Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and enhance our information security programme while collaborating with various teams.
- Company: Join a forward-thinking tech company focused on cloud-native security solutions.
- Benefits: Enjoy hybrid working, generous leave, and a £1,000 learning budget.
- Why this job: Make a real impact in cybersecurity while developing your skills in a supportive environment.
- Qualifications: Proven experience in cloud security and strong stakeholder management skills required.
- Other info: Dynamic role with excellent career growth and a focus on employee well-being.
The predicted salary is between 48000 - 84000 £ per year.
Overview
The Impact You Will Have:
- Lead the day-to-day operation and uplift of Elliptic’s information and cyber security programme.
- Drive SSDLC v2.0 adoption, improve cloud and SaaS security posture, and ensure external audit and customer due diligence readiness.
- Partner with Engineering, Platform, Legal, Procurement and Customer teams to reduce risk while enabling delivery and revenue, including Enterprise Tier security features.
What We Expect From You:
- Programme ownership and delivery
- Own delivery of the InfoSec roadmap and metrics. Translate strategy into quarterly plans with measurable outcomes.
- Establish gates, controls and reporting for SSDLC v2.0 across build and deploy pipelines.
- Lead CSPM/SSPM baselining and targeted burn-down of misconfigurations and vulnerabilities.
- Risk, assurance and audit readiness
- Maintain ISMS processes aligned to ISO 27001. Coordinate evidence for customer audits and external assurance (e.g., pen test, TPOs).
- Chair or contribute to risk forums. Ensure timely remediation, risk acceptance and exception tracking.
- Cloud and SaaS security
- Partner with Platform to harden AWS (IAM, KMS, network segmentation, Security Hub, GuardDuty, logging).
- Uplift endpoint, identity and access, vulnerability management, and logging across the estate.
- People leadership and ways of working
- Provide day-to-day guidance to TISO, Analysts and cross-functional contributors.
- Embed a pragmatic, developer-friendly security culture through enablement, playbooks and training.
- Vendor and data governance
- Oversee vendor security due diligence with clear SLAs and evidence trails.
- Support data protection and BC/DR control owners.
You Must Have:
- Proven experience leading security delivery in a cloud-native product company.
- Strong understanding of AWS security architecture, modern CI/CD, and application security practices.
- Experience operationalising ISMS controls and preparing audit evidence for enterprise customers.
- Excellent stakeholder management and communication skills.
- Relevant certifications are a plus (e.g., CISSP, CCSP, AWS Security), but practical impact matters most.
Success Measures In The First 12 Months:
- SSDLC v2.0 gates defined and enforced across critical services. Coverage reported monthly.
- 40% reduction in outstanding high/critical vulnerabilities and misconfigurations.
- Green audit outcomes for priority customers with evidence pack library established.
- Baseline CSPM/SSPM metrics in place with trend improvement quarter-on-quarter.
- Vendor DD process with SLAs and scorecards operating and measured.
How We Work:
- Hybrid working and the option to work from almost anywhere for up to 90 days per year.
- £500 Remote working budget to set up your home office space.
- $1,000 Learning & Development budget to use on anything (agreed with your manager) that contributes to your growth and development.
- Holidays: 25 days of annual leave + bank holidays.
- An extra day for your birthday.
- Enhanced parental leave: we provide eligible employees, regardless of gender or whether they become a parent by birth or adoption, 16 weeks fully-paid leave.
Benefits:
- Private Health Insurance - we use Vitality!
- Full access to Spill Mental Health Support.
- Life Assurance: 4 times your salary to your beneficiaries.
- £100 cryptocurrency for you!
- Cycle to Work Scheme.
Information Security Team Lead employer: Elliptic
Contact Detail:
Elliptic Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Team Lead
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with potential colleagues on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their security challenges and think about how your experience aligns with their needs. This will help you stand out as a candidate who’s genuinely interested in the role.
✨Tip Number 3
Showcase your skills through practical examples. When discussing your experience, focus on specific projects where you led security initiatives or improved processes. This will demonstrate your hands-on expertise and problem-solving abilities.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace Information Security Team Lead
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in leading security delivery, especially in cloud-native environments. We want to see how your skills align with our needs!
Showcase Your Achievements: Don’t just list your responsibilities; share specific examples of how you’ve improved security postures or led successful projects. Numbers and metrics can really make your application stand out to us.
Be Clear and Concise: Keep your writing straightforward and to the point. We appreciate clarity, so avoid jargon unless it’s relevant to the role. Make it easy for us to see why you’re a great fit!
Apply Through Our Website: We encourage you to submit your application directly through our website. It’s the best way for us to receive your details and ensures you’re considered for the role without any hiccups!
How to prepare for a job interview at Elliptic
✨Know Your Stuff
Make sure you brush up on your knowledge of AWS security architecture and modern CI/CD practices. Be ready to discuss how you've led security delivery in a cloud-native environment, as this will show you understand the role's requirements.
✨Showcase Your Leadership Skills
Prepare examples of how you've guided teams in the past, especially in embedding a security culture. Highlight any experience you have with mentoring or training others, as this is crucial for the Information Security Team Lead position.
✨Be Audit-Ready
Familiarise yourself with ISMS processes aligned to ISO 27001. Be prepared to discuss how you've coordinated evidence for customer audits and external assurance in previous roles, as this will demonstrate your readiness for the responsibilities outlined.
✨Engage with Stakeholders
Think about times when you've successfully managed stakeholders across different teams. Prepare to share specific examples that illustrate your communication skills and ability to partner with various departments to reduce risk while enabling delivery.
