Director of Information Security

Starling BankLondon, England, United Kingdom

Hybrid Full-time

Clicking Apply Now takes you to AutoApply where you can tailor your resume and apply.

Experience Level

Senior Level Manager

Qualifications

The successful candidate should possess:A strong background in information security or cyber security. Proven leadership and team management experience. Excellent communication skills to liaise with various stakeholders. A proactive and self-driven approach to problem-solving.

About the job

Role overview

The Director of Information Security leads the Office of the CISO and reports directly to the Chief Information Security Officer. This position manages a team of Information Security analysts and plays a key role in shaping and strengthening Starling Bank's security capabilities and governance.

This role is designed for a seasoned information security leader who has experience building teams and driving continuous improvement. It offers a path for those considering future advancement to a CISO role.

Main responsibilities

Oversee the Information Security Policy Framework, ensuring alignment with the needs of Starling Group and its stakeholders, and maintaining compliance with legislation and industry standards.
Develop and maintain standards for implementing security controls and procedures.
Collaborate with external organizations and regulatory bodies to enhance Starling’s security posture.

Location

This position is based in London, England, United Kingdom.

About Starling Bank

Starling Bank is an innovative digital bank in the UK, committed to fixing banking through technology. Our mission is to empower customers to manage their finances more effectively while maintaining a culture of collaboration and innovation.

Similar jobs

Browse all companies, explore by city & role, or SEO search pages. View directory listings: all jobs, search results, location & role pages.

1 - 20 of 5,808 Jobs

Search for Senior Information Security Analyst Isms Management

5,808 results

Select all on this page (20)

Apply

Senior Information Security Analyst - ISMS Management

bmlltech

Full-time|On-site|London, England, United Kingdom

Join our dynamic team at bmlltech as a Senior Information Security Analyst specializing in ISMS Management. You will play a crucial role in safeguarding the integrity and confidentiality of our information assets. Your expertise will help us to establish, implement, and maintain an effective Information Security Management System (ISMS) that aligns with inte…

Apr 2, 2026

Apply

Senior Information Security Risk Analyst

Trainline

Full-time|On-site|London

Trainline connects millions of travelers with rail and coach tickets, offering a range of options through its app, website, and B2B channels. With a focus on making travel simpler and more sustainable, Trainline partners with over 270 transport companies in 40 countries. The company processes more than 135 million visits monthly and handles £6.3 billion in ticket sales each year. Headquartered in London and present in major European cities, Trainline's team includes more than 1,000 people from 50+ nationalities. The Security team works to strengthen risk management as technology and AI risks change. Collaboration with teams across the business helps keep systems and data secure. Role overview The Senior Information Security Risk Analyst, based in London and reporting to the GRC Manager, will play a key role in advancing Trainline’s security risk management program. This position focuses on addressing both established and emerging risks, particularly those related to AI and cloud technologies. What you will do Manage information security risks, including traditional cyber threats and AI-specific risks such as data quality and model bias. Align risk management activities with Trainline’s business risk appetite. Work with Engineering, Data Science, Legal, and Internal Audit teams to maintain a broad perspective on information, cyber, and AI risks. Promote strong risk governance in a cloud-first, AI-driven environment. Conduct risk assessments for both existing and new AI use cases. Collaboration This role requires frequent interaction with both technical and business teams. The aim is to make sure risk management practices are practical and integrated into daily operations.

Apr 23, 2026

Apply

Information Security Compliance Analyst

Evelyn Partners

Full-time|On-site|London

Role Overview Evelyn Partners is looking for an Information Security Compliance Analyst in London. This position helps ensure the company’s security policies and procedures meet government regulations and industry standards. The analyst works closely with teams across the business to strengthen security practices. What You Will Do Monitor and assess compliance with security policies and procedures Support risk assessments and internal audits Participate in compliance reviews to identify gaps and recommend improvements Work with other departments to build awareness and improve security controls

Apr 16, 2026

Apply

Senior Information Security Engineer

AJ Bell

Full-time|Hybrid|Manchester or London - Hybrid

AJ Bell seeks a Senior Information Security Engineer to strengthen the protection of company information systems and support compliance initiatives. The position is offered as a hybrid role, with the option to work from either the Manchester or London office and some flexibility for remote work. Key responsibilities Identify and assess security vulnerabilities within company systems Implement and maintain security controls to protect data and infrastructure Collaborate with teams across the business to promote effective security practices Assist in maintaining compliance with relevant regulations and internal policies Location This role is based in Manchester or London with a hybrid work arrangement, allowing for both office presence and remote work.

Apr 23, 2026

Apply

Senior Security Analyst (f/m/d)

Contentful

Full-time|Hybrid|London, England, United Kingdom

About the Opportunity At Contentful, we are dedicated to establishing a secure and reliable service, investing substantial resources in our security initiatives. Our Security team plays a pivotal role in corporate-wide information security management programs and collaborates closely with various internal teams. We believe that security should be deeply rooted in DevOps principles, supported by robust and repeatable processes. We are in search of a passionate and results-oriented Senior Security Analyst who possesses a strong background in analyzing and managing information security incidents, along with a proven track record of contributing to the development and design of security programs. In this role, you will be responsible for daily alert investigations and incident response, while also being empowered to proactively influence changes that will enhance our Security program. The ideal candidate will have experience in triaging new and unfamiliar alerts, leading technical workstreams during incidents, and managing medium-scale incidents. You should be adept at creating and maintaining high-quality threat detection mechanisms and demonstrate a solid understanding of common Information Security principles and frameworks, paired with excellent communication skills and a continuous eagerness to learn and grow. As a Senior Security Analyst, you will work independently and as part of a globally distributed team, collaborating with stakeholders across the organization to ensure comprehensive risk mitigation while minimizing impacts on end users.

Jan 27, 2026

Apply

Information Security Governance, Risk and Compliance Analyst

Trustpilot

Full-time|On-site|London

Join Trustpilot as an Information Security Governance, Risk, and Compliance Analyst, where you'll play a pivotal role in enhancing our security posture. In this dynamic position, you will be responsible for identifying, assessing, and managing security risks while ensuring compliance with relevant regulations and best practices. You'll collaborate with cross-functional teams to promote a culture of security awareness and implement effective governance frameworks.

Mar 30, 2026

Apply

Information Security Consultant

Smartdesc

Full-time|£70K/yr - £80K/yr|On-site|London, England, United Kingdom

Join Smartdesc as an Information Security ConsultantLocation: Field-based, primarily in the London areaEmployment Type: Full-timeSalary: £70,000 - £80,000As an Information Security Consultant at Smartdesc, you will collaborate with the Information Security and technical delivery teams to implement robust security solutions for our clients.Your role will involve providing strategic guidance on Information Security, aiding clients in enhancing their security posture, and overseeing a variety of security projects. This includes assisting clients in implementing security controls, conducting assessments based on industry best practices, and delivering assessment reports to Senior Leadership Teams to bolster their security measures.The position encompasses a diverse array of responsibilities, from strategic governance and risk management to advising non-profit organizations on maximizing the value of Microsoft Business Premium, E3, and E5 security solutions. You should be comfortable presenting security information to varied audiences, from part-time volunteers to executive boards.This customer-facing role demands a meticulous eye for detail and a proven track record in delivering exemplary Information Security practices.Key ResponsibilitiesAssess and identify steps organizations must take to enhance their security posture, creating roadmaps for continuous improvement while maximizing existing Microsoft licensing.Align security practices with frameworks and standards such as Cyber Essentials, NCSC CAF, and ISO 27001.Own or oversee key Information Security processes and procedures.Manage the Smartdesc MDR management service.Implement and oversee Information Security Risk Management programs.Identify and manage remediation actions to mitigate risks.Develop and maintain Information Security Policies.Create and deliver general and role-specific Information Security Training and Awareness programs.Raise, investigate, and manage IT Security incidents, ensuring appropriate follow-up actions.Provide IT security support to various business functions, including digital teams, IT infrastructure, and IT Service Desk.Develop and oversee Information Security Internal Audit programs.Supervise ongoing security testing, reviews, and audits.

Apr 13, 2026

Apply

Head of Information Security

Kroo Bank

Full-time|On-site|London, England, United Kingdom

Kroo Bank is redefining banking by creating a customer-centric experience that prioritizes responsible financial management and leverages technology to simplify, democratize, and enhance transparency in everyday banking. As a fully regulated UK bank, we are supported by dedicated investors and are on a mission to grow our customer base while pursuing ambitious goals. Our commitment to excellence is evident in our fast-paced operations, thoughtful decision-making, and adherence to the highest standards of service, product development, risk management, and employee care.Job Overview:We are seeking a dynamic Head of Information Security (HoIS) to lead our IT security strategy and safeguard the organization against security threats targeting our digital assets. In this role, you will direct the security strategy, oversee operations, and drive product development to protect our enterprise information. Your responsibilities will include fostering security awareness, managing security operations, and ensuring robust policies and procedures are in place.Key Responsibilities:Oversee the daily operations and execution of the information security strategy.Design and maintain a proactive security roadmap encompassing cloud, mobile, AI, and software platforms.Work collaboratively with technology leaders to implement innovative security technologies and next-generation solutions.Guarantee secure configurations and ensure continuous compliance across IaaS, PaaS, and SaaS environments.Conduct ongoing assessments of existing security practices and systems, identifying and addressing areas for enhancement.Perform security audits and risk assessments, providing recommendations to mitigate threats and vulnerabilities.Manage the Information Security Management System (ISMS) and uphold ISO 27001 certification.Ensure adherence to relevant compliance and governance standards.Collaborate with operational teams to develop, implement, and test business continuity plans for security breaches and disaster recovery scenarios.Safeguard the organization's intellectual property consistently.Monitor security vulnerabilities and potential hacking threats across network and host systems.Lead security operations, including Managed SOC, threat intelligence, detection, and response capabilities.Establish KPIs and KRIs to measure security maturity and provide consistent security reporting to Executive and Board stakeholders.Manage and nurture the information security team.Promote and educate the organization on the latest security strategies and technologies.Oversee the IT security budget and communicate effectively with stakeholders.

Mar 4, 2026

Apply

Security & Compliance Analyst

Catapult Sports

Full-time|On-site|London, UK

Join Catapult Sports as a Security & Compliance Analyst and play a crucial role in safeguarding our organization's data and compliance with industry regulations. You will work closely with various teams to identify security vulnerabilities, implement effective controls, and ensure compliance with relevant standards.

Mar 5, 2026

Apply

Information Security Architect

AJ Bell

Full-time|Hybrid|Manchester or London (Hybrid)

AJ Bell seeks an Information Security Architect to safeguard digital assets and advance security practices. This hybrid role is available in either Manchester or London. Key responsibilities Design and implement security frameworks that protect company systems and sensitive data. Identify vulnerabilities across digital platforms, providing recommendations to address risks. Ensure security measures align with industry standards and compliance requirements. Collaborate with teams throughout the business to shape security strategies that support organizational objectives. Location This position offers a hybrid work model, with the option to be based in Manchester or London.

Apr 23, 2026

Apply

Chief Information Security Officer

mangroup

Full-time|On-site|London

Role overview The Chief Information Security Officer at mangroup will lead information security efforts from the London office. This executive position carries responsibility for shaping the overall security strategy, protecting digital assets, and managing risks throughout the company. Key responsibilities Direct the creation and rollout of cybersecurity programs Safeguard company data and digital systems from security threats Identify, evaluate, and manage information security risks Work closely with senior leadership to ensure security initiatives support business objectives Maintain compliance with applicable regulations and industry standards Location This position is based in London.

Apr 23, 2026

Apply

Director of Information Security

Starling Bank

Full-time|Hybrid|London, England, United Kingdom

Starling Bank brings together over 3,000 professionals across London, Southampton, Cardiff, and Manchester to deliver digital banking services in the UK. The company is known for combining technology-driven solutions with the reliability expected from a fully licensed bank. Its culture centers on values such as Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Role overview The Director of Information Security leads the Office of the CISO and reports directly to the Chief Information Security Officer. This position manages a team of Information Security analysts and plays a key role in shaping and strengthening Starling Bank's security capabilities and governance. This role is designed for a seasoned information security leader who has experience building teams and driving continuous improvement. It offers a path for those considering future advancement to a CISO role. Main responsibilities Oversee the Information Security Policy Framework, ensuring alignment with the needs of Starling Group and its stakeholders, and maintaining compliance with legislation and industry standards. Develop and maintain standards for implementing security controls and procedures. Collaborate with external organizations and regulatory bodies to enhance Starling’s security posture. Location This position is based in London, England, United Kingdom.

Apr 21, 2026

Apply

Information Security Engineer at Palantir | London

Palantir Technologies Inc.

Full-time|On-site|London, United Kingdom

Join Palantir Technologies as an Information Security Engineer in London, where you will play a critical role in safeguarding our cutting-edge technology and sensitive data. Your expertise will help us develop and implement robust security strategies, ensuring that our platforms remain secure against evolving threats.

Mar 18, 2026

Apply

Information Security Governance, Risk, and Compliance (GRC) Manager

AJ Bell

Full-time|Hybrid|Manchester or London - Hybrid

Role overview The Information Security Governance, Risk, and Compliance (GRC) Manager at AJ Bell will manage and strengthen the company’s information security policies. Based in either Manchester or London, this hybrid role centers on ensuring ongoing compliance with industry regulations and standards. Main responsibilities Develop and maintain the information security GRC framework. Assess risks across the business and implement mitigation strategies. Monitor and support adherence to industry standards and regulatory requirements. Lead internal audits and conduct compliance reviews. Report findings and progress to senior management. Work with teams throughout the organization to encourage security awareness and advance risk management initiatives. Work location This position is available in Manchester or London, with a hybrid working arrangement.

Apr 23, 2026

Apply

Information Security Engineer

Isomorphic Labs

Full-time|On-site|Lausanne; London

Isomorphic Labs is looking for an Information Security Engineer based in either Lausanne or London. This role centers on safeguarding digital assets and upholding effective security practices throughout the company. Key responsibilities Collaborate with teams across departments to design and implement security controls Monitor systems and workflows to identify and address security threats Keep up to date with emerging security risks and trends Location This position is available in both Lausanne and London.

Apr 22, 2026

Apply

Senior IAM Analyst at Deliveroo | London

Deliveroo

Full-time|On-site|London - The River Building HQ

Join Deliveroo as a Senior IAM Analyst where you will play a pivotal role in securing our identity and access management framework. You will be responsible for implementing and maintaining IAM solutions that protect our systems and data.Your expertise will help us enhance our security posture while ensuring compliance with industry standards. Collaborate with cross-functional teams to identify and mitigate risks and contribute to the continuous improvement of our processes.

Apr 10, 2026

Apply

Information Security Team Lead at Elliptic | London

Elliptic

Full-time|$1K/yr - $1K/yr|On-site|London, United Kingdom

The impact you'll make:As the Information Security Team Lead, you will spearhead the daily operations and enhancement of Elliptic's information and cyber security initiatives. Your role will involve driving the adoption of SSDLC v2.0, strengthening our cloud and SaaS security frameworks, and ensuring readiness for external audits and customer due diligence. Collaborate closely with Engineering, Platform, Legal, Procurement, and Customer teams to mitigate risks while facilitating delivery and revenue, including the implementation of Enterprise Tier security features.Your responsibilities will include:Programme Ownership and ExecutionLead the execution of the InfoSec roadmap and performance metrics. Transform strategic objectives into actionable quarterly plans with quantifiable results.Establish necessary gates, controls, and reporting mechanisms for SSDLC v2.0 across build and deployment pipelines.Direct the baselining of CSPM/SSPM and the targeted reduction of misconfigurations and vulnerabilities.Risk Management, Assurance, and Audit PreparednessOversee ISMS processes in compliance with ISO 27001. Organize evidence collection for customer audits and external assurances (e.g., penetration testing, TPOs).Lead or contribute to risk management forums. Ensure prompt remediation, risk acceptance, and tracking of exceptions.Cloud and SaaS Security EnhancementsCollaborate with the Platform team to fortify AWS (IAM, KMS, network segmentation, Security Hub, GuardDuty, logging).Enhance endpoint security, identity and access management, vulnerability management, and logging throughout the organization.Leadership and Team CollaborationProvide daily guidance to TISO, Analysts, and cross-functional contributors.Foster a pragmatic, developer-friendly security culture through enablement, playbooks, and training.Vendor Management and Data GovernanceManage vendor security due diligence with defined SLAs and documentation trails. Assist data protection and BC/DR control owners.Required Qualifications:Demonstrated experience leading security initiatives in a cloud-native product environment.Deep understanding of security frameworks and compliance standards.Strong communication skills with the ability to collaborate effectively across teams.

Jan 20, 2026

Apply

Business Information Security Officer (BISO) at Engine by Starling | London

Engine by Starling

Full-time|Hybrid|London, England, United Kingdom

Engine by Starling is a pioneering cloud-native SaaS platform developed by Starling Bank, the UK's first and leading digital bank. We empower over 4.6 million customers and small businesses with intuitive financial tools that help them manage their money efficiently and effectively. Our mission is to spread this innovative approach to banking globally.As a cloud-native solution, Engine offers a robust platform that supports banks, building societies, and credit unions around the globe. We enable our partners to leverage advanced digital features and streamlined back-office processes that have contributed to Starling's remarkable success.At Engine, we embrace five core principles: listen, keep it simple, do the right thing, own it, and aim for greatness. Since our inception in 2022, we have rapidly grown, adopting an agile mindset that fosters innovation and adaptability. We cultivate an environment where our team members and partners can collaborate openly, take ownership, and drive projects forward.Hybrid Working EnvironmentOur headquarters are located in London, with additional offices in Manchester, Cardiff, and Southampton, as well as international locations in Dublin, Sydney, Dubai, Toronto, and New York. We prefer that our team members are within a reasonable commuting distance from one of our UK offices to facilitate in-person collaboration.Role OverviewAs the Business Information Security Officer (BISO), you will be instrumental in defining our security objectives and practices, leading the ongoing enhancement of our Information Security capabilities, and managing a dedicated Information Security Team. You will act as the primary liaison between Engine and Starling Bank’s Information Security teams, addressing all security-related inquiries from clients and auditors.We seek a curious and adaptable information security professional with strong leadership abilities who enjoys a collaborative and dynamic work environment. If you are passionate about problem-solving and engaging with diverse stakeholders, we would love to hear from you.

Mar 27, 2026

Apply

Security and Compliance Manager

Sierra

Full-time|On-site|London

We are seeking a dedicated and detail-oriented Security and Compliance Manager to join our team at Sierra in London. In this pivotal role, you will be responsible for overseeing and enhancing our security protocols and compliance initiatives to ensure the protection of our assets and adherence to regulatory standards. You will collaborate with various departments to implement best practices and foster a culture of security awareness throughout the organization.

Mar 13, 2026

Apply

Senior Corporate Security Engineer

Nexthink

Full-time|On-site|London

Role overview Nexthink is hiring a Senior Corporate Security Engineer in London. This position focuses on protecting information systems and sensitive data by designing, implementing, and managing security controls throughout the corporate environment. What you will do Lead the creation and rollout of security measures for corporate systems Oversee the ongoing management of security protocols to keep data safe Work with teams across the company to identify and assess security risks Support compliance with relevant industry standards Collaboration This role works closely with cross-functional groups, making sure security stays a shared priority and that risk assessments are both thorough and actionable.

Apr 21, 2026

Create account — see all 5,808 results

Browse all companies, explore by city & role, or SEO search pages. View directory listings: all jobs, search results, or location & role pages.