
How your CV stacks up
Upload your CV to see how well it fits this job role
?%
IT Security Lead / CISO Roles
Location: Birmingham, Leeds, London | Hybrid Working Flexibility
About the Role
We are searching for a senior IT security leader to spearhead our information and cybersecurity posture across the firm. This is a new leadership position with broad accountability for security strategy, standards, controls, and services, aligned with CISO-level capabilities.
You will champion a proactive, risk-based security approach, embedding it into technology development, delivery, and operations. Collaborating closely with Governance & Risk, Architecture & Data, and Platforms & Operations, you’ll fortify the firm against evolving threats while accelerating secure innovation.
Key Responsibilities
-
Govern & Oversee Security Strategy
- Define and implement a security strategy, standards and controls tailored to ISO 27001, Cyber Essentials Plus, and the firm’s data, AI, and innovation strategies.
- Align security initiatives with Cyber Essentials Plus and regulatory expectations.
-
Operational Uptime & Threat Response
- Lead security operations, including SOC (Security Operations Centre), SIEM (Security Information & Event Management), XDR (Extended Detection & Response), vulnerability management, and incident response.
- Safeguard against evolving threats via robust detection and mitigation protocols.
-
Embed Security by Design
- Integrate security into projects, PRIs/DOAPs, change processes, and solution architecture (e.g., identity (IAM), endpoint security, cloud (ICA, governance), network security, email security, and secure remote access controls).
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
-
Collaborate with Governance & Risk
- Maintain and enhance the Information Security Management System (ISMS).
- Drive compliance audits, risk assessments, and ensure adherence to regulatory and client expectations.
-
Stakeholder Reporting & Culture Development
- Deliver clear, actionable insights on security posture, risks, incidents, and improvement plans for both technical and non-technical stakeholders.
- Foster a secure working culture through awareness training, secure behaviour guidelines, and practical cybersecurity awareness initiatives.
Required Experience & Skills
We’re seeking a detail-oriented leader blending cybersecurity expertise with pragmatic execution and strong stakeholder management capabilities. Key requirements include:
-
Security Leadership
- 10+ years’ experience in senior IT security roles with exposure to CISO-level responsibilities.
- Demonstrated ability to interpret risk frameworks (ISO 27001, Cyber Essentials Plus, CIS Controls, NIST) and translate them into practical controls.
-
Security Operations & Compliance
- Hands-on experience with SOC/SIEM management, incident response, threat hunting, vulnerability assessment, and patch management.
- Proven knowledge of identity & access management (IAM), Zero Trust (ZTNA), cloud security, and endpoint protection.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
-
Consulting & Collaboration Skills
- Premium experience in a SaaS / professional services firm, managing vendors, teams, and managed security services (MSSPs).
- Strong ability to articulate technical risks and progress to non-technical stakeholders, executive teams, and legal/compliance specialists.
-
Analytical Leadership
- Pragmatic mindset, outcome-focused approach, and ** forwardsighted resilience** to thrive under pressure.
What We Offer
A Strategic Opportunity
- Shape a new security leadership role at a tech-driven firm where innovation in delivering client solutions is core.
- Multi-disciplinary impact across network infrastructure, cloud governance, email security, and secure collaboration.
An Inclusive Culture Capsticks is an equal-opportunity employer prioritising diversity, inclusivity, and accessibility.
We commit to: ✔ Flexible working arrangements to support all ways of working. ✔ Reasonable adjustments to ensure fairness throughout recruitment and employment.
If adjustements are required for the application/interview process, please contact the Recruitment Team at Careers@capsticks.com.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location