Head of Information Security & Compliance in Westminster

As Beamery's Head of Information Security & Compliance, you will lead the security program for our AI-powered talent platform, ensuring protection of our infrastructure and customer data while maintaining compliance with information security and data protection regulations globally.

Reporting to the Head of Legal, you will partner closely with HR to ensure alignment between information security requirements and internal HR compliance needs.

• Maintain Beamery's ISO/IEC 42001 certification, ensuring responsible AI governance, transparency, and bias mitigation across TalentGPT and Workforce Intelligence Suite.
• Lead AI risk assessments and impact evaluations for systems processing candidate and employee data, ensuring compliance with EU AI Act and emerging US state AI regulations.
• Embed security‐by‐design principles in AI development, including model security, training data protection, and secure AI deployment.

• Design and maintain an enterprise security program aligned with ISO 27001 and SOC 2 Type II for multi‐tenant SaaS architecture.
• Lead security operations including vulnerability management, penetration testing, SIEM monitoring, incident response, and business continuity planning.
• Oversee cloud security for AWS, Google Cloud, and Azure environments, including IAM, network security, encryption, and API security.
• Manage vendor security assessments and third‐party risk management.
• Build security awareness culture through training and ongoing education programs.

• Ensure compliance with GDPR, CCPA/CPRA, UK DPA, and emerging global privacy regulations for platform operations.
• Oversee DPIAs for high‐risk processing activities, data breach procedures, and data subject rights fulfillment.
• Implement privacy controls including data minimization, purpose limitation, and lawful basis documentation.
• Manage DPAs with customers and Standard Contractual Clauses for international data transfers.

• Partner with HR to align information security controls with internal HR compliance requirements, addressing gaps between InfoSec and HR domains.
• Ensure platform compliance with AI hiring regulations (NYC Local Law 144, EU AI Act) including bias audits and transparency requirements for customer‐facing features.
• Collaborate with Product to build transparency and explainability into AI‐powered screening tools.

• Lead external audits including SOC 2 Type II, ISO 27001, ISO 42001, and customer security assessments.
• Maintain audit‐ready documentation and monitor evolving regulatory landscape.
• Serve as primary contact for regulatory inquiries and customer security questionnaires.
• Report security and compliance status to Board and executive leadership.

• Support Sales with security expertise to accelerate deal closure through RFP responses and security reviews.
• Partner with Engineering and Product to translate compliance requirements into scalable technical controls.
• Build security and compliance into M&A readiness planning.

• 10–15 years information security and compliance experience with 5+ years in leadership roles, preferably in B2B SaaS or HR technology.
• Deep expertise in ISO 27001, SOC 2, GDPR, and CCPA with proven track record achieving and maintaining certifications.
• Strong understanding of AI governance and emerging AI regulations (ISO 42001, EU AI Act) as applied to employment technology.
• Hands‐on experience with cloud security architecture and DevSecOps practices across AWS, Google Cloud, or Azure.
• Demonstrated success building security and compliance programs including policy development, control implementation, and team building.
• Experience managing external audits and supporting enterprise sales cycles with security/compliance expertise.
• Exceptional communication skills with ability to translate technical concepts for executives, board members, and customers.
• Strong business acumen to balance security requirements with business objectives in fast‐paced environments.

• CISSP required; CISM, CRISC, or CISA strongly preferred.
• CIPM or CIPP/E highly desirable.
• Bachelor's degree in Computer Science, Information Security, or related technical field; Master's degree preferred.

About Beamery: We are a leading transformational AI platform in the HR technology industry, enabling enterprise companies to create better and fairer talent decisions by accelerating recruiting processes, unlocking successful internal mobility opportunities, enabling smarter upskilling initiatives, and facilitating agile workforce planning. We are helping our clients hire and redeploy over a million people annually.

Future Direction: Deepening native integrations with SAP, Workday, Microsoft, and LinkedIn to embed our skills intelligence into the platforms where critical workforce decisions are made; embedding agentic AI to help customers plan smarter for the future—powering workforce strategies, internal mobility, and skills forecasting; advancing proprietary LLMs and knowledge graph technology to unlock broader talent pools, make fairer decisions, and expand access to opportunity at scale. We value a culture built on trust, empathy & honesty, ensuring our workforce can bring their full selves to work.