CrawlJobs Logo

Head of Information Security, Risk and Compliance

travelodge.co.uk Logo

Travelodge Hotels Limited

Location Icon

Location:
United Kingdom , Thame

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

110000.00 GBP / Year
Save Job
Save Icon
Apply Position

Job Description:

Senior leadership position within the IT Operations team. The primary mission is to reduce security risks through robust controls that align with Travelodge’s commercial strategy.

Job Responsibility:

  • Strategic Leadership: Develop a continuously evolving security roadmap and "defence in depth" strategy
  • manage both internal teams and strategic third-party partners
  • Operational Management: Oversee 24x7x365 security operations, including continuous monitoring, threat assessment, incident response (CIRT)
  • Risk & Compliance: Develop and maintain an industry-standard Risk Management framework
  • ensure compliance with PCI-DSS, GDPR, and NIST frameworks
  • Governance & Policy: Maintain Information Security policies and conduct regular audits of processes and controls
  • Technical Oversight: Coordinate vulnerability management, penetration testing, and code reviews
  • provide "Secure by Design" architectural guidance for all new initiatives
  • Supply Chain & Budget: Manage a portfolio of security vendors to ensure value and responsiveness
  • oversee the OPEX and CAPEX budgets that enable your function to operate and continuously improve
  • Business Integration: Act as a trusted advisor to senior leadership and collaborate with Project Delivery to ensure risk reduction is baked into every project as well as BAU Operations
  • Testing and Readiness: Lead company-wide staff awareness, testing and education campaigns, as well as regular audits, scenario-based testing and penetration testing

Requirements:

  • Certifications: CCSP, CISSP-ISSMP, or CISM
  • Methodologies: ITIL v4 Foundation
  • FAIR Risk Modelling
  • experience in Project Management or Business Change
  • Advanced Tech: Experience defining Zero Trust Architecture (ZTA) and implementing security controls within public cloud environments (IaaS/PaaS)
  • pragmatic, hands-on leader
  • master of communication
  • self-starter
  • technical expertise rooted in securing critical B2B and B2C eCommerce platforms, particularly within hosted and SaaS-heavy environments
  • expert-level knowledge of perimeter, cloud, network, and data security
  • proven track record of embedding industry frameworks like NIST, ISO27001, or CIS into a large-scale operation
  • strong commercial acumen to navigate contract negotiations and vendor management
What we offer:
  • Annualise Bonus
  • Car Allowance
  • Contributory pension scheme
  • 50% personal discount for hotel bookings and great friends and family discounts too
  • 25 days holiday + bank holidays, increasing with length of service
  • A focus on learning and career development

Additional Information:

Job Posted:
February 13, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Travelodge Hotels Limited - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Head of Information Security, Risk and Compliance

Security Strategy and Risk Management Head of Department

The Security Strategy and Risk Management Head of Department is a senior leaders...
Location
Location
United States , Irvine
Salary
Salary:
181240.00 - 259160.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15–20 years of progressive experience across Information Security, GRC/Risk Management, customer/vendor security management and/or strategic operations
  • Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, Business Administration or a related discipline
  • Excellent stakeholder management, communication, and leadership skills
  • Demonstrated experience working across multi-disciplinary teams to achieve common objectives
  • Proficient in English for effective communication and coordination
Job Responsibility
Job Responsibility
  • Lead enterprise-wide risk assessment, risk issue management, and risk exception management
  • Maintain and enhance risk management frameworks aligned with industry best practices
  • Deliver insightful, data-driven risk reporting to senior leadership
  • Oversee the Information Security compliance and control assurance program
  • Lead coordination of internal and external audits, assessments, and certification processes
  • Lead the Third-Party Risk Management (TPRM) program
  • Oversee creation, governance, maintenance, and communication of Information Security policies, standards, and procedures
  • Direct the Information Security Training and Awareness program
  • Partner with the CISO to define and maintain the Information Security strategic roadmap
  • Lead budget planning, forecasting, tracking, and optimization for the full Information Security organization
  • Fulltime
Read More
Arrow Right

Head of Cloud Compliance

Atlassian is seeking a dynamic and experienced leader for the position of Head o...
Location
Location
United States , San Francisco
Salary
Salary:
165800.00 - 266400.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 20+ years of experience in risk management, compliance management, cloud compliance, product compliance and relevant domain
  • 10+ years of experience as a people manager
  • Strong knowledge of compliance management frameworks, methodologies, and regulatory requirements
  • Proven ability to lead and inspire teams, drive cultural change, and influence stakeholders at all levels
  • Excellent analytical, problem-solving, and decision-making skills
  • Outstanding communication and presentation skills, with the ability to articulate complex risk concepts clearly and concisely
Job Responsibility
Job Responsibility
  • Develop and implement a comprehensive cloud compliance strategy that addresses both commercial and federal requirements
  • Lead the cloud compliance function, ensuring alignment with organizational goals and regulatory obligations
  • Ensure compliance with relevant federal regulations (e.g., FedRAMP, FISMA) and commercial standards (e.g., ISO 27001, SOC 2)
  • Stay informed about changes in cloud compliance regulations and assess their impact on the organization
  • Develop and maintain robust cloud compliance frameworks and controls to ensure secure and compliant cloud operations
  • Implement automated solutions for continuous monitoring and reporting of cloud compliance status
  • Identify, assess, and mitigate cloud-related compliance risks in collaboration with risk management teams
  • Develop metrics and dashboards to provide insights into cloud compliance status and risk posture
  • Work closely with IT, security, legal, and business units to integrate compliance requirements into cloud strategies and operations
  • Lead cross-functional teams to address complex compliance challenges and ensure cohesive strategies
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Information Security Senior Analyst

The Info Sec Prof Senior Analyst is an intermediate-level position responsible f...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • applicable certifications or willingness to earn within 12 months of joining
  • consistently demonstrates clear and concise written and verbal communication
  • proven influencing and relationship management skills
  • proven analytical skills
  • ICND 1 Certification or equivalent knowledge in Networking
  • excellent Microsoft Excel skills
  • basic network infrastructure knowledge
  • ability to work with Big Data
  • exhibiting a high degree of flexibility and ability to multi-task, seeking guidance where necessary
Job Responsibility
Job Responsibility
  • Identify potential information security (IS) risks and make recommendations for enhancement
  • collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
  • execute meetings and communicate complex security topics and safe IS practices with all levels of the organization
  • ensure that controls are utilized daily and that non-compliance remediation is addressed
  • provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • assist with defining and implementing IS standards to align procedures and practices in compliance with Citi standards
  • educate and advise on safe information security practices and current, changing, and/or recommended information security requirements
  • validate compliance with IS policies, practices, and procedures, and resolve a variety of IS related issues in coordination with the business
  • support the Annual Connectivity Verification process
  • validate legacy connectivity for ownership, registration, and usage
  • Fulltime
Read More
Arrow Right

Head of Information Security

As River Island’s Head of Information Security, you’ll play a strategic and hand...
Location
Location
United Kingdom , West London
Salary
Salary:
Not provided
riverisland.com Logo
River Island
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in a senior information security role, ideally within a complex, multi-channel retail or technology environment
  • Strong technical grounding across key security domains: network, cloud, endpoint, application, and data security
  • Experience managing or working with vulnerability management tools, SIEM/SOC environments, and incident response processes
  • Familiarity with frameworks and standards such as ISO 27001, NIST, CIS, PCI DSS, and GDPR
  • Excellent communication and stakeholder management skills, with the ability to influence at all levels of the organisation
  • Analytical, pragmatic, and calm under pressure — with a focus on enabling the business, not blocking it
Job Responsibility
Job Responsibility
  • Define, implement, and evolve River Island’s information security strategy in line with business objectives, regulatory obligations, and risk appetite
  • Lead the development and maintenance of Information Security policies, standards, and controls, ensuring alignment with frameworks such as ISO 27001, NIST CSF, and the SANS Top 18
  • Define and report security KPIs/KRIs to senior management to senior leadership representing risk posture, compliance status, and strategic improvement initiatives
  • Own and manage the Information Security Risk Register
  • ensure risks are assessed, documented, and mitigated effectively
  • Lead compliance efforts across GDPR, PCI DSS, and other applicable regulations
  • Conduct and coordinate enterprise-wide risk assessments, audits, and internal reviews
  • Champion a pragmatic, risk-based approach to security — balancing protection, productivity, and customer experience
  • Own and govern IAM standards (RBAC, joiner/mover/leaver, privileged access, MFA, SSO) across corporate, store and customer-facing platforms
  • Oversee operational security activities, including threat detection, vulnerability management, and incident response
What we offer
What we offer
  • Generous 50% staff discount so you can treat yourself to the latest products, and a bargain staff shop on site
  • Reducing Islanders everyday expenses through discounts, benefits, financial advice, wellbeing solutions and more through Reward Gateway
  • A free onsite gym, subsidised restaurant & café to fill you needs
  • Various social events to socialise throughout the year
  • Every family is unique, we support Islanders with all different family setups enhanced maternity, paternity, adoption & fertility treatment
  • We also work closely with the Retail Trust to create dedicated support for all our Islanders
  • Flexible working is a given, on top of payday and summer early finish Fridays
  • Give as you earn scheme, a ‘Giver Island’ day each year and receive matched funding
  • Support with upskilling through on the job training and qualifications
  • A succession plan if you want to progress
  • Fulltime
Read More
Arrow Right

Head of Infrastructure

At Xelix, we work with some of the world’s largest companies to automate and str...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
xelix.com Logo
Xelix
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years in infrastructure, platform, or SRE roles
  • AWS Certified Solutions Architect – Professional
  • Prior experience scaling production systems in a growing company
  • Ability to operate production systems under pressure
  • Deep hands-on experience with the AWS cloud platform
  • Strong background in reliability, observability, and incident management
  • Experience leading or mentoring engineers
Job Responsibility
Job Responsibility
  • Platform Strategy & Architecture: Own the long-term platform and infrastructure strategy
  • Design and evolve cloud architecture to support scale, resilience, and performance
  • Set standards for infrastructure, CI/CD, environments, and observability
  • Make architectural decisions and trade-offs
  • Developer Experience (DevEx): Provide infrastructure for the development team to code, test and deploy efficiently
  • Advise during design sessions to help engineers pick the right solutions for projects
  • Reliability & Operations: Own production reliability, uptime, and incident response
  • Define and enforce SLAs and SREs
  • Lead incident response and post-incident reviews
  • Ensure monitoring, alerting, and on-call practices are effective and sustainable
What we offer
What we offer
  • 27 days of annual leave (including 3 days Christmas closing) which increases up to 3 days based on tenure, with the option to roll over, buy or sell up to 3 days
  • Hybrid working with one day a week from our dog-friendly Hoxton office
  • On-site gym and cycle to work scheme
  • Employee discount at over 100 retailers
  • Comprehensive private medical & dental cover with Vitality
  • Enhanced parental leave pay
  • Learning & development culture – £1,000 personal annual budget
  • We’re carbon-neutral and are working towards ambitious carbon reduction goals
  • Lots of team socials & activities
  • Annual team retreat
  • Fulltime
Read More
Arrow Right

Head of Security Governance, Risk & Compliance

We’re looking for a dynamic, experienced Head of GRC to lead our global governan...
Location
Location
Luxembourg , Luxembourg
Salary
Salary:
Not provided
ppro.com Logo
PPRO GmbH
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record transforming traditional GRC frameworks (ISO27001, PCI DSS, SOC2) into modern, automated, developer-friendly control assurance programmes
  • Solid grounding in financial services regulation, payments, operational resilience, outsourcing/cloud guidelines etc.
  • Strong experience interacting with regulators and auditors (CSSF, FCA, etc.) and implementing regulatory requirements
  • Proven ability to run risk management processes, control frameworks and audit cycles
  • Experience evaluating technology, cyber and operational risks in a cloud-native environment
  • Engineering-first mindset, with an understanding of cloud-native architectures (AWS preferred) and how GRC requirements fit into engineering workflows
  • Experience with GRC tooling, workflow automation or process optimisation
  • Ability to translate regulatory requirements into practical, technical control expectations
  • Excellent communicator, capable of influencing executives, engineers, auditors and regulators
  • Pragmatic, commercially-minded, empathetic and customer-focused
Job Responsibility
Job Responsibility
  • Lead PPRO’s global Security GRC strategy and team, to support our international regulatory and compliance footprint
  • Oversee and enhance our ISO27001:2022 and PCI DSS v4.0 programmes, building a culture of continuous compliance through automation and control transformation
  • Partner with relevant functions to ensure ongoing DORA compliance, including security risk management, incident reporting, operational resilience testing and governance
  • Define and deliver a strategy for a pragmatic, high-value 2nd line automated control assurance programme, underpinned by relevant business metrics
  • Own and manage regulatory expectations on security topics by the CSSF in Luxembourg, FCA in the UK and other international bodies as relevant
  • Maintain and enhance PPRO’s security risk register, defining and delivering cross-organisation improvement and remediation roadmaps
  • Lead security control testing, issue management, KRI monitoring, SLA reporting and Board-level reporting
  • Act as Information Security Officer for PPRO’s local Luxembourg entity
  • Own third party security risk management and oversight for PPRO across the full procurement lifecycle
  • Partner closely with Engineering to build shared understanding and transform controls via thoughtful automation, streamlining evidence collection and control monitoring
What we offer
What we offer
  • Hybrid working with a 3 days / week on site expectation
  • Work from abroad policy, enabling employees to work remotely for up to another 30 days per year
  • €1,000 annual budget for professional growth
  • Leadership cafés, on-the-job training
  • Lunch Vouchers - 12,80euros x 18 / month
  • Enhanced family leave
  • Travel Insurance
  • Gym membership contribution
  • Mental Health Platform
  • Pet-friendly office
  • Fulltime
Read More
Arrow Right

Technology Control and Log Review Head

The primary objective of this role is to provide Risk Control and log review ser...
Location
Location
Turkey , Istanbul
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in technology risk management, IT audit, information security, or IT governance, with a significant portion in the banking sector
  • In-depth knowledge of banking industry-specific regulations and compliance requirements
  • Strong understanding of IT control frameworks (e.g., COBIT, ITIL, NIST) and information security standards (e.g., ISO 27001)
  • Professional certifications such as CRISC, CISA, CISSP, or CISM are highly preferred
  • Exceptional analytical and problem-solving skills
  • Excellent written and verbal communication skills in English
  • Demonstrated ability to build and maintain effective working relationships
  • Strong leadership capabilities
  • Ability to thrive in a fast-paced, highly regulated, and dynamic environment
  • Familiarity with SDLC, databases, operating systems, application controls, encryption, development tools and processes
Job Responsibility
Job Responsibility
  • Lead the identification, assessment, and monitoring of technology risks
  • Oversee the design and implementation of technology controls
  • Manage and coordinate all internal and external technology audits, regulatory examinations, and compliance reviews
  • Provide expert guidance and support to technology managers and teams on risk management best practices
  • Manage the tracking and remediation of all technology-related audit findings, risk issues, and control deficiencies
  • Manage communication with local regulators and auditors regarding technology-related topics
  • Collaborate with other risk functions to ensure an integrated approach to enterprise-wide risk management
  • Works closely with regional control teams on risk and control subjects
  • Acts as a technology liaison for cyber security related cases
  • Manages the Local Log Review process and the team
  • Fulltime
Read More
Arrow Right
New

Head of Information Security

This is a strategic leadership role which is responsible for leading the transfo...
Location
Location
United Kingdom , Milton Keynes or London
Salary
Salary:
Not provided
triarecruitment.com Logo
TRIA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant leadership experience in enterprise information and cyber security roles, ideally within complex or regulated environments
  • Proven success in leading strategic reviews and transformations of security toolsets, platforms, and operating models
  • Deep technical knowledge of security controls across hybrid cloud, infrastructure, endpoint, and user environments
  • Practical experience delivering cyber security best practices across network, infrastructure, BYOD, web, and cloud services
  • Strong working knowledge of governance and compliance frameworks including ISO 27001, NIST CSF, GDPR, and Cyber Essentials+
  • Demonstrable ability to communicate complex security concepts to non-technical audiences, including board-level stakeholders
Job Responsibility
Job Responsibility
  • Lead the transformation and modernisation of the cyber and information security capabilities
  • Shape and execute a security strategy that aligns with the companies' digital ambitions and evolving risk landscape
  • Lead a complete strategic review of the security landscape, including tools, processes, risk postures, and cultural readiness
  • Report to the board and advise on cyber risk, threats, and mitigation strategies
  • Translate security insights into executive-level communications, influencing investment and change roadmaps
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy