Join to apply for the Head of Information Security role at Arsenal Football Club.

The Role

We are looking for a Head of Information Security to develop, implement, and maintain our club’s information security strategy. This includes ensuring the confidentiality, integrity, and availability of all systems, data, and networks, and maintaining compliance with relevant standards and regulations.

Your day-to-day

• Provide strategic leadership for information security – develop and deliver a club-wide cybersecurity strategy, embedding policies, standards, and governance aligned to our business objectives.
• Lead risk, compliance, and regulatory assurance – oversee frameworks including ISO 27001, NIST, CIS Controls, Cyber Essentials Plus, and ensure compliance with GDPR, PCI DSS, and related regulations.
• Report cyber risk and security posture to senior leadership – present clear, actionable updates to executives and the board.
• Oversee cybersecurity operations and incident response – lead the security operations centre, ensuring 24/7 monitoring, effective threat detection, and robust response to security incidents.
• Manage security architecture and core technologies – oversee identity and access management, network security, endpoint protection, SIEM/​SOAR, and vulnerability management programs.
• Lead cloud, application, and DevSecOps security – ensure secure software development and manage security across cloud, SaaS, and third‑party environments.
• Own third‑party and supply chain cyber risk – conduct vendor security assessments and embed cybersecurity requirements into procurement and contracts.
• Drive security awareness and culture – design and deliver training and awareness programmes that strengthen cyber hygiene and resilience across the club.

What We Are Looking For

• Experienced information security leader – proven experience delivering business‑wide security strategy, governance, and assurance.
• Risk and compliance specialist – hands‑on experience managing ISO 27001, GDPR, PCI DSS, and wider regulatory frameworks.
• Cyber operations expert – overseen security operations centres, incident response, and cyber threat management in complex environments.
• Technical security background – confident implementing and managing identity and access controls.
• Influential communicator – engage, advise, and challenge stakeholders at all levels, including senior leaders and board members.
• Analytical problem‑solver – assess risk effectively, manage incidents decisively, and design practical security solutions.
• Culture champion – drive security awareness and training across the organisation.
• Credible expertise in cybersecurity – hold relevant certifications (or equivalents) and committed to continuous professional development.

Why choose us

• An exciting reward and recognition scheme.
• Generous holiday allowance which increases with your length of service.
• Great internal learning and development programmes.
• A flexible hybrid working model.
• Priority access to apply for match tickets. A competitive health and wellbeing benefits package.
• A leading Employee Assistance Programme.
• Great discounts with some of our Partners.

Arsenal for Everyone

Arsenal for Everyone is our commitment to promoting and embracing equality, diversity and inclusion, so that everyone connected to the club feels like they belong to the same Arsenal family. We believe that diversity of background, skills and experience drives our success on and off the pitch.

Disability Confident Leader

We are a Disability Confident Leader. We actively welcome and encourage applications from people with disabilities and long‑term health conditions. If you need disability‑related adjustments to the recruitment process, please indicate this in your application.

Safeguarding and Background Checks

We are committed to ensuring that our environments for children, young people and adults at risk remain safe and inclusive. Successful candidates will be required to complete a DBS check and other essential background checks prior to starting their employment. Depending on the responsibilities of the role, a DBS will be either a basic, standard, or enhanced check.

Application Closing Date

Wednesday 7th January 2026