Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security design and operations for a top health app, ensuring compliance and safety.
- Company: Join Flo, the world's #1 health & fitness app with a mission for female health.
- Benefits: Competitive salary, performance incentives, generous leave, and professional growth opportunities.
- Other info: Dynamic, mission-driven team focused on collaboration and continuous improvement.
- Why this job: Make a real impact on millions of users' health while leading innovative security initiatives.
- Qualifications: 7+ years in security/compliance, with strong leadership and technical skills.
The predicted salary is between 60000 - 84000 £ per year.
500M+ downloads. 80M+ monthly users. A decade of building – and we’re still accelerating. Flo is the world’s #1 health & fitness app worldwide on a mission to build a better future for female health. Backed by a $200M investment led by General Atlantic, we became the first product of our kind to reach a $1B valuation in 2024 – and we’re not slowing down. With 7M paid subscribers and the highest-rated experience in the App Store’s health category, we’ve spent 10 years earning trust at scale. Now, we’re building the next generation of digital health – AI-powered, privacy-first, clinically backed – to help our users know their body better.
As a key member of Flo’s Security Architecture team, you will lead the design and operation of our US Healthcare security controls. You will own the roadmap for HIPAA compliance and SOC2 Type II certification, partnering with Engineering and Legal to build a secure, compliant platform for millions of users.
Key Responsibilities- Compliance Leadership: Lead annual SOC 2 and HIPAA certifications, managing interfaces with external auditors and professional services.
- Policy & Risk: Define and maintain security policies; embed risk assessment activities within engineering processes and vendor management.
- Operational Excellence: Partner with control owners to automate evidence gathering and ensure controls reduce friction rather than creating it.
- Stakeholder Management: Serve as the primary Security POC for US regulators and partners; support the wider Security team with ISO 27001/27701 alignment.
- Tooling: Manage and integrate GRC platforms to streamline compliance monitoring and reporting.
- Experience: 7+ years in security/compliance (3+ in leadership), with a Bachelor’s degree in a related field.
- Core Skills: Deep expertise in SOC 2 and HIPAA frameworks within a Cloud-based SaaS environment.
- Technical Knowledge: Familiarity with PHI handling, GRC platforms, and compliance automation.
- Soft Skills: Strong ability to translate complex compliance requirements into clear actions for engineering teams.
- Preferred: CISA/CISSP certifications; experience with NIST, HiTrust, Docker/Kubernetes, and DevSecOps.
We’re a mission-led, product-driven team. We move fast, stay focused and take ownership – from brief to build to impact. Debate is encouraged. Decisions are shared. We care about craft, ship with purpose, and always raise the bar. You’ll be working with people who take their work seriously, not themselves. It takes commitment, resilience, and the drive to keep going when things get tough. Because better health outcomes are worth it.
What you’ll get- Competitive salary and annual reviews
- Opportunity to participate in Flo’s performance incentive scheme
- Paid holiday, sick leave, and female health leave
- Enhanced parental leave and pay for maternity, paternity, same-sex and adoptive parents
- Accelerated professional growth through world-changing work and learning support
- In-person collaboration and work in a hybrid model, with 3 days per week spent in the office
- 5-week fully paid sabbatical at 5-year Floversary
- Flo Premium for friends & family, plus more health, pension and wellbeing perks
Our strength is in our differences. At Flo, hiring is based on merit, skill and what you bring to the role – nothing else. We’re proud to be an equal opportunity employer, and we welcome applicants from all backgrounds, communities and identities.
Lead Security Specialist in London employer: Flo Health
Contact Detail:
Flo Health Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Lead Security Specialist in London
✨Tip Number 1
Network like a pro! Reach out to people in the industry, attend events, and connect with current Flo employees on LinkedIn. A personal introduction can make all the difference when it comes to landing that interview.
✨Tip Number 2
Prepare for the interview by researching Flo's mission and values. Understand their approach to security and compliance, and think about how your experience aligns with their goals. Show them you’re not just another candidate, but someone who truly gets what they’re about.
✨Tip Number 3
Practice your responses to common interview questions, especially those related to SOC 2 and HIPAA frameworks. Use real-life examples from your past experiences to demonstrate your expertise and problem-solving skills.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in being part of the Flo team.
We think you need these skills to ace Lead Security Specialist in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Lead Security Specialist role. Highlight your experience with SOC 2 and HIPAA frameworks, and don’t forget to showcase any leadership roles you've had in security compliance.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about female health and how your skills align with our mission at Flo. Keep it engaging and personal!
Showcase Your Technical Skills: We want to see your technical know-how! Be sure to mention your familiarity with GRC platforms, PHI handling, and any relevant certifications like CISA or CISSP. This will help us understand your fit for the role.
Apply Through Our Website: Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for this exciting opportunity. We can’t wait to hear from you!
How to prepare for a job interview at Flo Health
✨Know Your Compliance Stuff
Make sure you brush up on SOC 2 and HIPAA frameworks, especially in a Cloud-based SaaS environment. Be ready to discuss how you've led compliance initiatives in the past and how you can apply that experience to Flo's mission.
✨Showcase Your Leadership Skills
As a Lead Security Specialist, you'll need to demonstrate your ability to lead teams and manage projects. Prepare examples of how you've successfully led compliance certifications and worked with cross-functional teams to achieve security goals.
✨Be Ready for Technical Questions
Expect questions about PHI handling, GRC platforms, and compliance automation. Brush up on your technical knowledge and be prepared to explain complex compliance requirements in simple terms, as this will show your ability to communicate effectively with engineering teams.
✨Emphasise Your Soft Skills
Flo values a collaborative and mission-driven approach. Highlight your soft skills, such as resilience, commitment, and the ability to work under pressure. Share stories that illustrate how you've navigated challenges while keeping the team focused on their goals.