee both the UK-based consulting capability as well as the South Africa-based SOC teams and manage the Conosco Security Division (CSD) as a whole. Additionally, to define and create the CSD B2B service offerings and departmental documentation/procedures, drive the growth of the CSD revenue and capability (both technical and resource), and champion information security internally to Conosco, the Group, and its clients.

Job Responsibilities

  • Plan and execute the growth strategy for the CSD, including marketing and sales-related responsibilities
  • Oversee the planning, QA and delivery of CSD consulting work to clients and prospects
  • Deliver services to clients including ISO27001 implementation and audits, general security audit and consulting services, and technical security incident investigations
  • Review and implement the creation of additional CSD capabilities and offerings across both Consulting and Security Operations Centre (SOC) workstreams
  • Manage Conosco’s internal security monitoring, vulnerability posture and information protection
  • Plan and deliver Information Security awareness training, and champion Information and Cyber Security within Conosco, and for our clients.
  • Ultimate responsibility for Conosco’s ISO 27001 ISMS and GDPR compliance
  • Be the Security Subject Matter Expert for Conosco and wider Tosca Group
  • Lead the Conosco Security Division to meet its objectives and KPIs

Job Duties

  • Reporting on Conosco’s ISMS and security posture to the Group CEO and Leadership Team
  • Leading regular CSD team meetings
  • Participate in regular client meetings as required to represent the CSD and sell services
  • Provide technical and best practice security advice to clients, fulfilling the role of technical account manager for security matters, and be a virtual CISO for clients
  • Maintain and grow a broad network of contacts, including hosting events to increase the CSD’s exposure
  • Ensure the security and compliance of Conosco, and our clients
  • Grow the Security Division (team, capability, quality, efficiency, revenue)
  • Regular travel to/from UK and South Africa


The successful candidate will be expected to have a strong technical, networking and support related background as well as Info and Cyber security-related experience, along with associated industry-standard certifications. B2B experience across a broad set of industry verticals from smaller SME to mid-market enterprises is essential.


  • ISO 27001:2013 Lead Auditor
  • ISO 27001:2013 Lead Implementer
  • ISO 9001:2015 Internal Auditor
  • GDPR Data Protection Officer
  • EC Council Certified Ethical Hacker
  • CompTIA Security+
  • CCNP level networking certification, or equivalent
  • CCNA Security or Design certification
  • Microsoft certifications, or similar technical certifications

Soft skills

  • Exceptional interpersonal communication, ability to communicate at a business strategy level with C-Suite executives and at a technical level with engineers
  • Well presented for client-facing engagements, possessing gravitas and confidence when engaging with clients.
  • Excellent written communication skills, able to write documentation for all levels of business, from executive summaries to forensic incident investigation reports
  • Possessing an understanding of business management and strategy, as well as financial, marketing and sales ability
  • Knowledge of international legal and compliance requirements across data protection and information security
  • Understanding of global Security trends and developments, and the implications of international InfoSec and CyberSec developments
  • Demonstrable history of good job performance

Professional membership of at least 2 international InfoSec related bodies.

Desirable Experience

Exposure to and understanding of business strategy is vital to leading a division, including understanding of financial considerations and planning, and the marketing and sales of service offerings to clients.

  • At least 12 years in technical networking and support roles
  • At least 2 years in a Security role
  • Previous Senior Management experience
  • Experience leading geographically dispersed teams
  • Experience delivering consulting work to multiple clients
  • Experience with forensic incident investigation 
  • Experience implementing and managing ISO 27001:2013 ISMS’s
  • Experience implementing PCI DSS
  • Experience implementing GDPR related controls for compliance, and performing DPO tasks
  • Experience implementing and operating SIEM platforms
  • Experience interpreting and remediating vulnerability scan and penetration test findings

Interested? Please email with a CV and Covering Letter.