Head of Security

New

HICXEnterprise SaaS

Work from anywhere within UK - we are a fully remote company.Full-TimeManager

Salary not disclosed

Apply NowOpens the employer's application page

Job Details

Proven experience in a senior information security leadership role, ideally within a SaaS or technology business.
Demonstrable experience building, operating, and maturing an ISMS, including achieving and maintaining SOC 2 and ISO 27001 certification.
Strong, hands-on knowledge of security tooling (EDR, SIEM, MFA, identity and access management, device/endpoint management, vulnerability management).
Solid understanding of cloud security, specifically AWS, Azure, and Microsoft 365.
Experience leading end-to-end security incident response.
Knowledge of UK GDPR and global data protection laws, with experience acting as or working closely with a Data Protection Officer.
Experience with third-party, vendor, and supplier risk management.
Excellent communication skills for translating technical risk to business language.
Experience managing internal IT operations and small IT support teams.
Relevant professional certification (e.g., CISSP, CISM, CISA, or ISO 27001 Lead Implementer/Auditor) is desirable.

Set up and drive the overall information security strategy.
Own ISMS standards and their adoption, ensuring compliance with SOC 2 and ISO 27001.
Act as the primary escalation point for major security incidents and coordinate responses.
Manage internal risk assessment, audits, and vendor/supplier risk management programs.
Lead a small team of IT support admins and oversee internal IT operations, including device provisioning and account lifecycle management.
Enforce security policies, deliver awareness training, and complete security questionnaires for customers and RFPs.

View Full Description & ApplyYou'll be redirected to the employer's site