Head of Cyber Security

About the team

We’re building something new and important. This brand-new role sits at the heart of our Technology Services team, reporting directly to the Assistant Director. Our team is responsible for the digital foundations that power the organisation’s work- and cyber resilience is critical to that mission. As our services evolve and expand, we need an expert voice to lead on all aspects of cyber security and ensure our defences are as smart and adaptive as the threats we face.

This is a strategic opportunity to shape the NMC’s approach to cyber resilience from the ground up, while working closely with colleagues across all functions to keep our systems, data and services safe.

About the role

Salary Details

London - £79,017-£87,797

Edinburgh - £73,571- £81,746

As Head of Cyber Resilience, you’ll lead and drive the NMC’s security agenda- embedding resilience into everything we do. You’ll be the organisation’s go-to expert on cyber threats, guiding our response to evolving risks and ensuring we're ready for anything.

You’ll be a visible, trusted leader who not only defines our cyber security strategy but also brings it to life across the organisation. Whether supporting senior leaders, collaborating with peers across IT and operations, or building awareness among staff, your influence will reach far and wide. This is your chance to leave a lasting impact on how we protect what matters most.

• Set the strategic direction for cyber resilience, ensuring our approach is modern, pragmatic, and future-ready.
• Lead the implementation of robust security policies, controls and standards across infrastructure, applications, and cloud services.
• Build strong relationships across the organisation, translating complex risks into clear, practical advice for both technical and non-technical audiences.
• Champion a security-first mindset through training, engagement and awareness campaigns.
• Own our incident response and recovery planning, ensuring we’re always ready to respond and recover.
• Oversee audits, risk assessments and compliance work aligned with ISO 27001, Cyber Essentials, NIST and other frameworks.
• You’ll combine strategic oversight with practical know-how—ensuring our digital services remain secure, trusted and resilient.

About you

We’re looking for a confident leader with deep expertise in cyber security and a passion for enabling secure innovation. You’ll bring:

• Proven experience leading cyber security or resilience functions at an enterprise level.
• Strong knowledge of current and emerging cyber threats, technologies and regulatory requirements.
• The ability to make the complex simple—translating technical detail into meaningful action and advice.
• Experience with frameworks such as ISO 27001, Cyber Essentials, NIST, and robust incident management.
• Relevant certifications such as CISSP, CISM, or equivalent.
• A collaborative mindset and a proactive approach to risk—balancing security with the needs of a modern, service-driven organisation.
• You don’t need to have all the answers on day one, but you do need the curiosity, resilience and leadership to shape our future.