Chief Information Security Officer (CISO)

Contract Details (placeholders)

• Engagement: Contract/Freelance
• Duration: Initial 12 months (extensions likely)
• Location: UK - on-site/data centre based (some hybrid may be possible, subject to clearance and access constraints)
• Day rate: Competitive/DOE
• Start: ASAP

Overview

We're looking for a senior CISO/Head of Information Security to join on a contract/freelance basis in the UK, working in a secure data centre environment. This is a hands-on senior leadership role for someone with deep network security roots who can set direction, govern effectively, and drive security outcomes in a high-assurance setting.

Clearance Requirement (must hold one - active)

• SC, or
• DV/MoD-DV, or
• eDV, or
• NPPV3, or
• NATO COSMIC Top Secret

Key Responsibilities

• Own and execute the information security strategy and roadmap for a secure, regulated environment.
• Provide senior security leadership across risk, governance, architecture, and operations.
• Act as the key security advisor to senior stakeholders, ensuring informed decisions on risk, investment, and delivery priorities.
• Lead security governance: policies, standards, exceptions, and risk acceptance aligned to organisational controls.
• Drive a strong security posture across a secure data centre environment, including:
• Network security architecture (segmentation, secure zones, boundary protection)
• Perimeter security, secure remote/admin access, privileged access controls
• Firewalls, IDS/IPS, WAF (where applicable), NAC, secure DNS, network monitoring
• Logging/SIEM alignment and operational monitoring requirements
• Oversee incident response planning, readiness, exercises, and major incident leadership.
• Partner with infrastructure/engineering teams to ensure secure-by-design delivery and change governance.
• Lead third-party assurance for relevant suppliers and technology partners supporting the environment.
• Produce concise, decision-ready reporting: security posture, key risks, remediation progress, and priorities.

Required Experience & Skills

• Proven experience as a CISO/Head of InfoSec/Security Director (or equivalent senior security leader).
• Strong background in network security within secure or regulated environments (data centre, defence, government, policing, CNI, finance, etc.).
• Demonstrable capability across:
• Security governance & risk management (pragmatic, outcomes-focused)
• Security architecture and control design for on-prem/data centre environments
• Security operations leadership and incident management
• Excellent stakeholder management and communication skills-able to translate risk and controls into clear business decisions.
• Able to operate effectively as a freelance consultant: autonomous, accountable, and delivery-focused.

Desirable (Nice to Have)

• Experience in secure data centre operations, accreditation-style environments, and strict change control.
• Zero Trust/modern network security patterns (segmentation, identity-led access, continuous monitoring).
• Familiarity with relevant standards (eg, ISO 27001/NIST) and audit readiness.
• Certifications such as CISSP/CISM/CCSP (useful, not essential).