Head of Physical Security Role | Lead Level

Role Purpose & Context

Role Summary

The Head of Physical Security is responsible for defining and implementing our physical security strategy across a substantial part of our real estate portfolio. This directly impacts our ability to protect people, assets, and our brand reputation. You'll sit at the intersection of strategic planning and operational oversight, translating high-level business risks into tangible security programmes that our site teams can actually run. When this role is done well, our properties are demonstrably safer, incidents are rare and well-managed, and our tenants feel secure. When it's not, we face increased liability, reputational damage, and, frankly, a higher risk of serious harm. The challenge is balancing robust security with operational efficiency and tenant experience—it's never just about 'more cameras'. The reward? Knowing you're directly contributing to the safety and resilience of hundreds of properties and thousands of people.

Reporting Structure

Reports to: Director of Global Security
Direct reports: Roughly 10-25 people, including Security Managers and Senior Security Advisors
Matrix relationships: Director of Security Operations, Senior Security Manager, Regional Security Director (Large Portfolio),

Key Stakeholders

Internal:

SVP of Facilities Management
Regional Operations Directors
Legal and Compliance Teams
HR Leadership
IT Security Lead
Finance Business Partners

External:

Major Clients/Tenants
Security Guarding Vendors
Security Technology Providers
Local Law Enforcement
Regulatory Bodies (e.g., HSE)

Organisational Impact

Scope: This role directly shapes the physical security posture for a significant portion of the organisation. Your decisions influence capital expenditure on security systems, the quality of our guarding services, our incident response capabilities, and ultimately, our legal and reputational risk profile. You're building the capability that keeps our business running safely.

Performance Metrics

Quantitative Metrics

Metric: Security Cost per Square Foot
Desc: The total operating cost of physical security (guards, systems maintenance, etc.) divided by the total square footage of your managed portfolio.
Target: Maintain or reduce by 5% year-on-year, while improving key risk indicators.
Freq: Quarterly budget reviews and annual reports.
Example: If your portfolio is 2M sq. ft. and total security spend is £2M, that's £1.00/sq. ft. You'd aim to get that down to £0.95/sq. ft. without compromising safety.
Metric: Documented Loss Aversion Value
Desc: The quantifiable value of losses prevented due to implemented security programmes (e.g., theft prevented, damage avoided, business interruption mitigated).
Target: Demonstrate >£1M in documented loss prevention annually.
Freq: Annually, through post-incident reviews and programme impact reports.
Example: A new access control system prevents 10 documented incidents of high-value asset theft, each estimated at £100K, showing a £1M loss aversion for the year.
Metric: Business Resiliency (Facility Recovery Time)
Desc: The average time it takes for a facility to return to normal operations after a major security-related incident (e.g., significant damage, prolonged access denial).
Target: Reduce average recovery time by 25% through improved planning and drills.
Freq: Post-incident analysis and annual crisis management exercise reports.
Example: After a major power outage, a facility that previously took 48 hours to regain full security functionality now takes 36 hours, thanks to your improved BCP and emergency response protocols.
Metric: Security Programme Compliance Rate
Desc: The percentage of managed properties adhering to core physical security standards and policies (e.g., regular guard training, system checks, incident reporting completeness).
Target: Achieve 90% compliance across all properties within your remit.
Freq: Quarterly internal audits and annual external assessments.
Example: Out of 100 properties, 92 consistently meet all mandatory security standards, indicating a 92% compliance rate.

Qualitative Metrics

Metric: Executive Confidence & Strategic Influence
Desc: How much senior leadership trusts your judgment and proactively seeks your input on strategic business decisions that have security implications.
Evidence: You're regularly invited to executive planning meetings, your recommendations for security investments are typically approved, and other department heads consult you early on new initiatives. They don't just 'inform' you; they 'ask' you.
Metric: Programme Adoption & Stakeholder Buy-in
Desc: The level of acceptance and active participation from tenants, employees, and regional managers in new security protocols and awareness programmes.
Evidence: Positive feedback from tenant surveys regarding security, high attendance at security awareness briefings, and regional teams actively championing new policies rather than resisting them. Fewer 'why do we have to do this?' complaints.
Metric: Team Capability & Development
Desc: The overall strength, engagement, and progression of your direct and indirect reports, including their ability to operate independently and take on more complex challenges.
Evidence: High retention rates within your team, successful internal promotions, positive feedback in 360-degree reviews, and your team members consistently delivering high-quality work without constant oversight. You're building future leaders.
Metric: Vendor Performance & Relationship Management
Desc: The effectiveness of your relationships with key security vendors (e.g., guarding, technology) in driving performance, innovation, and value.
Evidence: Vendors consistently meet or exceed SLAs, they proactively bring you new solutions, and you're able to negotiate favourable terms. Fewer disputes, more collaborative problem-solving, and no more 'blame game' between different suppliers.

Primary Traits

Trait: Decisive Under Pressure
Manifestation: When a major incident hits—a fire alarm in a high-rise, a credible threat to a tenant, or a system failure—you're the one making the call. You won't freeze. You'll assess the incomplete information, weigh the risks, and issue clear, actionable directives to your team and other stakeholders. You're comfortable saying 'yes' or 'no' on the spot when a security exception is requested, even if it's unpopular.
Benefit: In security, hesitation can cost lives or millions in damages. A 30-second delay in authorising a lockdown or evacuation can be catastrophic. People look to you for leadership when chaos erupts; you can't afford to waffle.
Trait: Strategic Influencer
Manifestation: You can walk into a room with the SVP of Facilities or the Regional MD and articulate why a £500K investment in a new VMS system isn't just a 'security expense', but a critical risk mitigation strategy that protects revenue and reputation. You'll get buy-in from reluctant regional managers on new, sometimes inconvenient, security protocols because you've explained the 'why' in terms they understand. You don't just present facts; you tell a compelling story.
Benefit: Security is often seen as a cost centre until something goes wrong. If you can't effectively influence senior leadership and operational teams to invest in and adhere to security programmes, you'll be constantly fighting an uphill battle, and our properties will remain vulnerable. Your ability to get people on board is as important as your technical knowledge.
Trait: Unwavering Accountability
Manifestation: When a security programme fails, or an incident occurs despite our best efforts, you're the first to take ownership. You don't point fingers at the guard company or a junior team member. You lead the post-incident review with a focus on 'what can we learn and fix?' rather than 'who can we blame?'. You're transparent with senior leadership about vulnerabilities and risks, even when it's uncomfortable, and you follow through on commitments.
Benefit: Trust is paramount in security. If leadership and staff believe you genuinely own the outcomes—both good and bad—they'll be far more likely to grant you the autonomy, budget, and cooperation you need. Blaming others erodes that trust and makes it impossible to build a resilient security culture.

Supporting Traits

Trait: Calm Under Pressure
Desc: The ability to think clearly, communicate effectively, and maintain a steady demeanour even when alarms are blaring, multiple incidents are unfolding, and everyone else is panicking. You're the eye of the storm.
Trait: Pragmatic Problem-Solver
Desc: You understand that 'perfect security' doesn't exist and that every solution needs to balance risk reduction with operational realities and budget constraints. You avoid 'security theatre' and focus on effective, workable solutions, not just the most technically advanced ones.
Trait: Hyper-Observant
Desc: You have a natural knack for noticing details others miss—the subtle change in a property's routine, the unfamiliar vehicle, the slightly damaged lock, or even a shift in tenant behaviour. This helps you spot potential issues before they become full-blown incidents.
Trait: Discreet & Ethical
Desc: You handle highly sensitive information—investigation details, personal threats, system vulnerabilities, and confidential business plans—with absolute confidentiality and unwavering ethical conduct. You understand the implications of data privacy and responsible information sharing.

Primary Motivators

Motivator: Making a Tangible Impact on Safety
Daily: You'll be designing programmes that directly protect thousands of people and millions in assets. Seeing your strategies prevent an incident or successfully manage a crisis is incredibly rewarding. You're not just moving numbers; you're safeguarding lives and livelihoods.
Motivator: Building and Developing High-Performing Teams
Daily: You'll be mentoring managers, shaping career paths, and building the next generation of security leaders. Seeing your team members grow, take on more responsibility, and excel under your guidance is a huge motivator. You're a coach, not just a boss.
Motivator: Solving Complex Organisational Challenges
Daily: This isn't about simple fixes. You'll be tackling multi-faceted problems involving technology, people, processes, and budgets across a diverse portfolio. Figuring out how to standardise security across vastly different properties or integrate disparate systems is the kind of puzzle you thrive on.

Potential Demotivators

Honestly, this role isn't for everyone. You'll spend a fair bit of time battling the 'cost centre' mentality, where security is seen as an overhead until something goes wrong. You'll often feel like you're fighting a daily war against tenant complacency—people propping open secure doors, sharing access cards, or just ignoring protocols because it's 'easier'. You'll also likely deal with the frustrations of managing multiple third-party vendors, where performance can be inconsistent, and you're left to pick up the pieces. Expect to be woken up at 3 AM for false alarms, and sometimes, despite your best efforts, you'll build a robust plan that gets deprioritised because 'the business moved on' or 'we don't have the budget this quarter'. If you need every single one of your strategic recommendations to be implemented immediately, you'll struggle here. If you can accept that 60% impact on 40% of projects beats 100% impact on 10%—and genuinely believe that, not just say it in interviews—you'll thrive.

Common Frustrations

Constantly justifying security budgets and ROI to leadership who see it as a pure overhead.
Dealing with tenant and employee pushback on new security protocols that are seen as inconvenient.
Managing underperforming third-party guarding vendors with high turnover and inconsistent quality.
The sheer volume of false alarms that desensitise teams to genuine threats.
Navigating the legal tightrope between robust security measures and privacy concerns or liability issues.
Integration nightmares between legacy security systems and new technologies, with vendors blaming each other.
Trying to get leadership to fund proactive crisis management plans when their default is optimistic denial.

What Role Doesn't Offer

A quiet, predictable 9-to-5 job with no surprises.
A role where every single recommendation you make gets implemented without question.
A position where you're solely focused on hands-on technical work without any people management or strategic oversight.
A workplace where security is always the top priority above all other business concerns.

ADHD Positives

The fast-paced, incident-driven nature of security leadership can be engaging and stimulating, offering varied challenges rather than monotonous tasks.
The need for quick, decisive action during crises can play to strengths in rapid problem-solving and hyperfocus under pressure.
Leading multiple concurrent strategic initiatives and managing diverse teams offers constant novelty and intellectual stimulation.

ADHD Challenges and Accommodations

The extensive documentation and policy writing required for enterprise-level security can be challenging; using AI writing tools and delegating drafting to support staff can help.
Maintaining focus during long strategic planning meetings might be difficult; encouraging active participation, short breaks, and visual aids can assist.
Managing a large portfolio of properties and programmes requires strong organisational systems; structured project management tools and executive assistants are key accommodations.

Dyslexia Positives

Strong spatial reasoning skills are invaluable for designing effective CPTED strategies and understanding complex security system layouts.
Often possess excellent verbal communication and storytelling abilities, which are crucial for influencing senior leadership and gaining buy-in for security initiatives.
Holistic thinking can help in identifying non-obvious connections between disparate security data points and developing innovative solutions.

Dyslexia Challenges and Accommodations

The heavy reliance on written policies, detailed incident reports, and strategic documents can be demanding; using dictation software, proofreading tools, and having administrative support for final drafts are helpful.
Reading and interpreting dense regulatory compliance documents might require extra time; providing summaries or using text-to-speech software can assist.
Presentations often involve complex data; focusing on clear visual aids and verbal explanations, rather than dense text, is encouraged.

Autism Positives

A strong adherence to rules, protocols, and standards is highly valued in security, ensuring consistent application of policies across the portfolio.
Exceptional attention to detail can be critical for identifying subtle vulnerabilities in physical security systems or detecting patterns in incident data.
The ability to focus deeply on complex problem-solving, such as designing an enterprise-wide access control matrix or troubleshooting system integrations, can be a significant asset.

Autism Challenges and Accommodations

The role involves extensive stakeholder engagement, negotiation, and influencing; clear communication guidelines, pre-meeting agendas, and debriefs can be beneficial.
Unexpected crises and rapid shifts in priorities can be disruptive; establishing clear escalation paths and communication protocols for emergencies helps manage this.
Navigating complex organisational politics and unspoken social cues can be challenging; direct feedback, clear expectations, and a supportive leadership team are crucial.

Sensory Considerations

The work environment is primarily office-based for strategic planning, but you'll also be visiting various property types (commercial, retail, industrial) which can have varying noise levels, lighting, and social interactions. During incidents, environments can become high-stress with alarms, flashing lights, and urgent communications. The GSOC environment, where you'll spend some time, is typically a controlled, moderately lit space with multiple screens and some background chatter. We aim for flexibility where possible, but the nature of security means you need to be able to operate effectively in diverse and sometimes challenging sensory conditions.

Flexibility Notes

We offer hybrid working for strategic planning and administrative tasks, but site visits, incident response, and key stakeholder meetings will require in-person attendance. We're open to discussing specific accommodations to ensure you can thrive in this demanding but rewarding role.

Key Responsibilities

Experience Levels Responsibilities

Level: Head of Physical Security (L5)
Responsibilities: Define the overarching physical security strategy and standards for a country or major business unit, ensuring alignment with global risk appetite and business objectives.
Own the annual physical security budget (typically £500K-£2M) for your portfolio, making strategic allocation decisions for technology, personnel, and training.
Lead the selection, negotiation, and performance management of key security vendors (e.g., guarding services, security system integrators), ensuring SLAs are met and value is delivered.
Build, mentor, and develop a high-performing team of Security Managers and Senior Security Advisors, fostering a culture of accountability, continuous improvement, and professional growth.
Design and implement enterprise-wide security programmes, such as TVRA methodologies, CPTED guidelines, and crisis management plans, ensuring consistent application across diverse properties.
Act as the primary point of contact for executive leadership on all significant physical security matters, providing regular briefings on risk posture, incident trends, and strategic initiatives.
Oversee complex security investigations and post-incident reviews, ensuring lessons learned are captured and integrated into future policies and training programmes.
Supervision: You'll be largely self-directed, focusing on quarterly objectives and strategic outcomes. Your interaction with the Director of Global Security will be for strategic alignment, high-level reporting, and major incident escalation. You're expected to operate with significant autonomy.
Decision: You have full authority over the physical security strategy and operational execution within your defined portfolio. This includes budget allocation up to £2M, hiring and firing decisions for your direct reports, and vendor selection up to £100K without further approval. Decisions impacting overall organisational P&L or requiring board-level sign-off will need alignment with the Director of Global Security and relevant executives.
Success: You'll know you're succeeding when your security programmes are effectively reducing risk, your team is thriving and developing, and executive leadership consistently trusts your judgment and seeks your input on strategic decisions. Your portfolio's security metrics (e.g., cost per sq. ft., loss aversion) will be consistently meeting or exceeding targets.

Decision-Making Authority

Type: Strategic Security Programme Design
Entry: Follows pre-defined programme steps, escalates deviations.
Mid: Proposes adaptations to existing programmes for specific properties, consults manager.
Senior: Designs and implements new security programmes for specific workstreams, consults Director.
Type: Budget Allocation (Operational & Capital)
Entry: Manages small petty cash, escalates all expenditure.
Mid: Manages project budgets up to £10K, informs manager.
Senior: Recommends budget allocation for projects up to £50K, consults Director for approval.
Type: Vendor Selection & Management
Entry: Follows preferred vendor list, escalates issues.
Mid: Evaluates proposals from preferred vendors, recommends choice to manager.
Senior: Leads RFP process for specific projects (e.g., new camera system), recommends vendor to Director.
Type: Team Hiring & Development
Entry: No hiring authority, assists with onboarding.
Mid: Participates in interviews for junior roles, provides informal guidance.
Senior: Leads hiring for junior roles, mentors 1-2 team members.

Supercharge Your Security Leadership: Save 15-25 Hours Weekly with AI

As the Head of Physical Security, your time is gold. You're juggling strategic planning, budget oversight, vendor management, and team development. What if you could reclaim hours each week from the routine, the analytical, and the administrative? Our AI Productivity Hub shows you how.

ID:

Tool: Automated Threat Detection Oversight

Benefit: Use AI-powered video analytics to automatically flag critical events like perimeter breaches, suspicious loitering, or tailgating across your portfolio. You'll oversee the system, ensuring GSOC operators are focusing on verified alerts, not staring at endless screens. This means faster, more accurate incident response and better resource allocation for your teams.

ID:

Tool: Predictive Incident Analysis for Strategic Planning

Benefit: Leverage AI to crunch years of incident data, access logs, and external factors (like local crime stats). The AI will identify non-obvious patterns and predict 'hot spots' for future security issues across your properties. This gives you the foresight to proactively deploy resources, adjust guard patrols, or recommend targeted security upgrades where they'll have the biggest impact, saving significant time on manual trend analysis.

ID:

Tool: Accelerated Policy & Programme Drafting

Benefit: Use generative AI to create a first draft of detailed site-specific post orders, enterprise-wide security awareness bulletins for tenants, or new standard operating procedures. Just give it a few key prompts and company templates, and it'll produce a solid starting point. This cuts down drafting time for routine documentation by 50%, letting you focus on the strategic content and implementation, rather than the initial wordsmithing.

ID:

Tool: Real-Time Threat Intelligence Synthesis for Executives

Benefit: Employ an AI tool to continuously monitor global news, social media, and specialised intelligence feeds for physical threats relevant to your property locations—think planned protests, civil unrest, or specific regional threats. The AI provides concise, actionable summaries, saving you 3-5 hours per week of manual news scanning and ensuring you're always prepared for executive briefings on emerging risks.

15-25 hours weekly Weekly time savings potential

Access to 4+ core AI tools Typical tool investment

Explore AI Productivity for Head of Physical Security →

12-15 specific tools & techniques with implementation guides

Competency Requirements

Foundation Skills (Transferable)

Beyond the technical know-how, a Head of Physical Security needs a solid set of foundational skills to navigate complex organisational dynamics, lead teams, and communicate effectively. These aren't just 'nice-to-haves'; they're essential for strategic impact.

Category: Strategic Communication & Influence
Skills: Executive-level presentation skills: Can articulate complex security risks and solutions clearly and concisely to C-suite and board members.
Negotiation and persuasion: Able to secure buy-in for security investments and policies from diverse stakeholders, including reluctant regional leaders and tenants.
Crisis communication: Can draft and deliver clear, calm, and accurate messages during high-stress incidents to internal and external audiences.
Active listening: Genuinely understands stakeholder concerns and integrates feedback into security strategies.
Category: Organisational Problem-Solving & Decision Making
Skills: Strategic thinking: Able to foresee long-term security challenges and develop proactive, scalable solutions across a large portfolio.
Complex problem diagnosis: Can break down multi-faceted security issues (e.g., system integration failures, persistent policy non-compliance) into root causes and actionable steps.
Risk-based decision making: Consistently makes sound judgments under pressure, balancing security needs with business continuity and legal considerations.
Resource optimisation: Can allocate finite budgets and personnel effectively to achieve maximum security impact across diverse properties.
Category: Leadership & Team Development
Skills: Mentorship and coaching: Actively develops direct reports and fosters their career progression, identifying potential and providing growth opportunities.
Performance management: Sets clear expectations, provides constructive feedback, and manages underperformance effectively within the team.
Change management: Leads the implementation of new security technologies and policies across the organisation, managing resistance and ensuring adoption.
Conflict resolution: Mediates disputes within the team or between security and other departments, finding constructive solutions.
Category: Adaptability & Resilience
Skills: Navigating ambiguity: Comfortable operating with incomplete information and making decisions in rapidly evolving security landscapes.
Stress management: Maintains effectiveness and composure during high-pressure incidents and sustained periods of demand.
Continuous learning: Stays current with emerging security threats, technologies, and best practices, integrating new knowledge into strategies.
Organisational agility: Can pivot strategies and priorities in response to new business requirements, regulatory changes, or unforeseen security challenges.

Functional Skills (Role-Specific Technical)

This role demands deep expertise in physical security methodologies, a strong grasp of modern security technologies, and a nuanced understanding of the real estate and facilities management industry. You're not just supervising; you're designing and directing.

Technical Competencies

Skill: Threat, Vulnerability, and Risk Assessment (TVRA)
Desc: You'll be defining and overseeing the enterprise-wide TVRA methodology. This means identifying potential threats (e.g., active assailants, organised theft, cyber-physical attacks), assessing vulnerabilities across our diverse property portfolio, and quantifying the likelihood and impact of various risks. You'll then use this data to prioritise mitigation strategies and justify investments.
Level: Expert
Skill: CPTED (Crime Prevention Through Environmental Design)
Desc: You'll be a strategic advisor on CPTED principles for new property developments and major renovations. This involves using architectural design, landscaping, lighting, and signage to reduce criminal opportunity and enhance natural surveillance, ensuring our properties are inherently safer from the ground up.
Level: Advanced
Skill: Guard Force Management & Optimisation
Desc: This means owning the entire lifecycle: from drafting enterprise-level 'post orders' and negotiating complex SLAs with third-party guarding vendors, to using data (patrol logs, incident rates) to strategically optimise guard deployment and ensure we're getting maximum value and effectiveness from our security personnel. You'll also be a pro at identifying and addressing 'ghost posts'.
Level: Expert
Skill: Business Continuity & Crisis Management
Desc: You'll design, implement, and regularly drill our physical security response plans for major disruptions—think fires, floods, power outages, or civil unrest. This ensures our security operations can continue, and assets and people are protected, even when everything else is going wrong. You'll be coordinating with wider business continuity teams.
Level: Advanced
Skill: Executive Protection (EP) Principles
Desc: While you might not be providing hands-on EP, you'll be overseeing the coordination of executive protection for senior leadership, including travel risk assessments, secure transportation logistics, and event security planning. You'll understand the principles well enough to direct specialist teams.
Level: Intermediate
Skill: Physical Penetration Testing Oversight
Desc: You'll be commissioning and overseeing physical penetration tests across the portfolio, interpreting the results, and using them to drive improvements in both physical controls and security awareness. This includes understanding social engineering tactics and testing alarm response times.
Level: Advanced

Digital Tools

Tool: Access Control Systems (ACS) - Genetec Synergis, LenelS2 OnGuard, C•CURE 9000
Level: Strategic
Usage: Leading platform selection (RFP process), designing the enterprise-wide access control matrix, approving integration with HRIS for automated provisioning, and setting global access policies.
Tool: Video Management Systems (VMS) - Milestone XProtect, Genetec Omnicast, Avigilon Control Center
Level: Strategic
Usage: Determining enterprise camera placement standards, managing video storage budgets (cloud vs. on-prem), evaluating and approving the use of advanced video analytics for proactive threat detection.
Tool: Incident Management & Reporting - Resolver, Everbridge (Visual Command Center), ServiceNow GRC
Level: Strategic
Usage: Configuring the entire incident management platform, designing incident taxonomies for consistent reporting, and presenting quarterly trend analysis to the executive risk committee to inform strategic decisions.
Tool: Mass Notification Systems - Everbridge, OnSolve, AlertMedia
Level: Strategic
Usage: Owning the vendor relationship, defining the crisis communication strategy for physical security events, and ensuring seamless integration with other life-safety platforms and business continuity plans.
Tool: Visitor Management Systems - Envoy, iLobby, Traction Guest
Level: Strategic
Usage: Selecting the optimal VMS platform based on security requirements (e.g., background checks, watchlist integration) and user experience, and setting enterprise-wide visitor policies.
Tool: Business Intelligence / Data Viz - Power BI, Tableau
Level: Strategic
Usage: Defining the Key Performance Indicators (KPIs) for the entire physical security function and overseeing the creation of executive-level security dashboards for the C-suite and board, providing actionable insights.

Industry Knowledge

Area: Real Estate & Facilities Management Operations
Desc: A deep understanding of how commercial properties operate, including tenant relations, property management cycles, maintenance schedules, and the unique security challenges of diverse building types (e.g., office, retail, industrial, residential).
Area: Legal & Regulatory Compliance (UK Specific)
Desc: Comprehensive knowledge of UK security-related legislation, including GDPR, CCTV codes of practice, Health & Safety at Work Act, fire safety regulations, and relevant liability laws. You'll ensure our security programmes are fully compliant.
Area: Security Industry Best Practices & Standards
Desc: Up-to-date knowledge of international and national security standards (e.g., ISO 27001, BS 7499, ASIS guidelines) and how to apply them pragmatically within a large property portfolio.

Regulatory Compliance Regulations

Reg: General Data Protection Regulation (GDPR)
Usage: Ensuring all security systems (CCTV, access control, VMS) and processes (incident reporting, investigations) comply with GDPR, particularly regarding data collection, storage, retention, and individual rights. You'll work closely with Legal and Privacy teams.
Reg: Health and Safety at Work etc. Act 1974
Usage: Integrating security measures with health and safety protocols, ensuring that security procedures don't create new hazards and that emergency response plans are coordinated with H&S requirements. This includes risk assessments for security personnel.
Reg: Private Security Industry Act 2001 (SIA)
Usage: Ensuring all contracted security personnel hold valid SIA licences, that guarding vendors comply with all regulatory requirements, and that our internal security practices align with industry standards for private security operations.
Reg: Equality Act 2010 & Disability Discrimination Act (DDA)
Usage: Designing and implementing security measures that are inclusive and accessible for all individuals, including those with disabilities, ensuring compliance with accessibility standards for physical access, emergency procedures, and communication.

Essential Prerequisites

Proven experience (minimum 5 years) in a senior leadership role within physical security, managing a multi-site portfolio or a large security operation.
Demonstrable experience in managing significant security budgets (e.g., £500K+ annually) and achieving cost efficiencies without compromising risk posture.
A track record of successfully negotiating and managing complex contracts with major security guarding and technology vendors.
Experience in building, mentoring, and leading a team of security professionals, including managers.
Deep expertise in developing and implementing enterprise-level security policies, standards, and crisis management plans.
Strong understanding of UK legal and regulatory frameworks relevant to physical security and data protection.
Excellent strategic communication skills, with a proven ability to influence executive-level stakeholders.

Career Pathway Context

Typically, individuals stepping into this role would have progressed from a Regional Security Manager (L4) position or a similar senior role in a large, complex organisation. We're looking for someone who has already demonstrated the ability to manage people, budgets, and programmes at scale, and is ready to define strategy rather than just execute it. Equivalent experience from military, law enforcement, or other high-risk environments with a strong facilities management component will also be considered.

Qualifications & Credentials

Emerging Foundation Skills

Skill: Cyber-Physical Convergence & IT/OT Security Integration
Why: Critical within 12 months. Our physical security systems (access control, CCTV, building management systems) are increasingly networked and vulnerable to cyber attacks. A breach in IT can directly impact physical safety. Competitors are already building integrated security operations centres (ISOCs) that merge cyber and physical intelligence.
Concepts: [{'concept_name': 'Operational Technology (OT) Security', 'description': 'Understanding the unique vulnerabilities and protection strategies for industrial control systems and building automation systems (BAS) that underpin physical infrastructure.'}, {'concept_name': 'Integrated Security Operations Centres (ISOCs)', 'description': 'Designing and implementing command centres that combine cyber and physical security monitoring, intelligence, and response capabilities for a holistic view of risk.'}, {'concept_name': 'Zero Trust Architecture (Physical)', 'description': 'Applying Zero Trust principles to physical access, assuming no user or device is inherently trustworthy, even within the perimeter.'}, {'concept_name': 'Supply Chain Security (Physical)', 'description': 'Assessing and mitigating the cyber and physical risks introduced by third-party vendors who provide and maintain security hardware and software.'}, {'concept_name': 'Data Loss Prevention (DLP) for Physical Assets', 'description': 'Implementing strategies to prevent the unauthorised removal of sensitive physical assets or data from secure premises.'}]
Prepare: This quarter: Partner closely with the IT Security Lead on a joint risk assessment for a critical building's security systems.
Next 6 months: Complete a recognised certification in OT Security or Industrial Control System (ICS) security.
Month 7-9: Develop a proof-of-concept for integrating physical security alerts into the existing IT Security Operations Centre (SOC) dashboard.
Month 10-12: Lead a tabletop exercise that simulates a cyber attack impacting physical security systems, involving both IT and physical security teams.
QuickWin: Start regular 'coffee catch-ups' with your IT Security counterpart to understand their challenges and identify immediate areas for collaboration on system vulnerabilities.
Skill: ESG (Environmental, Social, Governance) Integration in Security
Why: Important within 18 months. Investors, tenants, and employees are increasingly demanding that organisations demonstrate strong ESG credentials. Security practices, particularly around human rights, ethical sourcing of technology, and sustainable operations, will come under scrutiny. This isn't just 'greenwashing'; it's about responsible business.
Concepts: [{'concept_name': 'Ethical Sourcing of Security Technology', 'description': 'Evaluating security vendors for their human rights records, labour practices, and supply chain transparency, especially concerning surveillance technology.'}, {'concept_name': 'Sustainable Security Operations', 'description': 'Reducing the environmental footprint of security operations, e.g., energy-efficient systems, optimising guard patrols to reduce vehicle emissions, responsible disposal of old equipment.'}, {'concept_name': 'Human Rights in Security', 'description': 'Ensuring security policies and practices respect human rights, particularly concerning privacy, freedom of movement, and non-discrimination.'}, {'concept_name': 'Social Impact of Security', 'description': 'Assessing how security measures impact local communities and fostering positive relationships, rather than creating barriers.'}, {'concept_name': 'Transparency & Reporting (ESG)', 'description': "Developing metrics and reporting frameworks for security's contribution to the organisation's overall ESG performance."}]
Prepare: This quarter: Review your top 3 security vendors' ESG policies and identify any red flags.
Next 6 months: Research and propose 2-3 'green' security technologies or practices for consideration in next year's budget.
Month 7-9: Work with HR and Legal to review security policies for alignment with human rights principles, especially around surveillance and use-of-force.
Month 10-12: Draft a section for the company's annual ESG report outlining physical security's contributions and future goals.
QuickWin: Start asking security vendors about their sustainability practices during procurement discussions. It sends a clear signal about our priorities.

Advancing Technical Skills

Skill: Advanced AI & Machine Learning for Security
Why: Critical within 6 months. AI is rapidly transforming threat detection, predictive analytics, and operational efficiency in security. You need to understand the capabilities, limitations, and ethical implications to effectively direct its deployment and interpret its outputs. This isn't just about using AI; it's about governing it.
Concepts: [{'concept_name': 'Deep Learning & Computer Vision for Video Analytics', 'description': 'Understanding how advanced AI models identify objects, behaviours, and anomalies in video streams, moving beyond simple motion detection.'}, {'concept_name': 'Natural Language Processing (NLP) for Incident Reporting', 'description': 'Using AI to analyse unstructured text in incident reports, identify trends, and flag critical information automatically.'}, {'concept_name': 'Ethical AI & Bias in Security Systems', 'description': 'Recognising and mitigating potential biases in AI models (e.g., facial recognition, behavioural analytics) to ensure fair and equitable security practices.'}, {'concept_name': 'AI Model Explainability (XAI)', 'description': "Understanding how to interpret the decisions made by AI systems, rather than treating them as a 'black box', which is crucial for accountability and trust."}, {'concept_name': 'Data Governance for AI Training', 'description': 'Ensuring the data used to train AI security models is accurate, representative, and compliant with privacy regulations.'}]
Prepare: This week: Read 2-3 whitepapers on the ethical use of AI in security and surveillance.
This month: Attend a webinar or online course on the fundamentals of computer vision or NLP in a security context.
Month 2: Engage with a security technology vendor to understand their AI roadmap and the underlying technology.
Month 3: Develop a set of ethical guidelines for the deployment of AI-powered security systems within our organisation.
QuickWin: Start experimenting with public AI tools (like ChatGPT or Claude) to summarise security research papers or draft initial policy outlines, understanding their capabilities and limitations.

Future Skills Closing Note

The Head of Physical Security isn't just a guardian; you're an architect of future safety. Embracing these emerging skills will ensure you remain at the forefront of the industry, capable of navigating complex risks and building resilient, forward-thinking security programmes for our entire portfolio.

Education Requirements

Level: Minimum
Req: Bachelor's degree in Security Management, Business Administration, Criminal Justice, or a related field.
Alts: Extensive (15+ years) relevant experience in a senior security leadership role within a large, multi-site organisation, particularly from military or law enforcement backgrounds, may be considered in lieu of a degree.
Level: Preferred
Req: Master's degree in Security Management, Business Administration (MBA), or a related field.
Alts: Advanced professional certifications (e.g., CPP, PSP) combined with significant leadership experience.

Experience Requirements

You'll need roughly 12-16 years of progressive experience in physical security, with at least 5-7 years in a significant leadership role managing teams, budgets, and programmes across a large, multi-site property portfolio. We're looking for someone who has genuinely owned the strategic direction and operational outcomes for a substantial security function, not just managed projects. Experience in the real estate, facilities management, or a similar asset-intensive industry is pretty crucial.

Preferred Certifications

Cert: Certified Protection Professional (CPP)
Prod: ASIS International
Usage: This is the gold standard for security management professionals, demonstrating comprehensive knowledge across all areas of security management, including risk assessment, physical security, investigations, and business principles.
Cert: Physical Security Professional (PSP)
Prod: ASIS International
Usage: Focuses specifically on physical security principles, including threat assessment, security system design, and implementation, which is highly relevant to this role's core responsibilities.
Cert: Certified Information Security Manager (CISM)
Prod: ISACA
Usage: While primarily IT security, this certification demonstrates understanding of information risk management and governance, which is increasingly vital as physical security systems become networked and vulnerable to cyber threats.
Cert: Certificate in Crisis Management (e.g., BCI)
Prod: Various (e.g., Business Continuity Institute)
Usage: Demonstrates expertise in developing and implementing effective crisis management and business continuity plans, a key component of this role.

Recommended Activities

Regularly attend industry conferences and seminars (e.g., IFSEC, ASIS Annual Seminar) to stay abreast of emerging threats and technologies.
Participate in professional security associations and networking groups to share best practices and build a strong professional network.
Engage in continuous learning through online courses or workshops on topics like AI in security, cyber-physical security, or advanced leadership skills.
Seek out mentorship opportunities from senior leaders within the organisation or the wider security industry.
Contribute to industry publications or speak at events, establishing yourself as a thought leader.

Career Progression Pathways

Entry Paths to This Role

Path: Regional Security Manager (L4) within Zavmo
Time: 3-5 years as an L4
Path: Senior Security Leader from another large Facilities Management firm
Time: Direct entry with 12-16 years total experience
Path: Head of Security from a single, very large or complex site (e.g., major airport, critical national infrastructure)
Time: Direct entry with 12-16 years total experience

Career Progression From This Role

Pathway: Director of Global Security (L6)
Time: 3-5 years in the Head of Physical Security role
Pathway: Head of Enterprise Risk (or similar cross-functional role)
Time: 4-6 years in the Head of Physical Security role

Long Term Vision Potential Roles

Title: Chief Security Officer (CSO)
Time: 5-10+ years (from current role)
Title: Chief Operating Officer (COO) with Security Specialism
Time: 8-12+ years (from current role)
Title: Head of Global Real Estate & Facilities
Time: 7-10+ years (from current role)

Sector Mobility

The skills developed as Head of Physical Security are highly transferable. You could move into similar senior security leadership roles in other asset-intensive industries like critical national infrastructure, logistics, manufacturing, or even large corporate campuses. The strategic risk management and leadership capabilities are universally valued.

How Zavmo Delivers This Role's Development

DISCOVER Phase: Skills Gap Analysis

Zavmo maps your current competencies against all requirements in this job description through conversational assessment. We evaluate your foundation skills (communication, strategic thinking), functional skills (CRM expertise, negotiation), and readiness for career progression.

Output: Personalised skills gap heat map showing strengths and priorities, estimated time to competency, neurodiversity accommodations.

DISCUSS Phase: Personalised Learning Pathway

Based on your DISCOVER results, Zavmo creates a personalised learning plan prioritised by impact: foundation skills first, then functional skills. We adapt to your learning style, pace, and neurodiversity needs (ADHD, dyslexia, autism).

Output: Week-by-week schedule, each module linked to specific job responsibilities, checkpoints and milestones.

DELIVER Phase: Conversational Learning

Learn through conversation, not boring modules. Zavmo uses 10 conversation types (Socratic dialogue, role-play, coaching, case studies) to build competence. Practice difficult QBR presentations, negotiate tough renewals, and handle churn conversations in a safe AI environment before facing real clients.

Example: "For 'Stakeholder Mapping', Zavmo will guide you through analysing a complex enterprise account, identifying key decision-makers, and building an engagement strategy."

DEMONSTRATE Phase: Competency Assessment

Zavmo automatically builds your evidence portfolio as you learn. Every conversation, practice scenario, and application example is captured and mapped to NOS performance criteria. When ready, your portfolio supports OFQUAL qualification claims and demonstrates competence to employers.

Output: Competency matrix, evidence portfolio (downloadable), qualification readiness, career progression score.

Discover Your Skills Gap Explore Learning Paths