Arup
Data Security Lead Overview
| Company Name | Arup |
| Job Role | Data Security Lead |
| Qualifications | Not Specified |
| Category | IT Jobs |
| Job Type | Full Time |
| Location | Multiple Locations |
This role sits within Arupâs Cyber Resilience team, which is part of the Digital Technology Group. The wider team includes specialists in data security, identity and access management, security engineering, IAM administration, and privileged access management, and works alongside security operations plus governance, risk and compliance to help protect Arupâs platforms, information, and data.
The position offers the chance to join a collaborative organisation with a long-standing purpose-driven culture, where people are encouraged to bring their own perspectives and contribute to work that has real social value. The role is focused on creating and leading a new data security capability that will have organisation-wide impact.
What you will do
- Establish Arupâs new data security service from the beginning, setting out its vision, how it will operate, the plan for delivery, and the measures that will show whether it is succeeding.
- Take responsibility for the organisationâs data security outcomes by converting the data security plan into steady, ongoing operational delivery.
- Develop and own a clear multi-year roadmap that sets priorities and sequences work across governance, data classification, data loss prevention, encryption, monitoring, and resilience.
- Lead the service in a way that balances long-term strategy with day-to-day practical execution.
- Work with senior stakeholders and technical teams to turn data security strategy into implemented controls and improved practice.
- Advise on difficult and high-impact data risk issues, helping the business make informed decisions.
- Monitor delivery progress and keep improving the way data is protected across its full lifecycle.
- Build the team and establish governance structures needed for the service to function effectively.
- Partner with colleagues across cyber and related functions to make sure data protection is embedded into how the organisation operates and delivers work.
What the role is looking for
- Extensive expertise in data security, especially in areas such as data classification, DLP, encryption, and lifecycle-based data protection.
- A solid grasp of relevant security standards and control frameworks, including ISO/IEC 27001, NIST CSF, and CIS Controls.
- Evidence of having led or owned a security service or capability at enterprise or global scale.
- The ability to move comfortably between strategic planning and operational execution, ensuring plans become lasting delivery.
- Strong influencing and relationship-building skills, with experience working effectively with senior leaders and technical specialists.
- Experience operating in a complex, large-scale environment where multiple stakeholders and security disciplines need to be aligned.
Reward and benefits
Arup says it offers a competitive and equitable pay approach alongside a broader package designed to support membersâ wellbeing and development. The organisation describes its reward model as one where employees share in the firmâs success through a global profit share arrangement, with payments dependent on financial performance.
- Global profit share scheme.
- Private medical insurance.
- Life assurance.
- Accident insurance.
- Income protection cover.
- Flexible benefits to support personal and family wellbeing needs.
- Learning opportunities and career development support.
The company also emphasises that it is owned in trust for its members, which gives it freedom to choose work aligned with its purpose and values, and to share success through collective performance.
Culture, inclusion, and support
Arup describes itself as an equal opportunity employer that actively seeks a diverse and inclusive workforce. Applications are welcomed from people of all backgrounds, including differences in age within legal limits, gender identity or expression, marital status, disability, neurotype, mental health, race or ethnicity, faith or belief, sexual orientation, socioeconomic background, and pregnancy or family leave status.
The organisation says it values diverse experiences, perspectives, and ideas, and that this helps drive excellence. It also notes that its internal employee networks support inclusion across race and cross-cultural working, gender equity, LGBTQ+ inclusion, and disability inclusion.
Accessibility is highlighted as an important part of the recruitment process and workplace experience. Candidates can request assistance or reasonable adjustments during application, interview, or when carrying out the essential duties of the role.
Application and recruitment information
Applicants are directed to use Arupâs careers application process and to review the careers page for information about what happens next. The company says it aims to make the process straightforward and easy to follow.
Arup also warns candidates to stay alert to recruitment fraud and states that it will never ask for payment or bank details as part of hiring.
The role is advertised with Cardiff as the main location, and additional office options are listed in Madrid, Leeds, Krakow, Birmingham, Bristol, and London.
Degree Requirement: Not Specified
Visa Sponsorship May be
To apply for this job please visit jobs.arup.com.