Skip to main content
Back to jobs

Ciso

External
iaggbs logoIaggbs · London-heathrow, UK
Full-timeOn-siteToday
Cloud SecurityComplianceGDPRIncident ResponseInformation SecurityLeadership
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role


Responsibilities

  • Cyber Strategy & Leadership
  • Define and communicate a clear Group Cyber Security Strategy aligned with business goals.
  • Influence Group executives, OpCo CISOs, Boards and senior stakeholders.
  • Drive cultural change that embeds security awareness and resilience.
  • Governance, Risk & Compliance
  • Own cyber policies and standards; ensure consistent adoption across OpCos.
  • Lead Group Cyber Risk Management in line with enterprise risk frameworks.
  • Ensure compliance with GDPR, NIS2, PCI-DSS and emerging regulations.
  • Performance, Insight & Reporting
  • Establish KPIs, dashboards and metrics for cyber maturity.
  • Provide insights and reporting to CIO, Audit Committee and Board.
  • Ensure timely reporting from SOC, Governance, Assurance and Performance teams.
  • Security Operations, Incident & Crisis Management
  • Provide oversight of SOC, CTI, CIRT and SOAR.
  • Lead high-impact incident response and crisis communications.
  • Ensure cyber resilience, continuity and recovery practices.
  • Technology & Architecture Governance
  • Guide secure design principles across technology roadmaps.
  • Influence cloud, data, infrastructure and platform security decisions.
  • Assess risks and opportunities from AI, automation and quantum computing.
  • Assurance & Quality Oversight
  • Oversee cyber assurance activities across OpCos.
  • Translate assurance findings into improvement plans.
  • Support delivery assurance where required.
  • People, Talent & Operating Model
  • Lead the Group Cyber & Technology Office leadership team.
  • Upskill teams and close capability gaps.
  • Ensure spans, layers and accountabilities remain fit for purpose.
  • Competencies (Level 2 - Director)
  • Strategic Leadership
  • Thinks enterprise-wide, anticipates future risks, and shapes long-term direction.
  • Influencing & Stakeholder Management
  • Engages senior executives and regulators with clarity and credibility.
  • Cyber & Technology Expertise
  • Deep understanding of cyber operations, governance, threat landscapes, and technology risk.
  • Change Leadership
  • Drives cultural adoption of security and leads through ambiguity.
  • Crisis & Incident Leadership
  • Responds decisively during major incidents with structured decision-making.
  • Talent Development
  • Builds high-performing teams and ensures future-ready capability.
  • Data-Driven Decision Making
  • Uses metrics, insights and analytics to shape strategy and priorities.
  • Required Skills, Qualifications & Experience:
  • Relevant Experience
  • Extensive experience (10+ years) in senior cybersecurity leadership roles in complex, multinational or regulated environments.
  • Proven track record overseeing Security Operations, Governance, Architecture, and Risk Management functions.
  • Experience interacting with Boards, Audit Committees, regulators, and external partners.
  • Direct experience leading major cyber incidents and crisis response.
  • Required Skills
  • Deep knowledge of enterprise cybersecurity frameworks (NIST CSF, ISO 27001, CIS Controls).
  • Strong understanding of cloud security, data protection, identity, and emerging technologies.
  • Exceptional leadership, communication, and stakeholder influence skills.
  • Ability to translate complex cybersecurity concepts into business language.
  • High analytical capability using metrics, dashboards, and performance insights.
  • Preferred Certifications
  • CISSP (Certified Information Systems Security Professional)
  • CISM (Certified Information Security Manager)
  • CRISC (Certified in Risk and Information Systems Control)
  • CCSP (Certified Cloud Security Professional)
  • SABSA or equivalent enterprise architecture certifications
  • ITI

Additional Information

Intl Consolidated Airlines Group UKFull time IAG GBS (Global Business Services) a part of International Airlines Group (IAG). IAG is one of the world's largest airline groups with 600+ aircraft carrying more than 122 million customers to 260 destinations across 91 countries each year. IAG brings together leading airline brands Aer Lingus, British Airways, Iberia, Level, Vueling. These are supported by IAG Loyalty that spans all its airlines and beyond, offering the global currency Avios and including BA Holidays, and IAG Cargo which delivers vital goods and produce around the world. These businesses are complementary to its core airline businesses. As the first airline group globally to commit to net zero by 2050, sustainability is a core part of IAG's strategy. IAG GBS drives efficiency and simplicity in providing centralised solutions in Finance Operations, Financial Planning and Analysis, Tax, Treasury, Audit and Airline services across IAG. We are headquartered in Kraków. Purpose of the role Role Purpose The Group CISO is accountable for protecting the organisation through strong cybersecurity leadership, enterprise-wide governance, and strategic oversight of cyber risk. The role ensures that the Group has secure, resilient, and efficient technology capabilities that enable OpCos to confidently lead digital transformation.


Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at iaggbs? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect