Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the security strategy for a fast-growing SaaS startup.
- Company: Join a dynamic tech company revolutionising learning and upskilling.
- Benefits: Enjoy a competitive salary, bonus, and the chance to shape security from scratch.
- Why this job: Be a key player in a mission-driven company that empowers individuals to learn.
- Qualifications: 3-5 years in information security, preferably in a SaaS or startup environment.
- Other info: This is a unique chance to build the security function from the ground up.
The predicted salary is between 60000 - 75000 £ per year.
A dynamic and rapidly expanding technology company focused on revolutionizing learning and upskilling is seeking its first dedicated Information Security Lead. This is a crucial role for a fast-growing SaaS platform that empowers individuals to learn what they need, when they need it, and is already trusted by major organizations.
This is an exciting opportunity for an experienced Information Security professional to be the subject matter expert and build the security function from the ground up. You will take ownership of identifying, assessing, and mitigating information security risks across the business, as well as establishing and maintaining robust security processes and controls to support commercial, engineering, and product teams.
The ideal Information Security Lead will be responsible for:
- Owning and leading the information security function, working collaboratively across all departments.
- Maintaining and evolving ISO 27001 certification and managing the Information Security Management System (ISMS) lifecycle.
- Performing regular risk assessments, developing and managing remediation plans, and conducting internal security audits.
- Ensuring compliance with data protection laws (e.g., GDPR) and addressing customer security requirements throughout the sales process.
- Developing, implementing, and managing information security policies, standards, and procedures.
- Delivering internal security awareness training and onboarding programs.
- Collaborating with engineering and DevOps teams to implement security controls across cloud infrastructure (ideally AWS), including access control, encryption, and logging.
- Leading the incident response process and managing third-party penetration testing and vulnerability management activities.
The ideal Information Security Lead will have experience with the following:
- 3-5 years of hands-on experience in an information security or IT risk/compliance role.
- Proven experience working within a SaaS company or a fast-paced startup/scale-up environment.
- Strong working knowledge of ISO 27001 and practical experience maintaining or achieving certification.
- A solid understanding of cloud environments (AWS preferred) and common security risks associated with SaaS platforms.
- Hands-on knowledge of security tooling, including endpoint protection, SIEMs, DLP, identity and access management (IAM), and SSO.
- A clear understanding of data privacy laws, particularly GDPR.
This is a unique opportunity to be the foundational Information Security leader within a well-funded and rapidly growing learning technology company with a clear mission to disrupt the way people learn. If you are a proactive and knowledgeable security professional ready to build and lead the security posture of an innovative SaaS platform, we encourage you to apply!
Security Lead employer: Burns Sheehan
Contact Detail:
Burns Sheehan Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Lead
✨Tip Number 1
Network with professionals in the information security field, especially those who have experience in SaaS environments. Attend industry events or webinars to connect with potential colleagues and learn about the latest trends and challenges in security.
✨Tip Number 2
Familiarise yourself with ISO 27001 standards and best practices. Consider obtaining relevant certifications if you haven't already, as this will demonstrate your commitment and expertise in maintaining security frameworks.
✨Tip Number 3
Showcase your hands-on experience with cloud environments, particularly AWS. Be prepared to discuss specific projects where you've implemented security controls, as this will highlight your practical knowledge and ability to adapt to a fast-paced startup culture.
✨Tip Number 4
Prepare to discuss your approach to risk assessments and incident response strategies. Having concrete examples of how you've managed security risks and responded to incidents will set you apart as a proactive candidate ready to lead the security function.
We think you need these skills to ace Security Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in information security, particularly in SaaS environments. Emphasise your hands-on experience with ISO 27001 and any specific security tools you've worked with.
Craft a Compelling Cover Letter: In your cover letter, express your passion for information security and how your background aligns with the company's mission. Mention specific achievements that demonstrate your ability to build security functions from the ground up.
Showcase Relevant Skills: Clearly outline your skills related to risk assessment, compliance with data protection laws, and experience with cloud environments like AWS. Use examples to illustrate your expertise in these areas.
Highlight Leadership Experience: Since this role involves leading the information security function, be sure to highlight any previous leadership roles or experiences where you successfully managed teams or projects in security.
How to prepare for a job interview at Burns Sheehan
✨Showcase Your Security Strategy Skills
Be prepared to discuss your approach to creating a security strategy from scratch. Highlight any previous experiences where you successfully built security functions, and be ready to explain how you would tailor your strategy to fit the unique needs of a SaaS startup.
✨Demonstrate Knowledge of ISO 27001
Since maintaining ISO 27001 certification is crucial for this role, brush up on your knowledge of the standard. Be ready to discuss how you've previously managed ISMS lifecycles and what steps you would take to ensure compliance in a fast-paced environment.
✨Understand Cloud Security Risks
Given the emphasis on cloud environments, particularly AWS, make sure you can articulate common security risks associated with SaaS platforms. Prepare examples of how you've implemented security controls in cloud infrastructure and how you would address potential vulnerabilities.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in real-world situations. Think about past incidents you've managed, how you responded, and what you learned from those experiences. This will demonstrate your hands-on knowledge and readiness for the role.
