Job Summary
The Director of Cybersecurity North America is responsible for maintaining and executing WHSmith North America’s cyber security strategy, leading a focused team to ensure operational rigor, compliance with regulations (including retail-specific compliance), and effective implementation of security controls to protect digital assets. They will act as the key liaison between the executive team and the operational staff.
Board Reporting & Group Support
• Provide regular updates and risk assessments to the North America Board, ensuring transparency and alignment with corporate governance.
• Support the Group CISO in global security initiatives, acting as a regional extension of group-level strategy and execution.
Strategic Leadership
• Develop and maintain the North America cybersecurity roadmap aligned with global WHSmith security objectives.
• Serve as a trusted advisor to senior leadership on emerging threats, regulatory changes, and risk posture.
Business Engagement
• Actively engage with key business sponsors across HR, Finance, Legal, and other functions to ensure security initiatives align with organizational priorities.
• Communicate complex security concepts in business-friendly language to influence decision-making and secure buy-in.
Governance & Compliance
• Establish and enforce IT security policies, standards, and procedures in line with NIST, PCI DSS, and WHSmith governance frameworks.
• Ensure adherence to WHSmith Information Security Governance Policy and Systems Security Policy.
Operational Oversight
• Lead incident response efforts for North America, ensuring timely detection, containment, and remediation of security events.
• Oversee vulnerability management, threat intelligence, and monitoring activities in collaboration with the Global Security Operations Centre (GSOC).
Risk Management
• Identify and mitigate risks related to partial monitoring coverage and manual processes within the North American IT estate.
• Drive continuous improvement initiatives to close security gaps and enhance maturity across NIST CSF domains.
Team Leadership
• Manage and mentor a regional security team, fostering professional development and succession planning.
• Collaborate with global InfoSec peers to ensure consistent security posture across all WHSmith geographies
Job Requirements
• Bachelor of Science in Cybersecurity, information technology, or related
• 5-8 years directly related experience, 3+ years’ Cybersecurity supervisory experience
• Proven experience in IT security, risk management, and policy development.
• Experience with configuring and integrating systems within enterprise IT environment.
• Proven experience managing industry standard security stacks.
• Excellent understanding of regulatory requirements and industry best practices.
• Ability to collaborate effectively with all business verticals to align security initiatives with organizational goals.
• Team Leadership and Collaboration: Strong leadership skills, including the ability to motivate and manage a diverse team, are essential.
Apply Now
Apply Now