Head of IT Security; M4

Head of IT Security

At Mace, our purpose is to redefine the boundaries of ambition. We believe in creating places that are responsible, bringing transformative impact to our people, communities and societies across the globe.

Provides overall leadership, direction, management and execution of all aspects of Information Security support to Digital and the wider business, including management of audit, risk and control matters for the Digital department. Responsible for maintaining the organisation’s certifications including Cyber Essentials and ISO
27001, supporting the pursuit of new certification and accreditation programs as well as supporting bids and projects with specific requirements.

• Provide leadership, direction and manage execution of all aspects of Information Security for the organisation and Digital, including technology governance, policies, processes and controls.
• Promote the importance of effective information security measures and procedures across all business units.
• Define information security policies, processes and best practices across business units that establish clear guidelines for handling security matters and managing risk.
• Evaluate information security and technology risk and integrate with risk management processes, providing information security direction and advice to business and technology projects as required.
• Advise on the design, implementation and maintenance of specialised hardware and software that secures the information technology environment, ensuring that applications are appropriately secure and aligned with corporate security standards.
• Identify and define gaps in security technology environment and advise on appropriate operational or technology intervention to address those gaps.
• Interface with internal and external auditors, regulators, Legal/Compliance and senior management on security matters.
• Establish and maintain activities and procedures to monitor the environment for suspicious activity or threats.
• Define and implement escalation processes to identify and review critical security incidents and provide assistance in the coordination of responses to security incidents.
• Advise the business on appropriate best practices to address information security related findings and ensure external audit reports, providing management for the technology aspects of internal and external audit requirements.
• Maintain and implement security aspects of data protection and privacy legislation, standards and regulations, including security aspects of third‑party contracts, service level agreements, etc.
• Ensure information security matters are integrated and managed within the ICT team to ensure implementation.
• Work collaboratively towards the common goal of net zero carbon transition and share responsibility for the proactive identification and management of the associated carbon emissions and reductions during the delivery of work.

• Developing and executing Mace’s global IT security strategy aligned with business objectives.
• Leading the design and implementation of security policies, standards, and frameworks.
• Managing risk assessments, vulnerability testing, and incident response processes.
• Overseeing compliance with relevant regulations (e.g., GDPR, ISO 27001) and industry standards.
• Building and maintaining strong relationships with internal stakeholders and external security partners.
• Driving security awareness and training programs across the organization.
• Leading and mentoring the IT security team to ensure capability and resilience.

• Proven experience in a senior IT security leadership role.
• Degree in Information Security, Computer Science, or related discipline (or equivalent experience).
• Strong knowledge of cybersecurity frameworks, risk management, and compliance standards.
• Experience in developing and implementing enterprise‑wide security strategies.
• Ability to influence and engage senior stakeholders, including C‑Suite.

• Professional certifications such as CISSP, CISM, or equivalent.
• Experience managing security in complex, global organizations.
• Strong understanding of cloud security, network security, and emerging technologies.
• Excellent leadership, communication, and stakeholder management skills.
• Knowledge of how sustainability and carbon considerations impact technology and security.

Primary

Location:

GB‑GB‑London
Organization:
Mace Construct Limited

Schedule:

Regular
Job Type: Full‑time
Job Posting: 11‑Dec‑2025

Mace is an inclusive employer and welcomes interest from a diverse range of candidates. Even if you feel you do not fulfil all of the criteria, please apply as you may still be the best candidate for this role or another role within our organisation.