Remote Director of Cyber Defence & Strategic Operations @ Informa Group Plc.

Company Description

At Informa, no two days and no two people are the same, and you’ll find the freedom, opportunity and support of a fantastic community to make a real impact.

We’re an international business that connects specialists with knowledge, helping them to learn more, know more and do more through live and on demand events, digital and data-driven services and academic research.

We are home to over 10,000 colleagues across 30 countries and are a member of the UK’s FTSE 100 group of leading public companies. We’re thrilled to have earned the #3 spot in Glassdoor’s Best Places to Work 2025 UK list, a recognition based solely on reviews by those who know us best – our current and previous colleagues.

In Global Support, we provide expert guidance and hands-on support to the Informa Group and Informa’s many business teams. Across tech, finance, legal, corporate development, HR, communications, operations and many other areas, we work collaboratively and flexibly to help our brands serve their customers and help the company succeed.

Job Description

This role is base in our London office.

The Information Security (InfoSec) team at Informa is dedicated to protecting the organisation’s information assets and ensuring the confidentiality, integrity, and availability of data. The team is responsible for implementing and maintaining robust security measures, policies, and procedures to safeguard against cyber threats and vulnerabilities. The InfoSec team works collaboratively with various departments across the organisation to embed security practices and awareness, ensuring that security is an integral part of Informa’s business operations.

As a key member of Informa’s Information Security leadership team, you will be responsible for driving the strategic direction and operational excellence of the company’s cyber defence capabilities. This role leads the global Security Operations Centre (SOC), ensuring robust threat detection, incident response, and continuous monitoring to protect Informa’s digital assets and operations.

As the Director, you will also play a pivotal role in supporting mergers and acquisitions (M&A) from a cybersecurity perspective—leading due diligence, identifying integration risks, and ensuring secure onboarding of acquired entities.

Additionally, in this role, you will provide executive oversight to the Head of Information Security – APAC, aligning regional initiatives with global security standards while addressing local regulatory and threat landscapes.

Key Areas of Responsibility/Accountability

Security Operations Centre (SOC):
Leadership and Management: Oversee the daily operations of Informa’s SOC, ensuring the effective monitoring, detection, and response to security incidents. Lead a team of security analysts and engineers, providing guidance, mentorship, and performance management.
Incident Response: Develop and implement incident response protocols and procedures to ensure timely and effective handling of security incidents. Coordinate with other departments and external partners to manage and mitigate security threats.
Threat Intelligence: Utilise threat intelligence to proactively identify and address potential security risks. Stay updated on the latest cybersecurity trends and threats to ensure Informa’s SOC remains at the forefront of security operations.
Security Technologies: Implement and maintain security technologies and processes to protect Informa’s digital assets. Evaluate and recommend new security tools and technologies to enhance SOC capabilities.
Compliance and Reporting: Ensure compliance with regulatory requirements and industry standards. Prepare and present regular reports on SOC activities, incident trends, and overall security posture to senior management.
Mergers and Acquisitions (M&A): Manage the information security aspects of M&A activities, including due diligence, risk assessment, and integration planning. Ensure that security considerations are integrated into the M&A process to protect Informa’s interests.
APAC Information Security: Provide oversight and support to the Head of Information Security – APAC, ensuring alignment with Informa’s global security strategy. Coordinate regional security initiatives and ensure compliance with local regulations and standards.

Key Outputs and Outcomes

Security Operations Centre (SOC):
Strengthen business engagement and InfoSec value through proactive threat intelligence and incident response.
Improve decision-making efficiency and outcomes by providing timely and accurate security reports.
Enhance reporting cycles and quality to ensure senior management is well-informed about security posture.
Work closely with the Director of Information Security Portfolio & Programmes and lead the delivery of SOC projects with excellence, ensuring effective monitoring and response to security incidents.
Optimise resource allocation and demand management within the SOC to maintain high operational efficiency.
Drive data-driven decision-making through metrics reporting on SOC activities.
Ensure successful realisation of the InfoSec vision by maintaining a robust and effective SOC.

Mergers and Acquisitions (M&A):
Strengthen business engagement by embedding cybersecurity risk management into all phases of M&A activity, from due diligence through to post-acquisition oversight.
Support informed decision-making by delivering clear, timely, and actionable risk assessments tailored to the business context of each transaction.
Enhance reporting quality and cadence to ensure stakeholders are fully informed of cyber risks and mitigation strategies throughout the M&A lifecycle.
Lead the delivery of M&A-related security initiatives, ensuring appropriate controls are implemented—whether through full integration or ongoing operational oversight.
Optimise resource planning and prioritisation to support efficient execution of M&A security activities across multiple concurrent deals.
Drive data-informed decision-making through consistent metrics and insights on M&A-related cyber risk posture.
Safeguard Informa’s strategic and commercial interests by ensuring cyber risks are effectively managed in alignment with the company’s risk appetite and business objectives.

APAC Information Security:
Strategic Oversight of APAC Regional Security: Provide executive leadership and direction to the APAC Regional Information Security Office, ensuring alignment with Informa’s global cybersecurity strategy and risk management framework.
Risk-Driven Regional Enablement: Ensure that regional security initiatives are prioritised and executed based on business risk, regulatory requirements, and local threat landscapes, while maintaining consistency with global standards.
Regulatory and Compliance Assurance: Support the Head of InfoSec APAC in engaging with local regulatory bodies and ensuring compliance with regional cybersecurity laws, including China’s PIPL and MLPS, and other jurisdictional requirements.
Incident Response Readiness: Oversee the development and execution of regional incident response capabilities, ensuring timely escalation, coordination, and resolution of security incidents in APAC.
Performance Monitoring and Reporting: Establish and maintain clear reporting mechanisms to track the effectiveness of regional security controls, risk mitigation efforts, and compliance posture.
Regional Integration into Global Programs: Ensure APAC participation in global security initiatives, including awareness campaigns, vulnerability management, and secure development practices, fostering a unified security culture.
Capability Development and Support: Mentor and support the Head of InfoSec APAC, fostering leadership development and ensuring the regional team has the resources, guidance, and visibility needed to succeed.

Measures of Success

Introduce and manager key metrics for the function
Reduction in mean time to detect (MTTD) and mean time to respond (MTTR) to security incidents.
Effective identification and management of cybersecurity risks associated with M&A activity, from due diligence through to integration or ongoing operational oversight, aligned with the business strategy and risk appetite.
Compliance with APAC regional and global cybersecurity regulations and standards.
Positive audit outcomes and risk posture improvements.
High engagement and performance scores from direct reports and regional teams.
Effective cross-functional collaboration and stakeholder satisfaction.

Qualifications

What we’re looking for

Experience

Extensive experience in cybersecurity
Proven experience managing a global or regional SOC.
Demonstrated success in leading cybersecurity aspects of M&A activities.
Experience working in a complex, matrixed, and multinational organization.
Familiarity with regulatory environments across Asia and global security frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK).
Extensive experience in cybersecurity planning and delivery.
Strong leadership skills with the ability to manage complex security operations across multiple regions.
Superior analytical and problem-solving skills.
Ability to communicate effectively with strong interpersonal skills and emotional intelligence.
Strong negotiation skills and the ability to influence corporate opinion and key stakeholders.

Key Competencies:

Strategic thinking with the ability to translate vision into execution.
Strong leadership and team development skills.
Excellent communication and stakeholder management abilities.
Deep understanding of threat landscapes, security technologies, and incident response.
Ability to manage multiple priorities and deliver results in a dynamic, fast-paced environment.
Cultural awareness and sensitivity, especially in working with diverse regional tea

Additional Information

We work hard to make sure Life at Informa is rewarding, supportive and enjoyable for everyone. Here’s some of what you can expect when you join us. But don’t just take our word for it – see what our colleagues have to say at LifeAt.Informa.com

Our benefits include:

Freedom & flexibility: colleagues rate us highly for the flexibility and trust they receive and most of us balance time in the office with time working remotely
Great community: a welcoming culture with in-person and online social events, our fantastic Walk the World charity day and active diversity and inclusion networks
Broader impact: take up to four days per year to volunteer, with charity match funding available too
Career opportunity: the opportunity to develop your career with bespoke training and learning, mentoring platforms and on-demand access to thousands of courses on LinkedIn Learning. When it’s time for the next step, we encourage and support internal job moves
Time out: 25 days annual leave, rising to 27 days after two years, plus a birthday leave day and the chance to work from (almost!) anywhere for up to four weeks a year
A flexible range of personal benefits to choose from, plus company funded private medical cover
A ShareMatch scheme that allows you to become an Informa shareholder with free matching shares
Strong wellbeing support through EAP assistance, mental health first aiders, a healthy living subsidy, access to health apps and more
Recognition for great work, with global awards and kudos programmes
As an international company, the chance to collaborate with teams around the world

We’re not solely focused on a checklist of skills. We champion energy and ambition and look for colleagues who will roll their sleeves up, join in and help make things happen. If it sounds like a match and you have most – although not all – of the skills and experience listed, we welcome your application. At Informa, you’ll find inclusive experiences and environments where all perspectives and backgrounds are welcomed. As part of this approach and our diversity and inclusion commitments, we are also formally an Equal Opportunities Employer. This means we base decisions on relevant qualifications and merit and do not discriminate on the basis of key characteristics and statuses, including all of those protected by law.

See our website for full information on how Informa handles your personal data when you apply for a job.