Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the security strategy and embed a security culture across teams.
- Company: Join a high-growth fintech disrupting financial services with innovative SaaS solutions.
- Benefits: Enjoy remote work, medical insurance, 26 days holiday plus your birthday, and team-building opportunities.
- Why this job: Shape a modern security approach in a tech-first environment and drive impactful change.
- Qualifications: Experience in SaaS or fintech security, cloud-native expertise, and strong communication skills required.
- Other info: This is a mid-senior level, full-time role with a salary up to £85,000.
The predicted salary is between 68000 - 102000 £ per year.
Get AI-powered advice on this job and more exclusive features.
Direct message the job poster from Areti Group | B Corp
- Head of Information Security
- Finance or SAAS Experience
Areti is partnered exclusively with a well-funded, high-growth fintech that’s disrupting the financial services space through an innovative SaaS platform. The company has experienced significant growth over the past 24 months and is now investing in building out its internal security capabilities.
They are now hiring a Head of Information Security to lead the charge in scaling a modern, cloud-native security strategy. This is a remote-first position, ideal for someone looking to take full ownership of the security function at a rapidly evolving tech-first business.
The Opportunity
This role offers the chance to shape and embed a pragmatic security culture across engineering, product, and commercial teams. You’ll lead strategy, implementation, assurance, and governance – with responsibility for ensuring that security becomes a core part of the product’s value, not just a compliance requirement.
Key Responsibilities
Strategic Leadership
- Define and own the long-term security roadmap
- Be the in-house subject matter expert for internal and external stakeholders (including clients, partners, auditors)
- Support RFPs, InfoSec assessments, and client assurance processes
- Help shape the organisation’s external security positioning (e.g. Trust Centre, whitepapers)
DevSecOps & Product Security
- Embed secure-by-design principles into the SDLC
- Lead CI/CD pipeline hardening, container security, and secrets management
- Run threat modelling, vulnerability scanning, and remediation efforts
- Select and manage key SaaS security tools (SAST/DAST, SIEM, IAM, CSPM, endpoint protection)
- Work closely with teams using AWS, GitHub Actions, and Terraform
Compliance & Assurance
- Drive preparation and maintenance for ISO 27001, SOC 2, and Cyber Essentials Plus
- Oversee ISMS, internal audit, and risk register
- Align with the DPO and Compliance on data protection (DPIAs, vendor risk, breach response)
Operational Security
- Lead the incident response process, including tabletop exercises and post-incident reviews
- Manage logging, alerting, and monitoring for cloud and endpoint security
- Own business continuity and disaster recovery strategy from a security lens
What Success Looks Like
- Recertification of ISO 27001 and Cyber Essentials Plus
- SOC 2 Type I & II passed with confidence
- 95% staff completion of security training on time
- Consistent improvement in vulnerability management SLAs
- Security assurance accelerating enterprise sales cycles
- Measurable growth in DevSecOps and infrastructure maturity
What We’re Looking For
- Proven experience leading information security in a SaaS or fintech environment
- Deep expertise in cloud-native security, preferably with AWS
- Hands-on familiarity with tools like Terraform, GitHub Actions, Snyk, Datadog, CrowdStrike
- Demonstrated success in managing ISO 27001, SOC 2, or similar frameworks
- Strong communication skills with a pragmatic, risk-balanced approach
- Experience scaling InfoSec in growing product and engineering organisations
Salary is paying up to £85,000
Medical insurance
26 days holiday + birthday
+ opportunity to build out a team
Seniority level
-
Seniority level
Mid-Senior level
Employment type
-
Employment type
Full-time
Job function
-
Job function
Information Technology
-
Industries
Financial Services and Information Services
Referrals increase your chances of interviewing at Areti Group | B Corp by 2x
Get notified about new Head of Information Security jobs in England, United Kingdom .
Information Security and Compliance Manager
Greater London, England, United Kingdom 6 days ago
Selby, England, United Kingdom 1 week ago
Dunstable, England, United Kingdom 3 weeks ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Head of Information Security employer: Areti Group | B Corp
Contact Detail:
Areti Group | B Corp Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of Information Security
✨Tip Number 1
Familiarise yourself with the latest trends in cloud-native security, especially within the fintech sector. Being well-versed in tools like AWS, Terraform, and GitHub Actions will not only boost your confidence but also demonstrate your hands-on expertise during discussions.
✨Tip Number 2
Engage with the community by attending relevant webinars or conferences focused on information security in SaaS environments. Networking with industry professionals can provide insights into best practices and may even lead to valuable connections that could help you land the job.
✨Tip Number 3
Prepare to discuss your experience with ISO 27001 and SOC 2 frameworks in detail. Be ready to share specific examples of how you've successfully managed compliance and assurance processes in previous roles, as this will be crucial for demonstrating your fit for the position.
✨Tip Number 4
Showcase your leadership skills by highlighting any past experiences where you've led security initiatives or teams. Emphasising your ability to foster a security culture across various departments will resonate well with the hiring team at Areti Group.
We think you need these skills to ace Head of Information Security
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in information security, particularly within SaaS or fintech environments. Emphasise your expertise in cloud-native security and any relevant tools you've used, such as AWS, Terraform, or GitHub Actions.
Craft a Compelling Cover Letter: In your cover letter, express your passion for building a security culture and your strategic vision for the role. Mention specific achievements related to ISO 27001 or SOC 2 compliance that demonstrate your capability to lead the security function.
Showcase Relevant Projects: If applicable, include examples of projects where you successfully implemented security measures or led incident response processes. This will help illustrate your hands-on experience and problem-solving skills in real-world scenarios.
Highlight Communication Skills: Given the importance of communication in this role, ensure you convey your ability to engage with various stakeholders. Provide examples of how you've effectively communicated complex security concepts to non-technical teams or clients.
How to prepare for a job interview at Areti Group | B Corp
✨Showcase Your Leadership Skills
As a Head of Information Security, you'll need to demonstrate your ability to lead and shape security strategies. Prepare examples from your past experiences where you've successfully led teams or initiatives, particularly in a SaaS or fintech environment.
✨Understand the Technical Landscape
Familiarise yourself with the specific tools and technologies mentioned in the job description, such as AWS, Terraform, and GitHub Actions. Be ready to discuss how you've used these tools in previous roles to enhance security measures.
✨Prepare for Compliance Discussions
Since compliance is a key responsibility, brush up on ISO 27001, SOC 2, and Cyber Essentials Plus. Be prepared to discuss your experience with these frameworks and how you’ve successfully managed compliance in past roles.
✨Communicate Effectively
Strong communication skills are essential for this role. Practice articulating complex security concepts in a clear and concise manner, especially how security can be integrated into product value rather than just compliance.