Information Security Director 

Forest House | 28% bonus scheme | Company Car | PMI

We're a thriving team passionate about working together to deliver excellence, all in a natural forest environment

Welcome to Center Parcs, the number one choice for short break holidays, employing a team of over 10,000 across Forest House and six separate villages located in the UK and Ireland.

The Information Security Director will lead Center Parcs' information and cyber security strategy, with overall accountability for technology risk, compliance, and audit. As the senior authority on security within Technology, you will ensure the organisation is resilient to cyber threats while enabling innovation and change. This role positions cyber security as an enabler, empowering teams to design and operate secure technology and embedding security across systems, processes and suppliers.

You will proactively identify risks and emerging threats, develop clear mitigation plans, and communicate effectively at all levels of the business. Acting as a trusted advisor to the CTO and Operating Board, you will provide strategic leadership on information security, technology risk and compliance.

What You'll Be Doing: 

• Cyber Security Leadership & Strategy – Lead the organisation's information and cyber security strategy, embedding secure-by-design principles across technology and operations. By raising cyber awareness, improving detection and response, and adapting to an evolving threat landscape, you will ensure Center Parcs remains secure while enabling the business to thrive.
• Technology Risk Management – Own and operate the enterprise technology risk management framework, providing clear, proactive risk assessments and ensuring risks are understood and managed by both technology and business stakeholders. Acting as a trusted advisor to the CTO and leadership team, you will guide risk appetite, investment priorities and commercial trade-offs, working closely with risk owners to develop effective mitigation strategies
• Compliance & Audit Oversight – Ensure compliance with all relevant regulatory, industry and audit requirements, including Sarbanes-Oxley, PCI DSS, GDPR and ISO 27001, maintaining appropriate security frameworks and certifications. Leading engagement with external auditors, QSAs and regulators, you will provide clear evidence of effective controls and ensure audit actions are owned and closed across the technology estate
• Security Operations & Assurance – Oversee penetration testing, vulnerability assessments and other validation activities to ensure security controls remain effective. This includes ensuring suppliers and partners meet agreed security standards through robust due diligence and ongoing assurance, while evaluating and overseeing security tools and services that support effective prevention, detection and response across both internal and third-party environments
• Enabling and Supporting Change – Partner with technology and business teams to embed security and risk into change from the outset, enabling projects to move quickly without compromising resilience. By providing clear guidance, practical patterns and trusted advice throughout digital transformation, you will demystify security, support informed decision-making, and ensure lessons learned are continuously fed back to strengthen future change and innovation

About you:

• CISM and/or CISSP certification, demonstrating not only technical depth but a strong understanding of governance, risk and information security best practice.
• Proven experience operating in a large, commercially complex enterprise environment with always-on operations and regulated data 
• Proven ability to engage with, influence, and present to executive and Board-level stakeholders, translating complex security issues into clear business impacts 
• Demonstrated track record of building, leading, and evolving a Cyber Security function, including strategy, capability development, and team leadership 
• Experience managing compliance requirements including SOx, PCI DSS, GDPR, and related audit frameworks 
• Strong experience in technology risk management, with the ability to embed risk-based thinking into business decision-making at all levels 
• Proven ability to engage with, influence, and present to executive and Board-level stakeholders, translating complex security issues into clear business impacts 
• A track record of engaging and managing third-party suppliers and ensuring their compliance with security standards

What's in it for you:

• Management Bonus Scheme – 28%
• Company Car
• Access to our enhanced pension plan, with 8% from you and 7% contributed by Center Parcs
• Private Medical Insurance
• Discounted Center Parcs breaks
• Free use of our leisure facilities
• 20% discount in our restaurant and retail outlets
• Colleague Recognition and Reward Scheme – offering a choice of Center Parcs and High Street vouchers
• Access to Perks at Work Portal – offering a wide range of retail and leisure discounts
• An Employee Assistance Program – providing support on financial, health and legal matters
• Excellent opportunities for career development and progression with the opportunity to gain externally recognised qualifications

Our values

Each colleague at Center Parcs is involved in building better worlds for our guests, colleagues, communities and our environment. Contributing to our purpose means living out our values: We care, we're brave, we're determined and we're naturally us.

Sound like your kind of job?

Apply online today – interviews are ongoing

Closing date: 10th July 2026 #INPLOIv2</spa