Head of Cyber Security

Responsibilities

• Cyber strategy & operating model: define and execute the Detection cybersecurity strategy aligned to business priorities and the separation roadmap; establish "Day 1 secure" and "Day 100 independent" outcomes.
• Security operations & incident response: lead Detection's incident management, response readiness, and crisis communications; ensure effective monitoring and detection via SOC/MDR partners; maintain playbooks and conduct exercises.
• Threat & vulnerability management: run vulnerability management across endpoints, servers, network and cloud; coordinate remediation with IT and product/engineering stakeholders; track risk exceptions.
• Identity & access security (with IT Ops/IAM): ensure strong IAM controls (MFA/SSO, privileged access, joiner/mover/leaver governance) and access reviews.
• Security architecture & engineering partnership: define security patterns/standards; partner with Enterprise Architecture and Solution Architects to approve designs; ensure security is built into programmes.
• Third-party and supplier security: oversee security requirements for vendors, including separation suppliers and managed services; assure contractual controls and evidence.
• Security metrics & reporting: build meaningful KPI/KRI reporting (risk posture, patch/vuln SLAs, incident trends, control health) for CIO, leadership, and (where required) customers/auditors.
• Security awareness & culture: drive practical security behaviours and training, tailored to Detection's environment
• Senior cybersecurity leadership across enterprise IT (and ideally global/multi-site environments)
• Strong incident response and operational security background; ability to lead under pressure
• Experience managing SOC/MDR, penetration testing, and security vendors with measurable outcomes
• Solid grasp of modern security controls: IAM/PAM, EDR, email security, network security, cloud security
• Risk-based thinking and ability to communicate trade-offs to business and technology leaders
• Experience in regulated / critical infrastructure / high-assurance customer environments
• Familiarity with security frameworks (e.g., ISO 27001, NIST CSF) and audit evidence expectations
• Exposure to product/OT security governance and supply-chain assurance (SBOM, vulnerability disclosure)
• Eligible to obtain UK SC level clearance.
• Education
• Bachelor's degree in Computer Science, Engineering, Information Security, or equivalent experience. Master degree is preferred.
• Relevant security certifications desirable (e.g., CISSP, CISM, CCSP, GIAC).
• To find out more about life at Smiths Detection check out our LinkedIn https://www.linkedin.com/company/smiths-detection/ and follow our story
• Join us for a great career and competitive compensation & benefits whilst keeping the world a safer place.
• Diversity & Inclusion:

Benefits

Additional Information

Own and lead Smiths Detection's enterprise cybersecurity posture through separation and into steady-state operations. Establish an effective security operating model (internal + vendors), reduce cyber risk, and ensure security is embedded into technology delivery and day-to-day operations. This is a hybrid role, Hemel Hempstead, Hertfordshire as the office location.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Smithsgroup2? Share your experience