Industrial Security Senior Manager overseeing a team at Boeing to implement security policies and mitigate risks. Responsible for compliance, training, and liaising with security representatives.
About the role
- Head of Information Security at Aurora shaping security strategy and governance in a software-focused global business. Leading security efforts to ensure resilience and compliance across operations.
Responsibilities
- Define, maintain and evolve Aurora’s Information Security strategy, roadmap and target operating model to support business growth, product development and international expansion
- Lead and develop the Information Security function, building organisational capability through a combination of central leadership, cross-functional influence and clear ownership across the business
- Lead Information Security governance, risk and assurance activities, ensuring clear reporting, effective escalation and risk-informed decision-making at executive level
- Maintain Aurora’s Information Security risk management framework and risk register, ensuring key risks are identified, prioritised, communicated and addressed appropriately
- Provide assurance to internal and external stakeholders that Aurora’s security controls are effective, proportionate and aligned to business, customer and regulatory requirements
- Lead security assurance and certification activities, including ISO 27001, SOC 2, and related audit readiness, while contributing to the continued evolution of Aurora’s wider security and compliance operating model
- Partner with Legal and other relevant stakeholders on data protection, customer and supplier due diligence, contractual security commitments and third-party risk management
- Help define how security responsibilities and capabilities are allocated across Aurora’s technology, legal/compliance and business functions, ensuring clear accountability, effective challenge and strong delivery
- Drive security by design across Aurora’s products, platforms, systems and infrastructure, working closely with engineering and technology leaders to embed secure architecture, secure development lifecycle practices and appropriate technical controls
- Strengthen capabilities across core security domains including identity and access management, privileged access, vulnerability management, incident response, disaster recovery, data protection, security awareness and supplier security
- Work closely with stakeholders at all levels of the organisation, including operational teams such as People & Culture, Business Infrastructure & Operations and Finance, to support audits, evidence gathering, control improvement and the effective adoption of security requirements across the organisation
- Lead response to significant information security incidents, acting as a senior decision-maker during crisis situations and driving post-incident learning and improvement
- Build a strong, pragmatic security culture across the organisation through effective awareness, engagement, coaching and leadership
- Manage the Information Security budget, financial forecasts and investment cases, ensuring that spend is aligned to Aurora’s risk profile and strategic priorities
- Provide trusted advice and challenge to senior stakeholders on emerging risks and opportunities, including those related to AI adoption, shadow IT, cloud services and evolving regulatory expectations
Requirements
- Significant leadership experience in Information Security, Cyber Security, or a closely related role within a technology-led, software-oriented and internationally operating business
- Strong technical credibility and sound judgement across key security domains, with sufficient depth to guide strategy, challenge decisions and work effectively with specialist software engineering and IT teams
- Broad experience across areas such as product/application security, cloud/infrastructure security, identity and access management, incident response, vulnerability management and security governance
- Proven experience developing and delivering an Information Security strategy in a way that balances risk reduction, business enablement and operational pragmatism
- Strong experience leading security risk assessments, threat modelling, incident management and remediation of security weaknesses in a structured, risk-based way.
- Significant experience managing external audits, customer assurance and recognised security standards/certifications such as ISO 27001 and SOC 2
- Experience influencing senior stakeholders and communicating clearly at executive level, including the ability to translate technical risk into clear business decisions and trade-offs
- Able to lead effectively through subject-matter experts, building strong partnerships with engineering, IT and business leaders to drive security outcomes across a shared-responsibility model
- A pragmatic, delivery-oriented mindset, with the judgement to know when to stay strategic and when to be hands-on
- Excellent communication, collaboration and relationship-building skills, with the ability to work effectively across technical, operational and non-technical functions, and to engage confidently with stakeholders at different levels of seniority
- Strong problem-solving skills, sound judgement and a bias for action
Benefits
- Private Medical Insurance
- Dental Insurance
- Parental Support
- Salary-Exchange Pension
- Employee Assistance Programme (EAP)
- Local Oxford Discounts
- Cycle-to-work Scheme
- Flu Jabs
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Director of Engineering, Security in charge of Nexxen's security program and governance. Leading secure practices and collaborating with executives to ensure risk reduction and compliance.
Health and Safety Manager designing and implementing safety measures in occupational health. Collaborating with organizational areas to manage risk factors and ensure workplace safety.
Lead Security Engineer at US Mobile building systems for the 21st century with a focus on fraud prevention and security integration across SDLC.
Business Development Representative at xorlab driving proactive lead generation in cybersecurity market. Collaborating closely with sales and marketing team to optimize lead development processes.
Cyber Security Architect responsible for IT security compliance and cyber - risk management at a Swiss utility firm. Engaging with cross - functional teams to implement 'Secure - by - design' strategies.
Information Security Officer ensuring cybersecurity at an IT service provider for food and beverage sector. Developing strategies and overseeing security protocols while reporting to management.
Senior Security Engineer specializing in penetration testing and security strategies for fintech. Collaborating with teams to enhance security for AI applications and financial systems.
Principal Cyber Security Engineer for Identity Access Management at MSK managing identity solutions and advanced identity platforms. Partnering with stakeholders to align identity strategy and lead IAM initiatives.
Join The Missing Link as a Security Engineer, leveraging 3 - 4 years of IT Security experience. Lead projects in a collaborative environment with a focus on innovation and impact.