Head of Information Security

Scania Great Britain

Role: Head of Information Security
Location: Hybrid - Milton Keynes
Reports to: Digitalisation & IT Director 
Type: Permanent, Full Time  
Salary: Competitive, plus an excellent benefits package

The Head of Information Security will provide strategic leadership for the organisation’s Information and Cyber security programme, ensuring alignment with the company’s business objectives and risk appetite. This individual will focus on commercial operations and financial services business units (UK, EU/NE), accountable for ensuring local market compliance whilst adhering to the broader/parent company’s information security policies. Accountable to the executive board, the Head of Information Security will also work closely with local security officers in each market to drive the implementation of robust, market-specific security policies, fostering a culture of security awareness and resilience.

In this role you will:
Own Strategic Leadership, Policy Development & Enablement of Cultural Shift.
•    Define and implement the strategic direction for information and cyber security across UK and European commercial and financial services business units.
•    Operate within a matrix organisational structure to ensure adherence to parent company policies, while developing and managing local policies tailored to market-specific risks.
•    Build a ‘compliance-first’ culture across the organisation to spearhead and embed information and cyber security into the DNA of the organisation, leading by example.
•    Ensure effective communication across all levels and demonstrating the ability to influence senior leadership and teams across UK and EU.
•    Collaborate with the central Group Information Security function to align local security practices with global standards, ensuring consistency and adherence to corporate policies.
•    Use knowledge of security best practices to translate standards and policies into tangible deliverables for implementation and enforcement in the UK and EU markets.

Deliver Operational Oversight and Governance.
•    Establish and maintain a comprehensive cybersecurity framework to protect sensitive customer and business data.
•    Develop risk management strategies and oversee risk assessments to identify vulnerabilities and mitigate threats.
•    Monitor regulatory requirements and ensure the organisation's compliance with relevant standards (e.g., GDPR, ISO 27001).
•    Work with IT operation and network infrastructure team to advise and guide them on security architecture requirements, gaps and opportunities.
•    Ensure compliance with UK and EU data protection laws, industry regulations, and other relevant security requirements, working in collaboration with legal and compliance teams.
•    Accountable for being the 1st line of defence, proactively supporting management and colleagues in information best practice processes, procedures and guidelines.

Oversee Risk, Compliance & Incident Management.
•    Proactively identify all information security compliance requirements and risks (e.g. in line with group policy, UK/EU regulation), establish baselined and proactively act to remediate gaps to ensure UK/EU markets are on the front foot when it comes to compliance/audit.
•    Lead the response to cybersecurity incidents in the UK and EU markets.
•    Oversee the development of incident response plans and ensure readiness to handle security breaches or cyberattacks.

Promote Collaboration and Stakeholder Engagement.
•    Provide regular updates to the executive board on security risks, compliance, and key initiatives.
•    Promote security as a business enabler, fostering cross-departmental collaboration to embed security practices into day-to-day operations.
•    Work closely with legal teams to interpret and apply relevant cybersecurity laws and regulations, providing guidance on legal implications related to security practices.
•    Establish and chair a regional security governance committee, providing oversight, guidance, and decision-making on security matters specific to the UK and EU markets. 
•    Mentor and support local security officers in their roles, offering hands-on guidance to address operational challenges.
•    Deliver training programs to enhance the security capabilities of local teams and ensure effective incident response readiness.

About you: 
•    Bachelor's or Master's degree (or formal qualifications) in Information Security, Cybersecurity, or a related field (preferred)
•    Proven experience as a senior information security leader, ideally in a matrix organisation with multi-national operations.
•    Deep understanding of commercial and financial services industries, with experience managing security in these domains.
•    Expertise in developing and implementing information security policies, frameworks, and risk management strategies.
•    Strong knowledge of regulatory and compliance requirements (e.g., GDPR, PCI DSS, ISO standards).
•    Exceptional leadership and communication skills, with the ability to influence stakeholders at all levels.
•    Experience in mentoring and supporting distributed security teams across multiple geographies.
•    Relevant certifications (e.g., CISSP, CISM, CISA) are strongly preferred.

If you’re interested in this role we’d love to hear from you. 

Closing date: 04/04/2025

Next steps:
1.    If you like the sound of this position, please apply today.
2.    A member of the Scania Recruitment team will contact you to discuss your application.
3.    If you are successful at that stage, you will be invited to have a conversation with the hiring manager.

We understand that every candidate is unique, and we strive to accommodate your needs. If you require any adjustments during the application process, please reach out to our Recruitment Team, we’ll be happy to discuss these with you.

Working for Scania is not just about the job. It’s about you too, and this is where the company goes the extra mile and provides an industry leading employment package.  We offer an excellent benefits package which includes a pension scheme, complementary life insurance, financial incentive schemes and discounts on major retail outlets including groceries.
At Scania we invest considerably in colleague development, and you can expect to receive comprehensive training and career progression not only in the UK but throughout our Global organisation.
We have a strong and supportive culture, where each individual is seen, respected and has the potential to contribute. We trust each other to act and make decisions, and we believe in a more flexible future workplace based on individual needs.  For us, diversity and inclusion is a strategic necessity. By having colleagues with the widest possible range of skills, knowledge, backgrounds, and experiences, we ensure we have the right people and together with an inclusive corporate culture, this drives our business forward. We want our colleagues to feel proud and happy to work for us, no matter where they are from or who they are, and we strive to achieve an inclusive and family-friendly environment for everyone.
Scania is dedicated to delivering exceptional products and services to our customers and the successful candidate will reflect our core values; CUSTOMER FIRST, RESPECT, ELIMINATION OF WASTE, RESPONSIBILITY and TEAM SPIRIT in all we do.