Head of Information Security - Specialty Insurance

Head of Information Security | London | Hybrid | Contract - £780-£830 per day | Outside IR35

Head of Information Security urgently sought by a leading Insurance business.

A leading global Specialty Insurance organisation is seeking an accomplished Head of Information Security to oversee & drive several critical pillars of its security programme. This is a senior leadership role offering the opportunity to influence security strategy at scale, shape global standards, & safeguard a rapidly growing, technology driven financial services group.

Please note:

+ This role is Hybrid & require 3 days per week in the London office

+ Candidates MUST come from a highly regulated Financial Services background - with preference for Specialty Insurance Industry. Candidates without key industry experience will not be considered.

Role

In this role, you will work closely with the Group CISO to lead core security domains including:

• Third Party Security Risk Management
• Data Loss Prevention (DLP)
• Policy Governance
• Security Training & Awareness
• Identity & Access Management (IAM)

You'll be responsible for ensuring global alignment of security practices, shaping policy frameworks, refining controls, & managing the operational execution of key security initiatives. This is a highly collaborative position that partners with technology, legal, procurement, compliance, risk, & audit stakeholders across multiple regions.

Key Responsibilities

• Lead a high performing security function & contribute to broader security strategy & planning.
• Oversee the global approach to third party risk, including assessment frameworks, onboarding processes, ongoing monitoring, & vendor management.
• Own DLP strategy end to end, continually tuning rules, driving incident response processes, & maturing protective controls.
• Maintain & evolve the organisation's suite of security policies & standards, ensuring alignment with emerging threats & global regulatory requirements.
• Build & deliver a company wide security awareness & training programme that measurably reduces risk.
• Direct the IAM agenda, including provisioning, access governance, & privileged access management, in partnership with IT.
• Act as a key representative during audits, external reviews, & regulatory engagements.
• Support coordination of major cyber incidents when required, working in close partnership with the CISO.

Key Experience:

• Extensive leadership experience in information security governance within a regulated financial services environment - candidates outside this sector will not be considered.
• Specialty insurance experience is preferable & will significantly strengthen your ability to lead effectively in this environment.
• Strong grounding in ISO 27001, NIST CSF, or similar frameworks.
• Deep understanding of DLP technologies, insider threat risk, & regulatory data protection obligations.
• Experience delivering mature third party risk management programmes.
• Solid knowledge of global regulatory requirements (e.g., GDPR, NYDFS, DORA, APRA CPS 234).
• Expertise in IAM/PAM across enterprise & cloud environments.
• Excellent communication skills with the ability to influence senior stakeholders & simplify complex requirements.

You'll be joining a highly respected financial services group that invests heavily in technology innovation & security maturity. This is a chance to impact a global programme, work alongside exceptional leadership, & play a pivotal role in protecting an organisation at the forefront of its sector.