Roles Search jobs

Head of Information and Cyber Security

Law Society

  • Permanent
  • London
  • £84,917 per year
Apply now
Back to job search
Reference:AQ3417
Specialisms:Membership, Not for profit, Technology
Date posted:16th February 2026
Closing date:2nd March 2026

Location: London, hybrid working

Salary: £84,916.80

About the Role

The Law Society is seeking an experienced and visionary Head of Information and Cyber Security to lead their enterprise-wide security strategy. You will define and deliver the security roadmap, manage information and IT risk, and embed a strong security culture across the organisation. Reporting to the Executive Director of Technology & Change, you will act as a trusted adviser, translating complex risks into clear business terms and ensuring they remain secure, resilient, and agile.

Key Responsibilities

  • Provide strategic leadership for information and cyber security across the organisation.
  • Define and implement the security roadmap, ensuring compliance with regulatory frameworks.
  • Manage enterprise-wide security and IT risk, including risk registers, control testing, and executive reporting.
  • Develop and embed a cross-organisation security awareness culture.
  • Oversee security operations and incident response at a leadership level.
  • Ensure robust business continuity, disaster recovery, and operational resilience frameworks.
  • Design and manage security assurance and audit programmes.

About You

We’re looking for a proven security leader with:

  • A track record in leading enterprise-level information security functions or programmes (Head of, Deputy CISO, or equivalent).
  • Deep knowledge of governance, risk management, compliance, and frameworks such as ISO 27001, GDPR, Cyber Essentials, and NIST.
  • Ability to balance security risk with business agility using a pragmatic, risk-based approach.
  • Experience developing and embedding security awareness across an organisation.
  • Strong expertise in cloud security (Azure, M365), data protection, identity & access management, and modern security tooling.
  • Understanding of AI, automation, and emerging technology risk management.
  • Leadership experience in security operations and incident response.
  • Knowledge of business continuity, disaster recovery, and operational resilience frameworks.
  • Experience designing and managing security assurance and audit programmes.
  • Must have practical knowledge and implementation of either ISO27001 or NIST.
  • Competent of speaking to committees and board in relation to audit actions and explaining security risks.
  • You should be able to translate security/technical issues into business language.
  • You must have experience in running Senior level tabletop Cyber Incident exercises.

Why Join Us?

This is a unique and exciting opportunity to shape the security posture of a leading professional body, ensuring resilience and trust in their systems and services. You’ll work at the heart of the Technology & Change function, influencing strategy and enabling innovation.

Closing date – 2nd March 2026

Apply now Click here to learn more about the role

Law Society

Learn more about the role here
Any questions?

If you have any questions about your application, please get in touch.

Contact

Grace Tattersall

+44 (0)7510 384 761

grace.tattersall@andersonquigley.com
LinkedIn