Skills

Leadership Incident Response Risk Management Monitoring Decision-making Team Leadership

Job Specifications

Job Summary

The Director of Cybersecurity North America is responsible for maintaining and executing WHSmith North America’s cyber security strategy, leading a focused team to ensure operational rigor, compliance with regulations (including retail-specific compliance), and effective implementation of security controls to protect digital assets. They will act as the key liaison between the executive team and the operational staff.

Board Reporting & Group Support

• Provide regular updates and risk assessments to the North America Board, ensuring transparency and alignment with corporate governance.

• Support the Group CISO in global security initiatives, acting as a regional extension of group-level strategy and execution.

Strategic Leadership

• Develop and maintain the North America cybersecurity roadmap aligned with global WHSmith security objectives.

• Serve as a trusted advisor to senior leadership on emerging threats, regulatory changes, and risk posture.

Business Engagement

• Actively engage with key business sponsors across HR, Finance, Legal, and other functions to ensure security initiatives align with organizational priorities.

• Communicate complex security concepts in business-friendly language to influence decision-making and secure buy-in.

Governance & Compliance

• Establish and enforce IT security policies, standards, and procedures in line with NIST, PCI DSS, and WHSmith governance frameworks.

• Ensure adherence to WHSmith Information Security Governance Policy and Systems Security Policy.

Operational Oversight

• Lead incident response efforts for North America, ensuring timely detection, containment, and remediation of security events.

• Oversee vulnerability management, threat intelligence, and monitoring activities in collaboration with the Global Security Operations Centre (GSOC).

Risk Management

• Identify and mitigate risks related to partial monitoring coverage and manual processes within the North American IT estate.

• Drive continuous improvement initiatives to close security gaps and enhance maturity across NIST CSF domains.

Team Leadership

• Manage and mentor a regional security team, fostering professional development and succession planning.

• Collaborate with global InfoSec peers to ensure consistent security posture across all WHSmith geographies

Job Requirements

Bachelor of Science in Cybersecurity, information technology, or related
5-8 years directly related experience, 3+ years’ Cybersecurity supervisory experience
Proven experience in IT security, risk management, and policy development.
Experience with configuring and integrating systems within enterprise IT environment.
Proven experience managing industry standard security stacks.
Excellent understanding of regulatory requirements and industry best practices.
Ability to collaborate effectively with all business verticals to align security initiatives with organizational goals.
Team Leadership and Collaboration: Strong leadership skills, including the ability to motivate and manage a diverse team, are essential.

About the Company

About WHSmith North America WHSmith is a leading global travel retailer with over 1,700 stores across 30 countries worldwide. WHSmith North America, incorporating Marshall Retail Group (MRG) and InMotion, represents over half of the Company’s international store estate, with c.320 specialty retail stores located in airports and resorts across North America. MRG prides itself on creating unique experiences for customers by developing distinctive retail store concepts that feature and highlight the local culture, community, an... Know more