Are you a seasoned security professional looking for an exciting leadership opportunity?

We are seeking a Head of Security Operations to join our Technology Operations Leadership Group at Penguin Random House UK.

This senior role will blend strategy with operational delivery and technical expertise, supporting the IT Leadership Team, Business Community and the wider IT organisation. As the Head of Security Operations, you will be responsible for leading the Security Operations function, managing a team of Security Analysts and subject matter experts. Your role will involve directing the reactive, proactive and operational governance elements of operational security, and ensuring the continual improvement of the function's ability to prevent, detect and respond to threats and security incidents.

In this role, you will be accountable for creating, developing and implementing the short, medium and long-term security operations strategy & roadmap, ensuring that operational security capabilities support our business priorities. You will be responsible for managing the performance of contracted service providers for security services, providing thought leadership, and ensuring all operational security investments are fully leveraged to protect the our business. Working closely with the Information Security Architect and the Director of Information Security, you will ensure that future roadmaps incorporate changes in governance or compliance requirements, and that operational activities meet our Information Security requirements.

If you are passionate about driving operational security processes and ensuring Penguin Random House’s Cyber Threats are identified, tracked, and preventative controls are effectively applied, we want to hear from you.

Your responsibilities will include:

• Driving operational excellence and continuous improvement in security operations with authority and autonomy.

• Providing technical and organisational leadership for the Security Operations function.

• Developing and implementing an appropriate operating model for Penguin Random House Security Operations in alignment with Penguin Random House and Bertelsmann group security policies and requirements.

• Ensuring effective deployment of security solutions within technology operations, including but not limited to Network, Perimeter and OT Security, End Point Protection, DLP Controls, Application Security Controls, Threat and Vulnerability Management, Security Incident and event monitoring, Cloud Security Controls, Unstructured data security, Email Security, Privileged account management & oversight, Security Testing, and Posture Management.

• Serving as the primary authority for operational security decisions and escalate non-compliance with Penguin Random House or Bertelsmann standards.

• Driving ongoing improvements to operational security capabilities.

• Developing situational leadership skills within the Security Operations team to enhance their capability in identifying and leading security incident response.

• Establishing technical security standards, processes, and guidelines to support Penguin Random House’s Information Security policy deployment.

• Conducting internal security reviews for adherence to security policies and standards.

• Managing an Operational Security Risk Register and ensure fit-for-purpose procedures are in place for all security operations activities, including incident response.

What you will bring:

• A proven track record of establishing or developing an Operational Security Team as either a Manager or Team Lead.

• In-depth understanding and experience of day-to-day activities and priorities in a Security Operations environment.

• Strong strategic understanding with the ability to act pragmatically and with pace.

• Proactivity and a positive and continual improvement mindset, identifying opportunities for improvement and taking initiative to deliver.

• Outstanding verbal, written, and interpersonal communication skills, including the ability to influence strategic decision-making and convey confidence and professionalism when representing our Security and Technology Support teams.

• Extensive experience in leading organisations through significant cyber security incidents.

• Demonstrated knowledge and practical application of security controls within a commercial industry.

Application instructions

Please apply with your CV by 11:59pm on Sunday 4th May.

• Please note we are looking for someone to join the team as soon as possible, but we are also happy to accommodate a reasonable notice period for the right candidate.

• We anticipate a two-stage interview process which will include a virtual first-stage interview and in-person second stage interview. We are happy to discuss this further with you throughout the recruitment process.