Head of Security (CISO) in London

Location: Hybrid Permanent

ClearCourse is seeking an experienced Head of Security (CISO) to lead and evolve our group-wide security strategy across a diverse portfolio of 40+ software and payments businesses. Reporting to the Chief Technology & Transformation Officer, with a dotted line to the Board and Audit Committee, this is a pivotal executive leadership role responsible for security governance, operations, compliance, and risk management across a complex technology estate spanning payments, healthcare, and B2B SaaS. With ongoing M&A activity, active PCI-DSS obligations, and a rapidly evolving platform landscape, you'll play a critical role in protecting our customers, supporting business growth, and embedding security across the organisation.

What you'll do:

• Define and lead the Group's security strategy, policies, and governance framework
• Provide Board-level reporting on security posture, risks, and compliance activities
• Oversee security operations, including threat detection, incident response, and remediation
• Act as the executive lead during security incidents and manage external stakeholder communications
• Own PCI-DSS compliance across ClearAccept and ClearDebit payment platforms
• Lead the Group's Governance, Risk and Compliance (GRC) function, including ISO 27001, Cyber Essentials, PCI-DSS, and data protection obligations
• Manage relationships with auditors, regulators, cyber insurers, and certification bodies
• Lead security assessments and integration activities for acquisitions, driving alignment to Group standards
• Partner with Platform Engineering teams to embed security practices into development lifecycles without impacting delivery velocity
• Lead and develop the GRC function to support a proactive and risk-aware security culture

Requirements:

• Previous experience operating at CISO level within a multi-product or multi-entity organisation
• Hands-on experience leading PCI-DSS compliance programmes and QSA assessments
• Proven expertise building and managing enterprise-wide GRC frameworks and risk registers
• Experience assessing and integrating security functions following M&A activity
• Strong understanding of DevSecOps principles and embedding security into engineering practices
• Experience leading major security incidents, including external communications and stakeholder management
• Ability to influence at Board and executive leadership level
• Strong leadership skills with experience building and developing high-performing security teams

Benefits:

• Competitive salary + benefits
• 25 days holiday + your birthday off
• Private medical insurance (Bupa) & health cash plan
• Life assurance & income protection
• Enhanced parental leave & family wellbeing support
• Perkbox discounts & perks
• Generous pension contributions
• Hybrid working model

This is a rare opportunity to shape and lead the security strategy of a fast-growing international software and payments group. You'll work at executive level, influence critical business decisions, and play a key role in safeguarding the future growth of the organisation. If you're passionate about security leadership and thrive in complex, evolving environments, we'd love to hear from you.