About the role

Reports to: Chief Digital Officer (with quarterly Audit/Risk committee updates)

The Enterprise & Network Security Director ("ENS") is responsible for developing and implementing a holistic security strategy for the Expereo Enterprise Organization and the Network Products and Services delivered to its customers. This includes corporate IT, cloud application DevOps, compliance frameworks, and the global network installed base that underpins our services. The ENS Director leads teams across Enterprise IT security, Cloud Security, Network/ISP Security, Compliance, and Security Operations — ensuring resilience, trust, and regulatory alignment across the organization and customer offerings.

This role also involves managing a team of security professionals, collaborating closely with Platform Engineering, Product, IT and Network Ops, HR, and Legal/DPO, as well as senior leadership. Most importantly, while strategic in nature, this role requires a hands-on approach.

Key Responsibilities

• Define and execute the end-to-end security strategy covering Enterprise, Cloud Applications, and Network domains; represent cybersecurity posture to management, regulators, auditors and key customers.
• Lead and mentor cross-functional security teams (Enterprise IT SecOps, Cloud Security, Network Security, Compliance, Identity).
• Oversee global security policies, risk management, and regulatory alignment (ISO27001, SOC2, GDPR, NIS2/DORA, Telecom-specific regulations).
• Ensure security is embedded in product/service lifecycles (Internet access, SD-WAN, SASE, NaaS) and that they are secure by design and meet customer and industry expectations.
• Drive vendor/partner risk management and customer assurance processes.
• Conduct regular risk assessments, vulnerability tests, and threat analysis to identify and mitigate security risks.
• Work with IT teams to ensure security of endpoints, servers, internal infrastructure, and enterprise IT systems.
• Own cloud security posture management, key rotation, least privilege, and baseline hardening for AWS (API Gateway, Cognito, IAM SigV4, EventBridge, etc.).
• Drive strong authentication, device posture, PAM, and customer federation; standardise scopes/claims for external APIs.
• Own security of backbone, edge, peering, and transit/last-mile networks.
• Oversee network defences (DDoS, BGP/RPKI validation, DNS/DNSSEC, etc.).

Requirements

• 10+ years of experience in cybersecurity, with proven leadership of multi-domain security functions (Enterprise IT, Cloud, Networks, Compliance).
• Professional certifications (CISSP, CISM, CCSP, CCNP Security, or equivalent).
• Strong communicator with credibility at executive, technical, and regulatory levels; customer-focused mindset with emphasis on trust, resilience, and service assurance.
• Information Security & Compliance Expertise: Deep knowledge of ISO 27001, SOC 2 Type II, NIS2, and DORA regulations, with experience leading audits and closing compliance gaps.
• Security Architecture & Engineering: Proficiency in secure SDLC practices, application security tooling (SAST/SCA/DAST), cloud security (CSPM/CIEM/CNAPP), and infrastructure hardening.
• Incident Detection & Response: Strong skills in threat detection, SIEM/SOAR, incident response, and achieving low MTTD/MTTR; experience with purple teaming and tabletop exercises.
• Network Security: Understanding of routing security principles (BGP/RPKI), network segmentation and DDoS mitigation.
• Identity Management: Implementing zero-trust / password-less solutions.
• Risk Management & Vendor Security: Ability to assess third-party risk, enforce contract controls, manage remediation, and provide continuous monitoring for key suppliers.
• Strategic yet hands-on leader: Able to set vision and oversee day-to-day operations.

Benefits

• Private Healthcare Plan
• Pension Plan
• Life Assurance
• Hybrid working
• 25 days Holiday
• Annual Company Bonus

EEO Statement

Expereo is an Equal Opportunities employer who aims to support and celebrate every employee. We respect and support all of our people regardless of background, religion, nationality, sexual orientation, age, or physical condition.

Note: This description preserves the original role content but removes duplicate sections, extraneous line breaks, and non-essential listings found in the raw posting.