Job Description

Job Summary

The Director of Cybersecurity North America is responsible for maintaining and executing WHSmith North Americas cyber security strategy, leading a focused team to ensure operational rigor, compliance with regulations (including retail-specific compliance), and effective implementation of security controls to protect digital assets. They will act as the key liaison between the executive team and the operational staff.

Board Reporting & Group Support

Provide regular updates and risk assessments to the North America Board, ensuring transparency and alignment with corporate governance.

Support the Group CISO in global security initiatives, acting as a regional extension of group-level strategy and execution.

Strategic Leadership

Develop and maintain the North America cybersecurity roadmap aligned with global WHSmith security objectives.

Serve as a trusted advisor to senior leadership on emerging threats, regulatory changes, and risk posture.

Business Engagement

Actively engage with key business sponsors across HR, Finance, Legal, and other functions to ensure security initiatives align with organizational priorities.

Communicate complex security concepts in business-friendly language to influence decision-making and secure buy-in.

Governance & Compliance

Establish and enforce IT security policies, standards, and procedures in line with NIST, PCI DSS, and WHSmith governance frameworks.

Ensure adherence to WHSmith Information Security Governance Policy and Systems Security Policy.

Operational Oversight

Lead incident response efforts for North America, ensuring timely detection, containment, and remediation of security events.

Oversee vulnerability management, threat intelligence, and monitoring activities in collaboration with the Global Security Operations Centre (GSOC).

Risk Management

Identify and mitigate risks related to partial monitoring coverage and manual processes within the North American IT estate.

Drive continuous improvement initiatives to close security gaps and enhance maturity across NIST CSF domains.

Team Leadership

Manage and mentor a regional security team, fostering professional development and succession planning.

Collaborate with global InfoSec peers to ensure consistent security posture across all WHSmith geographies

Job Requirements

• Bachelor of Science in Cybersecurity, information technology, or related
• 5-8 years directly related experience, 3+ years Cybersecurity supervisory experience
• Proven experience in IT security, risk management, and policy development.
• Experience with configuring and integrating systems within enterprise IT environment.
• Proven experience managing industry standard security stacks.
• Excellent understanding of regulatory requirements and industry best practices.
• Ability to collaborate effectively with all business verticals to align security initiatives with organizational goals.
• Team Leadership and Collaboration: Strong leadership skills, including the ability to motivate and manage a diverse team, are essential.

Job Tags

Similar Jobs