Head of IT Security

About the Company This is an opportune time to join a leading financial services firm as they drive forward their IT Strategy and Change Roadmap. Joining this team, you will be leading a small team across every aspect of cyber resilience, safeguarding business-critical operations and ensuring proactive, best in class controls across the enterprise. This is your chance to shape, lead, and elevate security in an organisation that has a collegiate culture and this role offer great exposure to the Board and ExCo Risk Committee too. About the Position As Head of IT Security, you will be the lead out the firms cyber defence strategy. You will lead a small and ambitious security team, overseeing both the governance and the technical frontlines of security. From GRC frameworks to cutting-edge security engineering, your expertise and influence will span every layer of the organisation. This role offers hands-on leadership and strategic impact steering the big picture while staying close to the technologies that keep will direct the design and deployment of advanced security systems, protect the organisation against evolving threats, and be the trusted voice of security for senior leadership and major projects. Key Responsibilities Lead and inspire the Information Security team, ensuring flawless execution across Governance, Risk & Compliance (GRC) and technical security operations. Design, implement, and continuously evolve security architecture covering network monitoring, identity management, intrusion detection, and data protection. Oversee day-to-day security operations, including SIEM monitoring, incident response, vulnerability management, and phishing simulations. Partner with project teams from the planning stage to ensure security is embedded into every initiative, from new deployments to major upgrades. Act as primary contact for senior executives on cyber security matters, delivering clarity, confidence, and actionable insights. Maintain strong oversight of third-party partners and vendors to guarantee quality, resilience, and compliance. Ensure compliance with all relevant regulations, including GDPR and DORA, and manage key audits such as SWIFT CSP. Strengthen the companys cyber resilience posture through continuous improvement, innovation, and threat-led testing. Experience & Requirements 710+ years of experience in cyber security with proven expertise across both GRC and technical domains. Advanced knowledge of security architecture and practical experience with Palo Alto Firewalls, Darktrace, IDS/IPS, endpoint security, and DDOS protection. Strong understanding of network technologies (TCP/IP, VPN, virtualisation, cloud environments). Demonstrated success in leading teams, managing projects, and influencing stakeholders at all levels, including board and executive committees. Solid track record in regulated environments (financial services preferred; other regulated industries considered). Proven ability to manage audits, especially SWIFT CSP, and to oversee SIEM monitoring and alert management. CISSP (or equivalent) is essential; knowledge of ISO 27001, ITIL, and related frameworks is a plus. A balanced skillset that combines technical authority with regulatory expertise, strategic thinking with hands-on execution. Whats on Offer A competitive remuneration package A flexible hybrid working policy designed around collaboration and work-life balance. The opportunity to own and shape the entire IT Security function in a leading financial services firm at a pivotal time. Brightwater Executive has been retained exclusively for the search of this Head of IT Security. Click to Apply or for more information and a confidential discussion contact Estelle Davis, Chief Development Officer at Brightwater Executive. Skills: Cyber Security GRC Networks Palo Alto CISSP