Contact Us

Home - Jobs - Head of Info Sec

Head of Info Sec

Job Description

EC1 Partners are exclusively partnered with a VC Backed – UK consumer lender who are looking for a Head of Information Security following on from their recent Series B funding.

This is a greenfield, hands on role, you will be responsible for building out the organisations cybersecurity from scratch.  It is an excellent opportunity for someone looking to take the next step in their career.

Your role responsibilities include:

  • Own and manage the cyber programme book of work
  • Oversee the implementation of security certifications, such as ISO27001, SOC2 and Cyber essentials.
  • Develop and execute a comprehensive security strategy aligned with our business goals and industry standards
  • Oversee the security monitoring of our cloud infrastructure, applications, networks and endpoints
  • Establish and enforce policies and procedures for access control, encryption, backup, disaster recovery, incident response and risk management
  • Lead the security awareness and training programs for our employees, partners and customers
  • Coordinate and conduct security audits, assessments and penetration tests
  • Prepare the organization and staff for external inspections
  • Manage the security budget and vendor relationships
  • Stay updated on the latest security trends, threats and best practices


Who you are:

  • At least 8 years of experience in cyber security, preferably in the financial sector or other industries that handle large volumes of sensitive data.
  • A proven track record of designing and executing security strategies and frameworks that align with business objectives and regulatory requirements.
  • Experience in the role-out of policies to attain security certifications, e.g. ISO27001, SOC2 and Cyber essentials
  • Strong leadership and communication skills, with the ability to build and manage a team of security professionals and collaborate with other stakeholders across the organization.
  • Expert knowledge of AWS security features and tools, such as AWS WAF, AWS GuardDuty, AWS Security Hub, etc.
  • Expert knowledge of Microsoft Entra / Azure AD and managing endpoint security policies for a zero-trust workplace
  • Familiarity with SOC, SIEM and SOAR services to deal with managed services providers
  • A relevant certification, such as CISSP, CISM, CISA, or equivalent.




Image of consultant



Max. file size: 156 MB.
This field is for validation purposes and should be left unchanged.