{ “@context”: “http://schema.org”, “@type”: “JobPosting”, “title”: “Director, Security Governance & Posture”, “description”: “
Director of Security Governance & Posture
Lead WPP’s Technical Security Governance function, defining guardrails, posture expectations, and governance standards for a complex, globally distributed technology estate.
Responsibilities
- Lead and develop a team of Technical Security Governance Leads, ensuring clear accountability, measurable outcomes, and continuous improvement.
- Own the governance framework—defining the standards, baselines, guardrails, and exception criteria that set the security performance bar across WPP’s global technology estate.
- Drive posture measurement and performance reporting—own the KPI/KRI framework that gives WPP’s CISO and leadership team an honest, actionable picture of security risk and trajectory.
- Provide independent challenge and escalation—ensure that material risks are identified, escalated, and treated, and that weak remediation plans or risk acceptances do not go unchallenged.
- Engage at the most senior levels—act as the primary interface between Technical Security Governance and ET, DT&S, business technology leadership, Legal, Audit, and the CISO office.
- Build governance that works in practice—embed security expectations into delivery workflows across a creative, fast‑moving, globally distributed organisation without creating unnecessary friction.
Essential Requirements
- Fluent English—reading, writing and conversation skills.
- Bachelor’s degree in Information Security, Computer Science or a related field.
- 3+ years of demonstrable experience in technical security governance, security assurance, or risk‑based security oversight in a global environment.
- Strong understanding of cybersecurity policies, standards and frameworks (e.g., ISO 27001, NIST CSF).
- Broad technical security knowledge across multiple domains—enough to lead a specialist team, provide credible challenge, and recognise when an incomplete picture is presented.
- Strong executive communication skills—able to translate complex risk and posture data into clear, honest narratives for senior and non‑technical audiences.
- Experience governing across multiple regions and regulatory environments, with familiarity with GDPR and other major data protection frameworks.
- Familiarity with client data obligations and the reputational and commercial stakes that accompany them.
Preferred Qualifications
- Certifications such as CISSP, Azure, AWS, GCP or other domain‑related credentials.
- Familiarity with posture and detection tooling (e.g., CNAPP/CSPM, EDR, vulnerability scanning, identity telemetry) and evidence‑management approaches.
- Working knowledge of agile methodologies.
- Experience in multinational, multicultural and matrixed companies.
- Proactive problem‑solving mindset—anticipates challenges in governance and compliance activities and develops effective solutions.
- Collaborative spirit—builds strong relationships across teams (e.g., Legal, Enterprise Technology) to ensure alignment and efficiency.
- Detail‑oriented focus—ensures accuracy and thoroughness in policy development, risk assessments, and reporting.
- Adaptable—thrives in a fast‑paced environment and adjusts quickly to changing priorities or regulatory requirements.
- Ethical integrity—maintains high ethical standards, ensuring compliance with policies and safeguarding WPP’s reputation.
- Analytical thinking—demonstrates strong analytical skills to interpret complex data and identify actionable insights.
- Excellent communication skills—clearly articulates findings, recommendations, and technical concepts to non‑technical stakeholders.
Benefits
- Work with passionate, inspired people who foster a culture of extraordinary work.
- Scale and opportunity—the chance to create, influence and complete projects at a scale unparalleled in the industry.
- Challenging and stimulating work—join a group of creative problem‑solvers and take on high‑impact projects.
- Hybrid working model—approximately four days a week in the office, with flexibility options available.
WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers.
#J-18808-Ljbffr”, “datePosted”: “2026-05-05”, “hiringOrganization”: { “@type”: “Organization”, “name”: “WPP”, “sameAs”: “https://uk.whatjobs.com/pub_api__cpl__423712454__4861?utm_campaign=publisher&utm_medium=api&utm_source=4861&geoID=33” }, “jobLocation”: { “@type”: “Place”, “address”: { “@type”: “PostalAddress”, “addressLocality”: “London” } } }Company: WPP
Location: London
Job Description:
Director of Security Governance & Posture
Lead WPP’s Technical Security Governance function, defining guardrails, posture expectations, and governance standards for a complex, globally distributed technology estate.
Responsibilities
- Lead and develop a team of Technical Security Governance Leads, ensuring clear accountability, measurable outcomes, and continuous improvement.
- Own the governance framework—defining the standards, baselines, guardrails, and exception criteria that set the security performance bar across WPP’s global technology estate.
- Drive posture measurement and performance reporting—own the KPI/KRI framework that gives WPP’s CISO and leadership team an honest, actionable picture of security risk and trajectory.
- Provide independent challenge and escalation—ensure that material risks are identified, escalated, and treated, and that weak remediation plans or risk acceptances do not go unchallenged.
- Engage at the most senior levels—act as the primary interface between Technical Security Governance and ET, DT&S, business technology leadership, Legal, Audit, and the CISO office.
- Build governance that works in practice—embed security expectations into delivery workflows across a creative, fast‑moving, globally distributed organisation without creating unnecessary friction.
Essential Requirements
- Fluent English—reading, writing and conversation skills.
- Bachelor’s degree in Information Security, Computer Science or a related field.
- 3+ years of demonstrable experience in technical security governance, security assurance, or risk‑based security oversight in a global environment.
- Strong understanding of cybersecurity policies, standards and frameworks (e.g., ISO 27001, NIST CSF).
- Broad technical security knowledge across multiple domains—enough to lead a specialist team, provide credible challenge, and recognise when an incomplete picture is presented.
- Strong executive communication skills—able to translate complex risk and posture data into clear, honest narratives for senior and non‑technical audiences.
- Experience governing across multiple regions and regulatory environments, with familiarity with GDPR and other major data protection frameworks.
- Familiarity with client data obligations and the reputational and commercial stakes that accompany them.
Preferred Qualifications
- Certifications such as CISSP, Azure, AWS, GCP or other domain‑related credentials.
- Familiarity with posture and detection tooling (e.g., CNAPP/CSPM, EDR, vulnerability scanning, identity telemetry) and evidence‑management approaches.
- Working knowledge of agile methodologies.
- Experience in multinational, multicultural and matrixed companies.
- Proactive problem‑solving mindset—anticipates challenges in governance and compliance activities and develops effective solutions.
- Collaborative spirit—builds strong relationships across teams (e.g., Legal, Enterprise Technology) to ensure alignment and efficiency.
- Detail‑oriented focus—ensures accuracy and thoroughness in policy development, risk assessments, and reporting.
- Adaptable—thrives in a fast‑paced environment and adjusts quickly to changing priorities or regulatory requirements.
- Ethical integrity—maintains high ethical standards, ensuring compliance with policies and safeguarding WPP’s reputation.
- Analytical thinking—demonstrates strong analytical skills to interpret complex data and identify actionable insights.
- Excellent communication skills—clearly articulates findings, recommendations, and technical concepts to non‑technical stakeholders.
Benefits
- Work with passionate, inspired people who foster a culture of extraordinary work.
- Scale and opportunity—the chance to create, influence and complete projects at a scale unparalleled in the industry.
- Challenging and stimulating work—join a group of creative problem‑solvers and take on high‑impact projects.
- Hybrid working model—approximately four days a week in the office, with flexibility options available.
WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers.
#J-18808-Ljbffr…
Posted: May 5th, 2026