Rodeo
ResourcesPartnersSign in

Public Sector Resourcing

Head of Information Security and Privacy

Croydon
Posted about 19 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Head of Information Security and Privacy (Inside IR35)

On behalf of The Pension Protection Fund (PPF) we are looking for a Head of Information Security and Privacy (Inside IR35) for a 6 month contract. Hybrid working with 2 days per week in Croydon.

About the Role

As a Head of Information Security and Privacy your main responsibilities will be to:

  • Develop and promote policies for sourcing and maintaining data, including compliance with regulations, standards and good practice relating to information management, security and protection, and quality assurance, including data cleansing.
  • Responsible for the research and awareness of emerging security risks, ensuring solutions, services, policies, procedures and IT security education programmes are updated in reasonable timeframes to mitigate against new risks.
  • Provide a Business Intelligence/Management Information Service to the PPF for information, cyber and data security.
  • Responsible for making sure that PPF is fully compliant with ISO 27001 by ensuring current and new data sources are fully compliant.
  • Ensure that all governance and audit requirements are undertaken in line with the IS27001 standards to maintain compliance in line with HMG guidelines, using third parties as required.
  • Ensure that the PPF is appropriately protected against data loss, Information and cyber risks that is aligned to the business needs.
  • Responsible for ensuring that the PPF is fully compliant with all security guidelines and the Code of Conduct, using third parties as required.
  • Responsible for Information Security reporting, including Annual DWP information security audit, and coordinate and submit the organisations’ annual PSN Code of Connection return to Government Procurement Services PSN team.
  • Manage internal and external security resources, ensuring roles, responsibilities and functions are undertaken.
  • Responsible for the management and reporting of any information, cyber or data incidents.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Essential

  • Experience in an Information Security Manager, Consultant or equivalent information security leadership role.
  • Proven experience implementing and maintaining Cyber Essentials and Cyber Essentials Plus accreditation programmes.
  • Demonstrable experience developing, implementing, and maintaining information security policies, standards, and procedures.
  • Experience leading or supporting GDPR compliance projects, including implementation and ongoing governance activities.
  • Strong understanding of information security controls, risk management frameworks, and security governance practices.
  • Good knowledge of ISO 27001 requirements, ideally gained through direct involvement in achieving or maintaining certification within a previous organisation.
  • Experience presenting security metrics, risks, and performance reports to senior stakeholders, leadership teams, and governance committees.
  • Ability to build and maintain effective working relationships with both internal and external stakeholders.
  • Excellent written and verbal communication skills, with the ability to convey complex security concepts to technical and non-technical audiences.
  • Strong organisational and planning skills, with the ability to manage competing priorities and deliver to tight deadlines.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Desirable

  • Relevant Information Security certifications.
  • ISO 27001 Lead Auditor certification, or equivalent auditing experience.
  • Experience within the Public Sector, Financial Services, Pensions, or other regulated industries.
  • Knowledge of data protection legislation, processes, and best practices.
  • Experience managing third-party suppliers and security vendor relationships.

Please be aware that this role can only be worked within the UK and not Overseas.

In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Information Security
Cyber Security
GDPR Compliance
ISO 27001
Risk Management
Data Protection
Policy Development
Incident Management
Stakeholder Engagement
Security Governance
Data Cleansing
Audit Management
Third-Party Management
Communication Skills
Organizational Skills
Planning Skills

Location

Croydon, England, United Kingdom

Sign up to applySee more jobs like this