Head of Cyber Security

Affinity Water have a new and exciting opportunity available.

We are seeking an experienced and strategic Head of Cyber Security to lead and evolve on our cyber security function.

The Role:

The Head of Cyber Security is responsible for leading the organisation’s cyber security strategy, governance and operational capability to protect systems and services that are critical to the delivery of essential services to our customers.

As the Head of Cyber Security, you will ensure the organisation can effectively manage cyber risk, maintain operational resilience and respond to cyber threats in line with Board and regulator expectations.

What you'll be doing:

The Head of Cyber Security leads Cyber security activities for the business, managing information security, technology and cyber risk to the company’s IT facilities and information from internal and external threats; advises the company at a strategic level on existing and emerging threats; and owns and develops the necessary cyber security policies, standards and guardrails.

Some of those responsibilities include:

• Define and deliver the cyber security strategy and architecture, aligned to business priorities and risk appetite.

• Provide leadership and expert advice to executive leadership, the Board, executive committees and operational data forums.

• Develop, implement and monitor a strategic, comprehensive enterprise cyber enhancement programme.

• Maintain strong programme financial governance and transparent reporting of status, risks and issues to internal and external stakeholders.

• In close collaboration with the Data Protection function, ensure compliance with regulatory and legal obligations (including NIS and the UK GDPR).

• Own the cyber risk framework, including identification, assessment and mitigation of risk.

• Oversee security operations, including threat monitoring, vulnerability management and incident response.

• Lead assurance activities, maturity assessments and audit responses and drive progress towards achievement of ISO 27001 certification.

Full job description can be provided upon request. Please reach out to the Talent Acquisition Partner

What you need:

• Proven Senior leadership experience in cyber security or information security.

• Demonstrated experience operating in regulated, high-availability or critical national infrastructure (CNI) environments.

• Proven delivery of cyber strategy, risk management and incident response.

• Extensive experience of working with regulators, auditors and senior stakeholders.

• Relevant professional certifications such as CISSP, CISM, CRISC, GIAC, CCSP, ISO 27001 Lead Implementer/Auditor, or recognised OT security qualifications.

• Strong understanding of cyber security frameworks and standards (e.g. NCSC CAF, ISO 27001, NIS Regulations).

• Proven delivery of cyber strategy, risk management and incident response

• UK Driving Licence.

Advert Closing Date: 30/6/26

Benefits:

• Salary: Upto £105,000 (salary dependant on skills and experience)

• Hours: 08:30am - 17:00pm (Mon - Thurs) 08:30am - 16:30pm (Fri)

• Senior Management Bonus

• Learning and development opportunities, including mentoring and a range of formal courses and open learning resources.

• Entry into the company annual bonus scheme.

• Annual leave from 26-30 rising with length of service, and the option to purchase up to 5 extra days.

• A ‘Celebration Day’ in addition to public holidays that people can use to celebrate a religious festival or other occasion that is important to them.

• A generous 'double match pension scheme' that doubles the contributions you make (company contribution capped at 12%)

• We offer a range of family benefits including enhanced Maternity, Adoption, Paternity, Shared Parental Leave, Fertility Support Leave and up to 5 full or 10 half days of paid Carers Leave.

• Menopause policy and Reasonable Adjustment policy to help everyone perform at their best.

• Access to our Wellbeing Centre with support for looking after your physical and mental health.

• Discounts at a Range of Retail Outlets through our Tap4Perks scheme

• Discounts on Dental and Medical Insurance through our Tap4Perks scheme through salary sacrifice

• Up to 4 Affinity days a year to volunteer in the community.

• Life Assurance.

Disability Confident

As a Disability Confident employer, we’re committed to offering interviews to disabled candidates who meet the essential criteria and opt in on the application form. Ask the Talent Acquisition lead for the full job description to see all the criteria. If we have a very high volume of applicants and we’re not able to offer interviews to all, we’ll take a fair and proportionate number of disabled candidates through.

Affinity Water recognises the benefits of greater diversity in our workforce to better reflect the communities we serve. We are committed to building a more inclusive culture where every member of our workforce can thrive.

You can find out what it’s like to work at Affinity Water through our career site where our colleagues share their career development stories and you can get a feel for our company culture.