Head of Security Operations

Date: 01-Aug-2019

Location: Chesterfield, GB, S49 1HQ

Company: Royal Mail Group

Job reference number 102449

Head of Security Operations

Full time


Rowland Hill House


Job purpose

The Head of Operational Information Security is responsible for the smooth business as usual operation of Information Security controls within Royal Mail Group. This hands-on role will lead the delivery and continual improvement of a variety of critical Information Security controls.


Key accountabilities

  1. Leadership. This position will be responsible for up to 10 roles (both permanent and temporary), ensuring clear job descriptions are in place, objectives are set and reviewed on a regular basis and to support the ongoing career development of the team.
  2. We need to get the most out of our IT partners. This role will provide technical leadership in ensuring there are clear roles & responsibilities between RMG and our 3rd party IT suppliers, we measure, on a regular basis, their performance and we are getting the maximum value from our 3rd party IT Suppliers
  3. Vulnerability Management. This role will assist in setting the strategy and the execution of Vulnerability Management by ensuring regular testing and remediation takes place.
  4. Security Testing. The role will define and lead on our Security Testing initiatives, for example, developing a Penetration Testing strategy across Royal Mail.
  5. Information Security Certifications. The role will be responsible for defining, leading activities to achieve and maintaining our Cyber Security Certifications e.g. Cyber Essentials Plus.
  6. InfoSec Governance Activities. This role will be responsible for defining and leading Information Security Governance activities (e.g Privileged Account Management, Local Administrators approval processes etc.).
  7. Information Security Risk Management. This role will be responsible for managing the IT Security Risks relating to our Information Security controls provided by the team.
  8. Information Security reporting. This role will be responsible for the definition and delivery of regular Information Security reporting to ensure we have a clear understanding of our current InfoSec controls position and risks.

Key dimensions

Budget or financial targets (indicate if directly accountable or advisory)

  • This role will be responsible for ensuring we get value for money from our 3rd party IT Suppliers.
  • Potential budget responsibility of approx. £2M.

Scales of impact (team, function, division, group wide)

  • This role is responsible for the Operational Security services provided across Royal Mail.

Team size

  • This role will lead a team of up to 10 (permanent and contractors)

Key Skills

Experience and Qualifications required for this specific role

Key Skills

  • Developing and leading high performing teams.
  • Experience of Managing 3rd Party IT Suppliers
  • Strong networking and Infrastructure experience
  • Be well versed in Security technologies.
  • Experience of developing and reporting of InfoSec SLA’s and KPI’s
  • 5 yrs + Hands on Information Security experience.
  • Ability to drive change activities to a successful conclusion.
  • Ability to manage small to medium change projects.


  • 2+ Years in Leading an Operational Security team.
  • Technical knowledge of IT Security controls required (e.g. Firewalls, VPN’s, Vulnerability Management solutions)
  • Experience of setting up and running a comprehensive IT Security testing solution.
  • Experience of managing small to medium change projects.



  • Any cloud Security certifications e.g. CSSP.


About Royal Mail:

The Royal Mail Technology team is passionate about delivering high-quality products and outstanding digital experiences to our customers. Technology is instrumental in helping us achieve our objective to be recognised as the best delivery company in the UK and across Europe

With a workforce of 150,000, our core network handles c.16 billion letters and c.1 billion parcels a year, delivering to more than 29 million addresses, 6 days a week. Our technology therefore needs to operate at scale. As a data driven business, with the largest PDA estate in the country, our systems need to handle more than 60m scan events and 1.4bn data points per day.

Royal Mail is committed to building an internal development and testing capability, driving digital innovation across the business enabling our business to transform at pace. You will be working for a brand that’s a household name and a critical part of the UK’s infrastructure.

Our technology vision is to “Enable, Digitise, Realise”:

- Enable - Create environments where open conversations are the norm and where teams work alongside each other to complement skills.

- Digitise - Utilise Technology to support the business. Making Technology thinking integral to the business. Increase the level of automation and implement connected systems.

- Realise - Invest in technology and keep taking all opportunities to consolidate systems. Focus on removing complexity within our systems and enable our cost base to decrease.

We are fully embracing Agile and DevOps, and using tools such as Alexa, Azure and Google Cloud, Chatbot, Microsoft .NET Core, Angular and mobile apps.  

Our priorities include:

Our postmen/women use 80,000 Android mobile devices and we are continuing to roll out new Apps all the time to help them to deliver a first class customer service.

International business is one of our fastest growing areas - our IT systems have to integrate with IT systems in over 200 different territories in order for customers to track their parcels around the world.

Continuously expanding our services to our customers, utilising predictive analytics and personalised services.

Transforming our customer’s digital journey’s through our website which is in the top 50 most visited UK websites – with 300m visits per annum, from 100m devices, resulting in 1bn page views, with 9.2m registered users, 20m unique visitors per month, and peaking at 7m visits per day during the Christmas peak.

We are an inclusive employer with equality, diversity and fairness at the heart of our values and we’re proud to be recognised in The Times Top 50 Employers for Women 2019 for a 6th consecutive year. We welcome applications from individuals from diverse backgrounds and are committed to promoting fair participation and equality of opportunity for all of our job applicants.



For more information on Royal Mail Group and our Values please click on the link (http://www.royalmailgroup.com/our-people).


Closing Date: 03/09/2019. Please note, this advert may close early if the appropriate number of applications has been reached.

Job Segment: Operations Manager, Risk Management, Cyber Security, Operations, Security, Finance

Find similar jobs: