CrawlJobs Logo
Allen Lane Logo Allen Lane · IT - Administration

Head of Cyber Security Culture and Architecture

United Kingdom, Hanslope Park (Milton Keynes) or East Kilbride Employment contract 69500.00 - 90600.00 GBP / Year · Job Posted December 05, 2025
Apply Position
Job Link Share

Job Description

Grade 6 vacancy in the Information and Cyber Security Department. Responsible for defining, leading and delivering the FCDO’s secure architecture and internal cyber security culture. Member of the ICSD Senior Leadership team and IDD Extended Leadership Group.

Job Responsibility

  • Define, lead and deliver, through their team, the FCDO’s secure architecture and its internal cyber security culture
  • Ensure secure design is embedded across systems and services while fostering a workforce that understands, values and upholds security principles
  • Lead a team of security architects who will influence technology delivery, organisational behaviours and leadership decision making
  • Ensure architecture, awareness and cultural resilience are delivered in a coordinated way
  • Work in partnership with business, digital and security stakeholders
  • Lead engagement and reporting for their workstreams
  • Represent the CISO at various HMG and external events where necessary

Requirements

  • Enterprise Security Architecture: Leading the design and assurance of enterprise security architecture, applying recognised frameworks and principles
  • Technical Security Architecture: Applying security architectural principles to complex IT and operational technology (OT) systems
  • Policy and Standards: Providing subject matter expertise in developing and interpreting cyber and information security policies and standards
  • Information Security Culture: Baselining the future vision for the FCDO’s information and cyber security culture, defining and assuring delivery of change levers
  • Third Party Management: Leading the definition and assurance of cyber and information security requirements for third-party relationships
  • Management, Leadership and Influence: Embedding a security first culture and influencing behaviours at all levels
  • Must hold or be willing to obtain security clearance to DV level
  • Must have been resident in the UK for five out of the last ten years immediately prior to application

What we offer

  • Civil Service pension scheme (employer contribution of 28.97%)
  • Annual leave starting at 25 days leave per annum
  • Location allowance of £1,750 (if based in Milton Keynes)
  • Specialist allowance of up to £10,800 per annum (subject to review)
Allen Lane - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Head of Cyber Security Culture and Architecture

8 matching positions

Head of Cyber Security

As our Head of Cyber Security, your mission is to lead and develop the organisat...
Location
Location
United Kingdom , Park Royal
Salary
Salary:
Not provided
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in head or senior leadership role in security, cyber or information assurance
  • CISSP, CISM, or CISA certified (or equivalent)
  • Strong track record of building and delivering security programs aligned to ISO 27001, NIST, PCI DSS, Cyber Essentials Plus
  • Hands-on experience across cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures
  • A zero-trust approach to cyber security
  • Confident in leading security tooling selection and implementation
  • Deep understanding of data protection legislation and risk management frameworks
  • Strong leadership, stakeholder engagement, and influencing skills
Job Responsibility
Job Responsibility
  • Develop, own and maintain our Security Strategy and Roadmap
  • Represent security at the senior leadership and board level
  • Define and implement robust security policies, frameworks and operating models
  • Ensure ongoing compliance with relevant legislation and best practices
  • Lead on operational security including responses to security incidents, ensuring containment, recovery and lessons learned
  • Manage enterprise security risk through owning risk assessments, tracking key risk indicators and regular reporting on exposure
  • Drive a culture of security awareness through partnering across different business areas, staff training and phishing simulations
What we offer
What we offer
  • Competitive salary
  • Pension
  • 22 days annual leave, plus the option to buy additional days
  • Life Assurance
  • Private Medical
  • Onsite parking
  • Bonus
  • Fulltime
Read More
Arrow Right

Global Head of Cyber Risk and Compliance

The Technology & Cyber Compliance and Operational Risk Office (TCCORO) at Citi i...
Location
Location
United States , Irving, Texas, United States, New York, New York, United States
Salary
Salary:
250000.00 - 500000.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 20+ years' experience in technology risk and/or cyber risk management in the banking/financial services industry, or related field, with at least 5+ years in 2nd or 3rd line senior leadership positions
  • Subject matter expert in technology risk and/or cyber risk management principles and practices across various information system architecture and engineering domains
  • Proven experience in managing complex risk portfolios and developing strategic risk management frameworks for large organizations
  • Robust understanding of operational risk management frameworks, industry standards, regulatory requirements, and risk mitigation practices
  • Experience managing and overseeing large remediation and transformation programs to achieve intended results
  • Extensive experience in effective written and verbal communication with executive audiences including Boards
  • Experienced risk challenger who balances risks vs. rewards aligned with corporate risk culture
  • Understanding of Citi products and services and downstream impacts of technology risk and/or cyber risk strategy
  • Professional certifications in either technology risk and/or cyber risk preferred, including: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), ERM, CET, ISO27001, COBIT, TOGAF, or CRI
  • In-depth, working knowledge of banking technologies, fraud, cybercrime detection and countermeasures, encryption, data retention, as well as information security support for segregation of duties, application development, network and systems operation, testing and vendor management
Job Responsibility
Job Responsibility
  • Oversight and challenge of the cybersecurity incident response programs
  • Oversight of the security operations center (SOC) and cybersecurity fusion center (CSFC)
  • Oversight of cybersecurity penetration testing and red-team operations
  • Oversight of the Chief Information Security Office (CISO), including the review of the effectiveness of the controls, standards and programs across the enterprise
  • Implementation of guidance for overseeing Emerging Technology and Operational Risks, in compliance with OCC Heightened Standards
  • Able to present and lead discussions with key Regulators, internal and external auditors, as well the Board of Directors and the Risk and Audit sub-committees
  • Governance and Oversight of security risks impacting the business and technology
  • Support in the development of Cyber Policy and Standards
  • Oversight of Key Operational Risks and related indicators and thresholds
  • Challenge of Cyber Risk Self Assessments
What we offer
What we offer
  • Discretionary and formulaic incentive and retention awards
  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • Fulltime
Read More
Arrow Right

Head of cyber threat exposure and attack surface management

Lead the enterprise-wide Continuous Threat Exposure Management (CTEM) strategy, ...
Location
Location
United Kingdom , Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cybersecurity with direct exposure to vulnerability management, red teaming, or threat exposure reduction
  • Proven track record leading programs integrating CSPM, SSPM, ASM, BAS, or exposure correlation technologies
  • Strong understanding of attack paths, adversary emulation, and continuous validation concepts
Job Responsibility
Job Responsibility
  • Own and drive the global CTEM strategy, establishing a continuous, threat-driven exposure management lifecycle aligned with NIST, MITRE, and CISA Secure-by-Design principles
  • Lead and develop a high-performing CTEM team, fostering collaboration, technical excellence, and an outcome-driven culture
  • Integrate and oversee key exposure management technologies, including Cloud Security Posture Management (CSPM), SaaS Security Posture Management (SSPM), Attack Surface Management (ASM), Breach & Attack Simulation (BAS), and other exposure correlation platforms
  • Correlate assets, identity, vulnerability, and configuration to identify high-impact, exploitable attack paths and inform prioritized remediation strategies
  • Collaborate with Application Security, Vulnerability Management, Red Team, and Security Operations to synchronize discovery, validation, and remediation of exposures across the enterprise
  • Align CTEM outputs with real-world adversary behaviors, leveraging Red Team and Threat Intelligence input to validate attack paths and focus on exploitable conditions
  • Drive automation and AI-enabled analytics to continuously map, assess, and measure reductions in the organization’s attack surface
  • Translate technical findings into business risk language, enabling senior leadership and risk committees to make data-driven investment decisions
  • Define and lead CTEM governance and operating models, ensuring exposure assessments, validation, and remediation tracking are embedded in operational processes
  • Establish clear KRIs and maturity metrics that demonstrate continuous improvement in visibility, validation, and response effectiveness
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Head of Security Governance, Risk & Compliance

We’re looking for a dynamic, experienced Head of GRC to lead our global governan...
Location
Location
Luxembourg , Luxembourg
Salary
Salary:
Not provided
ppro.com Logo
PPRO GmbH
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record transforming traditional GRC frameworks (ISO27001, PCI DSS, SOC2) into modern, automated, developer-friendly control assurance programmes
  • Solid grounding in financial services regulation, payments, operational resilience, outsourcing/cloud guidelines etc.
  • Strong experience interacting with regulators and auditors (CSSF, FCA, etc.) and implementing regulatory requirements
  • Proven ability to run risk management processes, control frameworks and audit cycles
  • Experience evaluating technology, cyber and operational risks in a cloud-native environment
  • Engineering-first mindset, with an understanding of cloud-native architectures (AWS preferred) and how GRC requirements fit into engineering workflows
  • Experience with GRC tooling, workflow automation or process optimisation
  • Ability to translate regulatory requirements into practical, technical control expectations
  • Excellent communicator, capable of influencing executives, engineers, auditors and regulators
  • Pragmatic, commercially-minded, empathetic and customer-focused
Job Responsibility
Job Responsibility
  • Lead PPRO’s global Security GRC strategy and team, to support our international regulatory and compliance footprint
  • Oversee and enhance our ISO27001:2022 and PCI DSS v4.0 programmes, building a culture of continuous compliance through automation and control transformation
  • Partner with relevant functions to ensure ongoing DORA compliance, including security risk management, incident reporting, operational resilience testing and governance
  • Define and deliver a strategy for a pragmatic, high-value 2nd line automated control assurance programme, underpinned by relevant business metrics
  • Own and manage regulatory expectations on security topics by the CSSF in Luxembourg, FCA in the UK and other international bodies as relevant
  • Maintain and enhance PPRO’s security risk register, defining and delivering cross-organisation improvement and remediation roadmaps
  • Lead security control testing, issue management, KRI monitoring, SLA reporting and Board-level reporting
  • Act as Information Security Officer for PPRO’s local Luxembourg entity
  • Own third party security risk management and oversight for PPRO across the full procurement lifecycle
  • Partner closely with Engineering to build shared understanding and transform controls via thoughtful automation, streamlining evidence collection and control monitoring
What we offer
What we offer
  • Hybrid working with a 3 days / week on site expectation
  • Work from abroad policy, enabling employees to work remotely for up to another 30 days per year
  • €1,000 annual budget for professional growth
  • Leadership cafés, on-the-job training
  • Lunch Vouchers - 12,80euros x 18 / month
  • Enhanced family leave
  • Travel Insurance
  • Gym membership contribution
  • Mental Health Platform
  • Pet-friendly office
  • Fulltime
Read More
Arrow Right

Head of Security

As our Head of Security, you’ll play a critical role in protecting the trust our...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
prezzee.com.au Logo
Prezzee
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A degree in Computer Science, Software Engineering, or a related discipline
  • 5+ years’ experience in a senior cyber security role, ideally within a systems development or technology-led environment
  • Strong understanding of AWS technologies and modern cloud architecture models
  • Proven experience delivering strategic security programs, including policy development, risk management, BCP/DR testing, third-party risk, and end-user device security
  • Hands-on experience triaging, investigating, and resolving security and operational incidents within SLAs
  • Deep knowledge of modern cyber security principles, threat landscapes, threat intelligence, and remediation techniques
  • Experience coordinating outcomes across internal teams, external vendors, auditors, and security partners
  • A collaborative, business-minded approach with the confidence to influence at leadership level
Job Responsibility
Job Responsibility
  • Lead Our Security Strategy: Own and deliver a clear, ongoing security roadmap aligned to Prezzee’s risk appetite, business priorities, and growth plans
  • Continuously uplift our administrative, technical, and procedural security posture across the business
  • Stay ahead of emerging threats and evolving standards, ensuring Prezzee remains proactive rather than reactive
  • Build a Security-First Culture: Act as the Security Champion across all teams and locations, embedding security awareness into how we work every day
  • Partner closely with engineering, product, IT, and the wider business to ensure security is at the forefront of design
  • Manage and mentor a small, high-performing security team, driving engagement and alignment with Prezzee’s purpose
  • Governance, Risk & Compliance: Maintain and expand compliance with frameworks and certifications including PCI, ISO:27001, Cyber Essentials+, ISO:42001 and others as required
  • Chair and manage the ISMS Committee, ensuring stakeholders have clear visibility of risks, controls, and progress
  • Lead third-party and vendor security due diligence across tools, partners, and workplace technology
  • Operational Security & Incident Management: Oversee vulnerability management, penetration testing outcomes, and remediation within agreed SLAs
What we offer
What we offer
  • Prezzeeversary Leave – Extra day of annual leave for each year you’re with us
  • BirthYay Leave – Celebrate you with a paid day off during your birthday month
  • Novated Car Leasing – A tax-smart way to bundle and pay for your car and running costs
  • ClassPass Membership – Fully covered monthly credits for fitness, wellness, and beauty
  • Office Allowance – One-time payment to upgrade your office setup
  • Flexible Work Perks – Flex your hours, take Culture Swap Days, and work from anywhere for 30 days a year
  • Prezzee Staff Discounts – Exclusive deals on Prezzee gift cards – just for being part of the team
  • Wellbeing Support – Access to mental, social, financial, and physical wellbeing support via Telus
  • Learning & Development – Grow your career with LinkedIn Learning, job shadowing, industry programs, and our Lunch & Learn sessions
  • Employee Resource Groups – Be an advocate or ally and foster belonging through groups like EmpowHer and Pride
  • Fulltime
Read More
Arrow Right

Head of Security

Prezzee is a global leader in digital gifting and payments. As our Head of Secur...
Location
Location
Australia , Melbourne
Salary
Salary:
Not provided
prezzee.com.au Logo
Prezzee
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A degree in Computer Science, Software Engineering, or a related discipline
  • 5+ years’ experience in a senior cyber security role, ideally within a systems development or technology-led environment
  • Strong understanding of AWS technologies and modern cloud architecture models
  • Proven experience delivering strategic security programs, including policy development, risk management, BCP/DR testing, third-party risk, and end-user device security
  • Hands-on experience triaging, investigating, and resolving security and operational incidents within SLAs
  • Deep knowledge of modern cyber security principles, threat landscapes, threat intelligence, and remediation techniques
  • Experience coordinating outcomes across internal teams, external vendors, auditors, and security partners
  • A collaborative, business-minded approach with the confidence to influence at leadership level
Job Responsibility
Job Responsibility
  • Lead Our Security Strategy: Own and deliver a clear, ongoing security roadmap aligned to Prezzee’s risk appetite, business priorities, and growth plans
  • Continuously uplift our administrative, technical, and procedural security posture across the business
  • Stay ahead of emerging threats and evolving standards, ensuring Prezzee remains proactive rather than reactive
  • Build a Security-First Culture: Act as the Security Champion across all teams and locations, embedding security awareness into how we work every day
  • Partner closely with engineering, product, IT, and the wider business to ensure security is at the forefront of design
  • Manage and mentor a small, high-performing security team, driving engagement and alignment with Prezzee’s purpose
  • Governance, Risk & Compliance: Maintain and expand compliance with frameworks and certifications including PCI, ISO:27001, Cyber Essentials+, ISO:42001 and others as required
  • Chair and manage the ISMS Committee, ensuring stakeholders have clear visibility of risks, controls, and progress
  • Lead third-party and vendor security due diligence across tools, partners, and workplace technology
  • Operational Security & Incident Management: Oversee vulnerability management, penetration testing outcomes, and remediation within agreed SLAs
What we offer
What we offer
  • Prezzeeversary Leave – Extra day of annual leave for each year you’re with us
  • BirthYay Leave – Celebrate you with a paid day off during your birthday month
  • Novated Car Leasing – A tax-smart way to bundle and pay for your car and running costs
  • ClassPass Membership – Fully covered monthly credits for fitness, wellness, and beauty
  • Office Allowance – One-time payment to upgrade your office setup
  • Flexible Work Perks – Flex your hours, take Culture Swap Days, and work from anywhere for 30 days a year
  • Prezzee Staff Discounts – Exclusive deals on Prezzee gift cards – just for being part of the team
  • Wellbeing Support – Access to mental, social, financial, and physical wellbeing support via Telus
  • Learning & Development – Grow your career with LinkedIn Learning, job shadowing, industry programs, and our Lunch & Learn sessions
  • Employee Resource Groups – Be an advocate or ally and foster belonging through groups like EmpowHer and Pride
  • Fulltime
Read More
Arrow Right

Head of Technology

The Head of Technology will play a pivotal role in shaping the future of reallym...
Location
Location
United Kingdom , St Albans
Salary
Salary:
Not provided
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree in Computing or equivalent experience
  • Strong engineering background: C#, .NET, MS SQL, APIs
  • Front‑end skills: HTML, CSS, JavaScript, React, Next.js
  • Solid understanding of full web architecture (DNS → browser)
  • Experience with CMS platforms (ideally Umbraco / Heartcore)
  • Cloud expertise: Azure, Azure DevOps, Vercel, Cloudflare
  • Knowledge of DNS, networking, IT systems and application architecture
  • Experience with GTM (incl. cookie consent) and GA
  • Knowledge of GDPR/PECR and consent management
  • Understanding of OWASP Top 10 and security best practice
Job Responsibility
Job Responsibility
  • Set the tech vision and multi‑year roadmap
  • Shape a scalable, modern platform architecture
  • Advise SLT with clear technical and commercial insight
  • Identify and apply emerging tech opportunities
  • Prioritise initiatives with Product using impact‑led methods
  • Lead and develop Development and Testing teams
  • Champion high standards in code quality, testing and performance
  • Drive modern DevOps (CI/CD, automation, observability)
  • Partner with Product/Commercial to improve our digital marketplace
  • Boost productivity through AI‑assisted engineering
What we offer
What we offer
  • Competitive salary
  • Discretionary bonus
  • Comprehensive benefits package
  • Fulltime
Read More
Arrow Right

Head of Digital Design

The Head of Digital Design is a senior global leadership role responsible for sh...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
egis-group.com Logo
Egis in the UK
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years’ experience in senior digital marketing roles, ideally within architecture, engineering, infrastructure, professional services or other complex B2B environments
  • Demonstrated experience leading digital transformation in a design-led or professional services environment
  • Strong understanding of architectural and design workflows, with the ability to bridge creative, technical and commercial priorities
  • Proven ability to drive change, embedding new tools and ways of working across diverse teams and geographies
  • Credible senior leader with the communication skills to influence at Executive, studio and project level
  • Strategic mindset combined with pragmatic delivery focus
  • Commitment to continuous improvement and staying at the forefront of digital design practice and technology
  • Must have the right to work in the UK
Job Responsibility
Job Responsibility
  • Lead and develop a globally distributed digital design function comprising BIM managers, Revit content specialists, design application specialists, CAD and visualisation experts across multiple practice brands
  • Create a culture of collaboration, learning and continuous improvement across regions and disciplines
  • Define a clear digital design capability framework covering architecture, retrofit and related disciplines, applicable across sectors and geographies
  • Support succession planning, talent development and performance management within the digital design community
  • Set the strategic direction for digital design across the 10Design Collective, aligned with design ambition, sustainability objectives and business priorities
  • Oversee the evolution of digital platforms, including BIM, data environments, interoperability, visualisation and emerging technologies
  • Identify opportunities to simplify, standardise and improve workflows where collective approaches deliver clear benefit
  • Ensure digital design is integrated across the full project lifecycle, from pursuit and procurement through delivery and post-completion insights
  • Work in close partnership with studio leads, design directors and IT teams to ensure digital strategies respond to real operational and design needs
  • Enable effective knowledge sharing across practice brands through training frameworks, guidance, documentation and shared learning
Read More
Arrow Right