Head of Information Security

Kroo Bank is redefining banking by creating a customer-centric experience that prioritizes responsible financial management and leverages technology to simplify, democratize, and enhance transparency in everyday banking. As a fully regulated UK bank, we are supported by dedicated investors and are on a mission to grow our customer base while pursuing ambitio…

Join Smartdesc as an Information Security ConsultantLocation: Field-based, primarily in the London areaEmployment Type: Full-timeSalary: £70,000 - £80,000As an Information Security Consultant at Smartdesc, you will collaborate with the Information Security and technical delivery teams to implement robust security solutions for our clients.Your role will involve providing strategic guidance on Information Security, aiding clients in enhancing their security posture, and overseeing a variety of security projects. This includes assisting clients in implementing security controls, conducting assessments based on industry best practices, and delivering assessment reports to Senior Leadership Teams to bolster their security measures.The position encompasses a diverse array of responsibilities, from strategic governance and risk management to advising non-profit organizations on maximizing the value of Microsoft Business Premium, E3, and E5 security solutions. You should be comfortable presenting security information to varied audiences, from part-time volunteers to executive boards.This customer-facing role demands a meticulous eye for detail and a proven track record in delivering exemplary Information Security practices.Key ResponsibilitiesAssess and identify steps organizations must take to enhance their security posture, creating roadmaps for continuous improvement while maximizing existing Microsoft licensing.Align security practices with frameworks and standards such as Cyber Essentials, NCSC CAF, and ISO 27001.Own or oversee key Information Security processes and procedures.Manage the Smartdesc MDR management service.Implement and oversee Information Security Risk Management programs.Identify and manage remediation actions to mitigate risks.Develop and maintain Information Security Policies.Create and deliver general and role-specific Information Security Training and Awareness programs.Raise, investigate, and manage IT Security incidents, ensuring appropriate follow-up actions.Provide IT security support to various business functions, including digital teams, IT infrastructure, and IT Service Desk.Develop and oversee Information Security Internal Audit programs.Supervise ongoing security testing, reviews, and audits.

AJ Bell seeks an Information Security Architect to safeguard digital assets and advance security practices. This hybrid role is available in either Manchester or London. Key responsibilities Design and implement security frameworks that protect company systems and sensitive data. Identify vulnerabilities across digital platforms, providing recommendations to address risks. Ensure security measures align with industry standards and compliance requirements. Collaborate with teams throughout the business to shape security strategies that support organizational objectives. Location This position offers a hybrid work model, with the option to be based in Manchester or London.

Role overview The Chief Information Security Officer at mangroup will lead information security efforts from the London office. This executive position carries responsibility for shaping the overall security strategy, protecting digital assets, and managing risks throughout the company. Key responsibilities Direct the creation and rollout of cybersecurity programs Safeguard company data and digital systems from security threats Identify, evaluate, and manage information security risks Work closely with senior leadership to ensure security initiatives support business objectives Maintain compliance with applicable regulations and industry standards Location This position is based in London.

AJ Bell seeks a Senior Information Security Engineer to strengthen the protection of company information systems and support compliance initiatives. The position is offered as a hybrid role, with the option to work from either the Manchester or London office and some flexibility for remote work. Key responsibilities Identify and assess security vulnerabilities within company systems Implement and maintain security controls to protect data and infrastructure Collaborate with teams across the business to promote effective security practices Assist in maintaining compliance with relevant regulations and internal policies Location This role is based in Manchester or London with a hybrid work arrangement, allowing for both office presence and remote work.

Starling Bank brings together over 3,000 professionals across London, Southampton, Cardiff, and Manchester to deliver digital banking services in the UK. The company is known for combining technology-driven solutions with the reliability expected from a fully licensed bank. Its culture centers on values such as Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Role overview The Director of Information Security leads the Office of the CISO and reports directly to the Chief Information Security Officer. This position manages a team of Information Security analysts and plays a key role in shaping and strengthening Starling Bank's security capabilities and governance. This role is designed for a seasoned information security leader who has experience building teams and driving continuous improvement. It offers a path for those considering future advancement to a CISO role. Main responsibilities Oversee the Information Security Policy Framework, ensuring alignment with the needs of Starling Group and its stakeholders, and maintaining compliance with legislation and industry standards. Develop and maintain standards for implementing security controls and procedures. Collaborate with external organizations and regulatory bodies to enhance Starling’s security posture. Location This position is based in London, England, United Kingdom.

Join Palantir Technologies as an Information Security Engineer in London, where you will play a critical role in safeguarding our cutting-edge technology and sensitive data. Your expertise will help us develop and implement robust security strategies, ensuring that our platforms remain secure against evolving threats.

Isomorphic Labs is looking for an Information Security Engineer based in either Lausanne or London. This role centers on safeguarding digital assets and upholding effective security practices throughout the company. Key responsibilities Collaborate with teams across departments to design and implement security controls Monitor systems and workflows to identify and address security threats Keep up to date with emerging security risks and trends Location This position is available in both Lausanne and London.

Join our dynamic team at bmlltech as a Senior Information Security Analyst specializing in ISMS Management. You will play a crucial role in safeguarding the integrity and confidentiality of our information assets. Your expertise will help us to establish, implement, and maintain an effective Information Security Management System (ISMS) that aligns with international standards.As part of your responsibilities, you will conduct risk assessments, develop security policies, and collaborate with cross-functional teams to ensure compliance with data protection regulations. You will also lead security awareness initiatives and provide guidance on best practices to enhance our security posture.

The impact you'll make:As the Information Security Team Lead, you will spearhead the daily operations and enhancement of Elliptic's information and cyber security initiatives. Your role will involve driving the adoption of SSDLC v2.0, strengthening our cloud and SaaS security frameworks, and ensuring readiness for external audits and customer due diligence. Collaborate closely with Engineering, Platform, Legal, Procurement, and Customer teams to mitigate risks while facilitating delivery and revenue, including the implementation of Enterprise Tier security features.Your responsibilities will include:Programme Ownership and ExecutionLead the execution of the InfoSec roadmap and performance metrics. Transform strategic objectives into actionable quarterly plans with quantifiable results.Establish necessary gates, controls, and reporting mechanisms for SSDLC v2.0 across build and deployment pipelines.Direct the baselining of CSPM/SSPM and the targeted reduction of misconfigurations and vulnerabilities.Risk Management, Assurance, and Audit PreparednessOversee ISMS processes in compliance with ISO 27001. Organize evidence collection for customer audits and external assurances (e.g., penetration testing, TPOs).Lead or contribute to risk management forums. Ensure prompt remediation, risk acceptance, and tracking of exceptions.Cloud and SaaS Security EnhancementsCollaborate with the Platform team to fortify AWS (IAM, KMS, network segmentation, Security Hub, GuardDuty, logging).Enhance endpoint security, identity and access management, vulnerability management, and logging throughout the organization.Leadership and Team CollaborationProvide daily guidance to TISO, Analysts, and cross-functional contributors.Foster a pragmatic, developer-friendly security culture through enablement, playbooks, and training.Vendor Management and Data GovernanceManage vendor security due diligence with defined SLAs and documentation trails. Assist data protection and BC/DR control owners.Required Qualifications:Demonstrated experience leading security initiatives in a cloud-native product environment.Deep understanding of security frameworks and compliance standards.Strong communication skills with the ability to collaborate effectively across teams.

Engine by Starling is a pioneering cloud-native SaaS platform developed by Starling Bank, the UK's first and leading digital bank. We empower over 4.6 million customers and small businesses with intuitive financial tools that help them manage their money efficiently and effectively. Our mission is to spread this innovative approach to banking globally.As a cloud-native solution, Engine offers a robust platform that supports banks, building societies, and credit unions around the globe. We enable our partners to leverage advanced digital features and streamlined back-office processes that have contributed to Starling's remarkable success.At Engine, we embrace five core principles: listen, keep it simple, do the right thing, own it, and aim for greatness. Since our inception in 2022, we have rapidly grown, adopting an agile mindset that fosters innovation and adaptability. We cultivate an environment where our team members and partners can collaborate openly, take ownership, and drive projects forward.Hybrid Working EnvironmentOur headquarters are located in London, with additional offices in Manchester, Cardiff, and Southampton, as well as international locations in Dublin, Sydney, Dubai, Toronto, and New York. We prefer that our team members are within a reasonable commuting distance from one of our UK offices to facilitate in-person collaboration.Role OverviewAs the Business Information Security Officer (BISO), you will be instrumental in defining our security objectives and practices, leading the ongoing enhancement of our Information Security capabilities, and managing a dedicated Information Security Team. You will act as the primary liaison between Engine and Starling Bank’s Information Security teams, addressing all security-related inquiries from clients and auditors.We seek a curious and adaptable information security professional with strong leadership abilities who enjoys a collaborative and dynamic work environment. If you are passionate about problem-solving and engaging with diverse stakeholders, we would love to hear from you.

Role Overview Evelyn Partners is looking for an Information Security Compliance Analyst in London. This position helps ensure the company’s security policies and procedures meet government regulations and industry standards. The analyst works closely with teams across the business to strengthen security practices. What You Will Do Monitor and assess compliance with security policies and procedures Support risk assessments and internal audits Participate in compliance reviews to identify gaps and recommend improvements Work with other departments to build awareness and improve security controls

Trainline connects millions of travelers with rail and coach tickets, offering a range of options through its app, website, and B2B channels. With a focus on making travel simpler and more sustainable, Trainline partners with over 270 transport companies in 40 countries. The company processes more than 135 million visits monthly and handles £6.3 billion in ticket sales each year. Headquartered in London and present in major European cities, Trainline's team includes more than 1,000 people from 50+ nationalities. The Security team works to strengthen risk management as technology and AI risks change. Collaboration with teams across the business helps keep systems and data secure. Role overview The Senior Information Security Risk Analyst, based in London and reporting to the GRC Manager, will play a key role in advancing Trainline’s security risk management program. This position focuses on addressing both established and emerging risks, particularly those related to AI and cloud technologies. What you will do Manage information security risks, including traditional cyber threats and AI-specific risks such as data quality and model bias. Align risk management activities with Trainline’s business risk appetite. Work with Engineering, Data Science, Legal, and Internal Audit teams to maintain a broad perspective on information, cyber, and AI risks. Promote strong risk governance in a cloud-first, AI-driven environment. Conduct risk assessments for both existing and new AI use cases. Collaboration This role requires frequent interaction with both technical and business teams. The aim is to make sure risk management practices are practical and integrated into daily operations.

Join Trustpilot as an Information Security Governance, Risk, and Compliance Analyst, where you'll play a pivotal role in enhancing our security posture. In this dynamic position, you will be responsible for identifying, assessing, and managing security risks while ensuring compliance with relevant regulations and best practices. You'll collaborate with cross-functional teams to promote a culture of security awareness and implement effective governance frameworks.

Role overview The Information Security Governance, Risk, and Compliance (GRC) Manager at AJ Bell will manage and strengthen the company’s information security policies. Based in either Manchester or London, this hybrid role centers on ensuring ongoing compliance with industry regulations and standards. Main responsibilities Develop and maintain the information security GRC framework. Assess risks across the business and implement mitigation strategies. Monitor and support adherence to industry standards and regulatory requirements. Lead internal audits and conduct compliance reviews. Report findings and progress to senior management. Work with teams throughout the organization to encourage security awareness and advance risk management initiatives. Work location This position is available in Manchester or London, with a hybrid working arrangement.

airapps is hiring a Security Engineer to help safeguard digital assets and infrastructure in the London Metropolitan Area. This role centers on identifying weaknesses, managing security risks, and ensuring strong security measures are in place. Key responsibilities Identify vulnerabilities throughout information systems Reduce and address security risks as they arise Implement and maintain effective security protocols Support efforts to comply with relevant industry standards Help strengthen the company’s overall security posture Location This position is based in the London Metropolitan Area.

Join our dynamic team at Lendable as a Cyber Security Engineer, where you will play a pivotal role in safeguarding our digital assets and ensuring the integrity of our systems. In this position, you will be responsible for the design, implementation, and maintenance of security protocols across our network and applications. You will work closely with cross-functional teams to identify vulnerabilities and develop strategies to mitigate risks.

Anduril Industries develops advanced defense technology for the U.S. and allied nations. The company’s systems are powered by Lattice OS, a platform that turns large data streams into a live, 3D command and control environment. Anduril delivers autonomy, AI, computer vision, sensor fusion, and networking capabilities to military operations, drawing on expertise from leading technology firms to rethink how military systems are built and deployed. Role overview The Head of Security, EME leads security operations for Europe and the Middle East from Anduril’s London office. Reporting to the global Head of Security, this senior leader shapes the regional security framework, covering protection of operations, facilities, personnel, and sensitive data. The role ensures alignment with global strategy while adapting to local regulations and requirements. Key responsibilities Develop, implement, and improve security programs in the region, including physical and industrial security as well as counterintelligence initiatives. Work with global Directors to ensure security practices meet both company and regulatory standards. Identify and mitigate risks to personnel, classified programs, proprietary technology, and strategic interests in EME. Manage one direct report to start, with the opportunity to build and grow a regional security team as the company expands. Adapt security operations to local laws and cultural contexts across multiple countries. Contribute strategic vision to keep security operations proactive, scalable, and resilient. Requirements Extensive knowledge of international security regulations and defense industrial security standards, including classified information management. Experience with advanced physical security technologies and counterintelligence practices. Demonstrated ability to manage complex security operations across different countries and cultures. Proven track record of building, leading, and scaling security teams. Strong communication skills, with the ability to balance strategic planning and hands-on execution. Comfort operating in high-stakes, complex environments. This position plays a central role in safeguarding Anduril’s people and critical assets across a challenging geopolitical landscape. The Head of Security, EME will help shape Anduril’s security posture as the company grows in the region.

Join Us in Shaping the Future of Cyber Security.At Quantexa, we believe in the power of innovation and continuous improvement. Our mission is to forge meaningful relationships with our clients and drive impactful change across various industries. With a diverse workforce comprising over 50 nationalities and 20 languages spoken, we foster an inclusive environment where every voice matters. Here, you will find the autonomy and support needed to craft a career that aligns with your aspirations.The Role.We are seeking a proactive and technically skilled Cyber Security Engineer to join our Security Operations team. In this hands-on role, you will be instrumental in safeguarding Quantexa's digital assets. Your responsibilities will include the operational management, optimization, and monitoring of essential security platforms, focusing on Zscaler, cloud monitoring via Wiz, and endpoint detection and response through CrowdStrike.Collaborating closely with the broader Security Operations team, you will ensure that security alerts, findings, and detections are efficiently triaged, validated, documented, and remediated. Your contributions will directly enhance Quantexa's security posture by minimizing risk, bolstering detection capabilities, and ensuring timely responses to security incidents.This position is ideal for a curious and detail-oriented professional who thrives on working with cutting-edge security tools, embraces disciplined execution, and seeks opportunities for ongoing improvement.Your Responsibilities.Wiz (Cloud Security Posture Management)Daily monitoring and triaging of Wiz findings, validating alerts and assessing operational impact.Engaging in tuning and threat hunting within Wiz and other security tools.Identifying misconfigurations, excessive permissions, and exposed assets while escalating issues as necessary.Tracking remediation progress with engineering teams and ensuring the resolution of high-priority issues.Zscaler (Web Security Tunnel 2.0)Reviewing and triaging Zscaler alerts and policy violations according to documented response procedures.Investigating suspicious traffic, access attempts, and user activity to determine legitimacy.

Join DeepL as the Head of SecurityAt DeepL, we are a pioneering AI product and research organization that develops secure, intelligent solutions to address intricate business challenges. Our Language AI platform is trusted by over 200,000 business clients and millions of individuals across 228 global markets, offering human-like translations, enhanced writing, and real-time voice translation. Since our inception in 2017 under the leadership of CEO Jarek Kutylowski, we have developed a team of over 1,000 dedicated employees and garnered support from esteemed investors such as Benchmark, IVP, and Index Ventures.Our ambition is to lead globally in reliable, intelligent AI technology, creating products that enhance communication, strengthen connections, and make a significant impact. We invite talented individuals to join us on this exciting journey. If you are ready to influence the future of AI and advance your career in a dynamic, purpose-driven environment, DeepL is the place to be.Why Choose DeepL?What distinguishes us is our unique combination of advanced AI technology, meaningful work, and a culture that fosters personal growth. Our team comprises innovators, researchers, and creators united by a common mission to unlock human potential by simplifying, enhancing, and connecting work processes.Feedback about working at DeepL has been overwhelmingly positive, likely due to our technology that empowers millions to communicate and collaborate more effectively, or the trust, curiosity, and care that define our culture.Being part of DeepL means joining a team committed to innovation, growth, and well-being. Explore more about our culture on LinkedIn, Instagram, and our Blog.Your Key ResponsibilitiesStrategic Leadership & OwnershipOversee the comprehensive Information and IT Security strategy, guiding teams responsible for infrastructure security, application security, organizational security, and information governance. Design, implement, and uphold robust security frameworks that guarantee the confidentiality, integrity, and availability of systems.