Responsibilities
- Develop and maintain organization-wide data security policies, standards, and operational procedures
- Lead the strategic direction of information security, aligning initiatives across Risk, Compliance, Engineering, and Operations teams
- Conduct risk and vulnerability assessments and ensure identified issues are addressed through prioritized remediation plans
- Manage frameworks for data classification, encryption, and access controls to protect sensitive information
- Direct incident response efforts, including planning, investigation, remediation, communication, and documentation, from detection to resolution
- Partner with Engineering, DevOps, Legal, and Compliance teams to integrate security principles into system design and development
- Assess and manage security risks associated with third-party vendors, escalating significant findings as needed
- Design and deliver organization-wide security awareness training programs to promote a culture of security
- Maintain comprehensive records and documentation to support internal audits and regulatory compliance requirements
Benefits
- Competitive base salary with eligibility for an annual performance-based bonus
- Comprehensive employee wellbeing support programs
- 25 days of paid vacation annually, in addition to public holidays
- Flexible work options, including remote or hybrid models based on role and location
- High level of autonomy and ownership, encouraging initiative and experimentation
- Opportunity to drive measurable impact during a period of organizational growth
- Defined paths for career advancement and professional development in a rapidly expanding environment
- Collaborative and diverse workplace culture centered on trust, openness, and accountability
- Chance to influence the evolution of the security team, company culture, and long-term strategy alongside driven, mission-focused peers
Compensation
Competitive salary and annual discretionary bonus scheme
Work Arrangement
Hybrid — London
Team
Collaborative, international team emphasizing trust, transparency, and shared ownership
Other
- Relevant certifications such as Security+, ISO 27001 Foundation, or CC are advantageous; advanced credentials like CISSP, CISM, or CCSP are valued but not mandatory
- Flexible working arrangements (remote or hybrid, depending on role and location)
- 25 days of holiday, plus public holidays