Comtecs Group
Head of Information Security

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Head of Information Security - CISSP, CISM, ISO27001, NIST, PCI DSS, GDPR, DevSecOps, Cloud Security, SIEM, SOC, AI Security
Permanent, West London, Hybrid Working. c.£100k + Benefits
Head of Information Security / CISO / Senior InfoSec Consultant required to lead and develop a modern, security-first function within a growing technology business. Reporting to the CTO, you'll combine strategic leadership with a hands-on technical approach, working closely with Engineering, Infrastructure and Operations teams to embed security across the organisation.
NOTE: This vacancy is offered by the IT Recruitment Division of Comtecs and is based in London.
The role will adopt Information Security strategy, governance, risk and compliance while implementing practical security controls, automation and DevSecOps best practice. This is an excellent opportunity to influence technology strategy, lead security initiatives and help shape a mature, AI-enabled security capability whilst remaining hands-on in the early stages. In time, you will build a small team of InfoSec and Cyber Security Analysts around you.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Key Responsibilities
- Define and deliver the Information Security strategy, policies and governance framework.
- Define and develop robust security controls inline with both business practices and compliance requirements inc ISO27001, CE+, SOC2, NIST CSF, GDPR and PCIDSS.
- Embed Secure by Design and DevSecOps principles across engineering teams.
- Lead cyber risk management, incident response, threat modelling and vulnerability management using a range of contemporary tools.
- Drive AI and automation to enhance security operations and threat detection.
- Oversee third-party security, supplier assurance and client audits.
- Recruit, mentor, lead and develop the Information Security team.
As such, we're looking for candidates with experience leading Information Security or Cyber Security functions within technology-led organisations. You will possess:
- CISSP, CISM or equivalent security certification.
- Strong knowledge of ISO27001, NIST, PCI DSS, GDPR and Information Security Governance.
- Experience developing security strategy, GRC and cyber risk programmes including definition of security controls.
- Strong technical knowledge across cloud, network, endpoint, application and data security.
- Experience with SIEM, SOC, vulnerability management and incident response.
- Knowledge of DevSecOps, security automation and modern cloud environments.
- Excellent communication, stakeholder management and leadership skills.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
You may have been working as a CISO, Information Security Manager, Cyber Security Consultant or within another senior InfoSec/CyberSec capacity which has granted you experience in both security control definition and hands-on practical management of security threats and incidents including vulnerability scanning and penetration testing.
This is an outstanding opportunity to join a forward-thinking organisation where you'll shape the security strategy, influence technology direction and build a modern Information Security function using the latest cloud, automation and AI technologies.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location