Head of Security in London

ClearCourse is seeking an experienced Chief Information Security Officer (CISO) to lead and evolve our group‑wide security strategy across a diverse portfolio of 40+ software and payments businesses. Reporting to the Chief Technology & Transformation Officer, with a dotted line to the Board and Audit Committee, this is a pivotal executive leadership role responsible for security governance, operations, compliance, and risk management across a complex technology estate spanning payments, healthcare, and B2B SaaS. With ongoing M&A activity, active PCI-DSS obligations, and a rapidly evolving platform landscape, you’ll play a critical role in protecting our customers, supporting business growth, and embedding security across the organisation.

What you’ll do:

• Define and lead the Group’s security strategy, policies, and governance framework
• Provide Board-level reporting on security posture, risks, and compliance activities
• Oversee security operations, including threat detection, incident response, and remediation
• Act as the executive lead during security incidents and manage external stakeholder communications
• Own PCI-DSS compliance across ClearAccept and ClearDebit payment platforms
• Lead the Group’s Governance, Risk and Compliance (GRC) function, including ISO 27001, Cyber Essentials, PCI-DSS, and data protection obligations
• Manage relationships with auditors, regulators, cyber insurers, and certification bodies
• Lead security assessments and integration activities for acquisitions, driving alignment to Group standards
• Partner with Platform Engineering teams to embed security practices into development lifecycles without impacting delivery velocity
• Lead and develop the GRC function to support a proactive and risk‑aware security culture

Previous experience:

• Operating at CISO level within a multi-product or multi-entity organisation
• Hands‑on experience leading PCI‑DSS compliance programmes and QSA assessments
• Proven expertise building and managing enterprise‑wide GRC frameworks and risk registers
• Experience assessing and integrating security functions following M&A activity
• Strong understanding of DevSecOps principles and embedding security into engineering practices
• Experience leading major security incidents, including external communications and stakeholder management
• Ability to influence at Board and executive leadership level
• Strong leadership skills with experience building and developing high‑performing security teams

Competitive salary + benefits, 25 days holiday + your birthday off, Private medical insurance (Bupa) & health cash plan, Life assurance & income protection, Enhanced parental leave & family wellbeing support, Perkbox discounts & perks, Generous pension contributions, Hybrid working model.

This is a rare opportunity to shape and lead the security strategy of a fast‑growing international software and payments group. You’ll work at executive level, influence critical business decisions, and play a key role in safeguarding the future growth of the organisation. If you’re passionate about security leadership and thrive in complex, evolving environments, we’d love to hear from you.