Field CTO

Field CTO (Cyber)

PGI is a global digital security consultancy that helps organisations build resilience. We deploy our people to implement solutions on behalf of clients or to support them in developing their own capabilities. Our vision is a world resilient to digital threats and online harm. To achieve this, we need to grow our team of talented and passionate people. Our clients include some of the most well-known global companies, national governments, and innovative growing businesses. We operate in an exciting, fast-growing sector that bears increasing relevance and importance to nation-states, corporates, public bodies, and NGOs.

We are seeking a Field CTO to join our team. This is a unique role that requires deep cybersecurity expertise and a strong understanding of the regulatory, governance, and technical challenges faced by our clients. You will act as a trusted adviser to organisations, shaping tailored solutions to help them secure their systems, ensure compliance with regulations, and protect against deliberate harmful behaviour within their controlled space(s).

This is not a board-level or statutory CTO role.
The Field CTO operates as a senior advisory and technical position within client engagements and go to market activity, not as a member of PGI’s board or executive committee.

As Field CTO, you will act as a trusted technical authority for our clients, helping them shape and execute pragmatic, resilient security strategies. You will bridge business needs, regulatory expectations, and technical delivery, translating complex cyber risk into clear, actionable outcomes.

What you’ll be doing

• Contribute to our key clients’ strategic security direction through consulting, advising, and designing human and technical interventions at an expert level.

• Serve as the primary technical consultant during client engagements, understanding their security posture and business needs.

• Translate complex cybersecurity concepts into business value propositions for senior stakeholders, particularly where an expected need is unclear.

• Assist clients in the development of security strategies where they do not exist, and/or present tailored cybersecurity roadmaps designed to help achieve those security strategies.

• Collaborate with PGI’s subject matter experts to identify opportunities to enhance client security using existing services and/or skillsets.

• Where services do not exist, works with delivery leads to help outline what service(s) needs to be created.

• Collaborate with delivery teams to ensure solutions are feasible and aligned with current capabilities.

• Support the sales team and account managers in pre-sales activities, including proposal development, RFP responses, and solution presentations.

• Lead on the technical elements of proposal writing, presenting clear and meaningful client benefit.

• Contribute to revenue growth by identifying and closing upsell opportunities within existing accounts.

• Partner with PGI’s marketing and sales teams to develop compelling product and market collateral to the appropriate target audience.

• Identify emerging thematic market opportunities, defining how PGI’s existing or potential offering evolves to meet significant areas of current and future demand.

• Utilise existing corporate and public sector experience to influence compliance, adherence or alignment with industry recognised standards or certification.

• Act as an internal role model and mentor to staff on aspects of solution design, client influence and management.

• Own how PGI strategically engages/approaches client types to measure, design or remediate risks to pragmatically improve digital security or investigations capability.

• Provide input into service development and help upskill internal teams on emerging technologies and client needs.

On day one you will bring

• Experience in or working knowledge of the regulatory environment in which our services fall. Including, but not limited to, NIST CSF, DORA, ISO/IEC 27000 series GDPR/DPA, PCI DSS, etc. Plus understanding of ISO/IEC 23894 and the Online Safety Bill.

• Background in offensive security & testing, security architecture, and/or GRC & privacy highly desirable.

• Experience in conducting risk assessments and forming risk management policies.

• Confidence and industry experience to challenge security maturity initiatives.

• Understanding of wider digital resilience service lines.

• Experience in pre-sales, scoping requirements, and client-facing delivery engagements within a cybersecurity context.

• Strong commercial understanding of the corporate and public sector, and appreciation of wider PGI client markets.

• Proven ability to articulate the value of our solutions for clients’ security postures.

• Excellent communication and stakeholder management skills.

• Ability to influence decisionmakers and build long-term client relationships.

• Effective consulting skills to listen, define solutions and advise clients on how best to approach solving problems.

• A positive approach to problem-solving and possesses the ability to work smart and collaboratively to set deadlines.

• Strong sense of personal responsibility and accountability.

Accessibility at PGI

Every individual has different requirements, so we are committed to implementing reasonable adjustments to mitigate physical and non-physical barriers in the workplace.

We strive to make the recruitment process as accessible as possible, but if you have any questions or concerns, please get in touch.

Please note: We are not accepting applications or speculative profiles from any recruitment agencies. If we require additional resource, we will reach out to you.