Job Description

Introduction

KEYSIGMA is a fast-growing information security company with ambitious growth plans. We are a well-established Cyber Essentials Plus Certification Body, recognised for delivering premium, high-quality certification services. Building on this success, we are launching our Defence Cyber Certification (DCC) services as a strategic expansion into the defence cyber assurance market.

We are currently accredited to deliver DCC Levels 0-1 and our ambition is clear: we will become the leading provider of Defence Cyber Certification in the UK. To achieve this, we are seeking an exceptional individual to lead the creation, development, and scaling of this new service offering.

This is a rare opportunity to join KEYSIGMA at a critical early stage and play a pivotal role in shaping a brand-new certification scheme from the ground up.

Role Overview

We are seeking a Head of Department for the Defence Cyber Certification (DCC) to drive the successful design, implementation, and growth of KEYSIGMA's DCC capability.

This is a hands-on leadership role, ideal for someone who thrives in fast-paced environments and enjoys combining deep technical expertise with strategic and commercial responsibility. Initially, the role will focus on becoming a leading technical authority for the DCC scheme while refining and embedding the internal systems, processes, and controls required to deliver the service to the highest standards. As the service scales, you will build and lead a high-performing specialist team.

The role is not purely managerial. You must be highly experienced in cyber governance, information security, assurance, and certification standards, commercially aware, and capable of leading people, processes, and client engagements. You will work closely with the Managing Director, an experienced CISSP holder and DCC assessor, to build a market-leading certification function.

This role suits someone who is high-energy, adaptable, and motivated to expand their influence into a new and strategically important area of cyber certification.

Key Responsibilities

1. Systems & Process Development

Implement, and maintain internal controls to meet and exceed DCC scheme requirements. Develop, refine, and optimise policies, procedures, and workflows to ensure consistent, high-quality service delivery. Integrate DCC systems and processes into wider KEYSIGMA operations, ensuring alignment with business objectives and information security standards.

2. Technical Leadership & Expertise

Hold and maintain DCC Assessor certification status (training provided). Act as a subject-matter expert for the Defence Cyber Certification scheme. Lead technical audits and assessments against the DCC standard. Monitor emerging threats, defence sector developments, and changes to certification requirements. Conduct internal reviews to drive continuous improvement and maintain exceptional quality standards.

3. Team Leadership & Management

Recruit and build an elite team of certification professionals. Mentor and develop team members through structured training and professional development. Manage departmental performance, workload planning, and delivery. Ensure efficient scheduling and consistent high-quality output across all engagements.

4. Commercial Development

Create and maintain commercial documentation, service descriptions, and supporting marketing materials. Develop commercial models and client engagement strategies to grow the DCC service. Collaborate with sales and marketing teams to position KEYSIGMA as a premium DCC provider. Support customer sales calls and act as a senior technical authority during pre-sales engagements.

5. Quality Assurance & Compliance

Oversee internal compliance with ISO standards, defence-sector regulations, and industry best practice. Ensure the integrity, consistency, and credibility of the DCC scheme across all engagements.

6. Service Delivery

Own end-to-end service delivery for Defence Cyber Certification. Act as the primary escalation point for technical or scheme-related queries.

Mandatory Qualifications & Experience

Certified Information Systems Security Professional (CISSP) holder. ISO 27001 Lead Auditor Certification or IASME Cyber Assurance (ICA) Assessor in good standing. Principal or Chartered Cyber Security Professional (UK Cyber Security Council) in Cyber Security Audit & Assurance, or Cyber Security Governance & Risk [we recognise the current backlog and pending applications accepted]. Minimum of 3 years' experience in information security auditing and/or governance. Proven ability to lead complex technical projects and teams. Strong understanding of Cyber Essentials and its relationship to higher-level defence certifications. Hands-on technical mindset with deep knowledge of certification standards and security frameworks. Eligibility for UK security clearance to at least SC level.

What Will Set You Apart

Experience leading teams delivering technical assurance or certification services. Penetration testing qualifications (e.g. CRT, OSCP, CSTM). DCC Level 1 certification (training funded if not already held). Prior experience working within the defence sector.

Benefits

Highly competitive salary and performance-based bonus. Flexible working arrangements (remote, hybrid, or office-based). Private health insurance and company pension. Generous training and certification budget. Regular team events and a collaborative, supportive culture. Cycle-to-work scheme and income protection benefits.

Diversity & Inclusion

KEYSIGMA is proud to be an equal opportunities employer. We are committed to fostering a diverse, inclusive, and respectful workplace and welcome applications from all qualified candidates regardless of legally protected characteristics.

How to Apply

Please submit your CV and a cover letter.

Job Type: Full-time

Work Location: Hybrid remote in Cheltenham, GL51 4GA