Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Strengthen information security governance and collaborate across teams to ensure secure operations.
- Company: Join Form3, a leader in innovative payment technology.
- Benefits: Competitive salary, flexible work options, and a supportive team culture.
- Why this job: Make a real impact on security practices in a fast-paced, cloud-native environment.
- Qualifications: 5+ years in Information Security with strong knowledge of security frameworks.
- Other info: Opportunity for significant career growth in a collaborative and inclusive team.
The predicted salary is between 36000 - 60000 £ per year.
As an Information Security Officer at Form3, you’ll play a pivotal role in strengthening and evolving our information security governance, risk, and compliance practices. Working within the Information Security team, you’ll help ensure that Form3 continues to operate securely and maintain the trust of our customers and partners.
You’ll work closely with teams across the organisation, from Engineering and Product to Legal and Risk teams, to embed security into business and technology decisions. This is a hands-on role that combines strategic oversight with practical execution, ensuring our controls, frameworks, and awareness initiatives remain industry leading as we scale globally.
What you’ll do
- Apply expert knowledge of security frameworks and controls such as NIST, ISO22301, ISO27001, ISO27017/18, ISAE3000/SOC2, and GDPR to support security governance.
- Support the development, maintenance, and continual improvement of the ISMS and BCMS.
- Assist in drafting and maintaining Information Security Policies and ensure alignment with business and customer requirements.
- Contribute to the planning and execution of external audits, engaging directly with auditors and customers.
- Monitor and report on adherence to security controls across all areas of the business via risk assessments and internal audits.
- Assess and support the remediation of information security risks, non-conformities, and issues across systems and services.
- Support vulnerability management processes, from triage and tracking to remediation reporting, in partnership with Offensive Security and Engineering teams.
- Conduct vendor and third-party security assessments, ensuring suppliers meet Form3’s security and compliance requirements.
- Partner with the Defensive Engineering team to ensure security requirements are built into product developments.
- Deliver and enhance security awareness and training initiatives to promote a strong security culture across Form3.
- Collaborate with the Security Operations team to maintain situational awareness of emerging threats and vulnerabilities, ensuring timely escalation and risk-based response.
WE’RE LOOKING FOR
Form3’s Information Security Governance, Risk and Compliance (GRC) team plays a critical role in protecting the organisation, so we’re looking for someone who is analytical, collaborative, and passionate about driving security excellence. You’ll thrive on solving complex problems, balancing deep technical knowledge with strong governance principles, and finding ways to make security scalable across a fast-moving, cloud-native business.
Essential
- 5+ years’ experience in Information Security, ideally within a fast-paced technology or financial services industry.
- Strong working knowledge of frameworks such as ISO27001, ISO22301, SOC 1, SOC 2, NIST, and GDPR.
- Proven experience developing, implementing, and improving information security policies, standards, and controls aligned to recognised frameworks.
- Hands-on experience conducting audits, risk assessments, and business impact analyses.
- Hands-on experience with vulnerability management within a complex and dynamic cloud environment.
- Broad understanding of cloud security.
- Excellent communication and stakeholder engagement skills, with the confidence to influence at all levels of the organisation.
- Analytical mindset with a focus on continual improvement and measurable outcomes.
Desirable
- Security-related qualifications such as CISSP, CISM, CISA, or ISO27001 Lead Implementer/Auditor.
- Experience leading certification and attestation programmes such as ISO27001, ISO22301 or SOC 2.
- Experience operating in regulated or high-availability environments such as financial services, payments, or critical infrastructure.
- Familiarity with GRC tooling and automation to streamline compliance, risk, and control management activities.
THE TEAM
This role sits within Form3’s Information Security Governance, Risk and Compliance (GRC) team and reports directly to the Head of GRC. As part of a highly collaborative security function, you’ll play a key role in shaping how Form3 manages information security risk, compliance, and assurance across all areas of the business.
The GRC team underpins Form3’s security standards, designing and maintaining the frameworks, policies, and controls that keep our people, systems, and customers safe. Joining at this stage offers the opportunity to make a significant impact, strengthening governance and compliance across a cloud-native environment while helping define how security scales with the business.
Note: This role requires attendance at our London office ~1–2 days per month and therefore must be within a commutable distance to London.
INTERVIEW PROCESS
- Stage 1: Screening Call with Talent Team
- Stage 2: Interview with Principal Security Officer
- Stage 3: Interview with Head of GRC
We always aim to stick to the above process, however there may be occasions when an additional interview stage is needed for us to be sure we’re hiring the right person!
HIRING LOCATIONS
We are able to accept applications from the UK only. All new joiners start their first day in our office to collect the equipment needed to work remotely. We’ll also arrange for some of your team to come in to say hi, ensuring you’re supported and have a positive first few days with Form3!
ABOUT FORM3
Revolutionising the world of payments with our cutting-edge technology and innovative solutions.
OUR DEI&B COMMITMENT
We hire talented people from a variety of backgrounds and experiences and are committed to a work environment based on diversity, open-mindedness and curiosity. We’re united by our company values and we celebrate our unique differences.
Our employee lifecycle processes are designed to embrace equal opportunity and prevent discrimination against our people regardless of personal characteristics. It is our strong belief that the more inclusive and belonging we are as a business, the better our work will be.
As an inclusive employer, we guarantee to interview all neurodiverse and physically disabled applicants who meet the minimum criteria for this role. We also encourage candidates to notify us of any reasonable adjustments that may be required during the recruitment process.
Information Security Officer in London employer: Form3
Contact Detail:
Form3 Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Officer in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for those interviews! Research Form3, understand their security frameworks, and be ready to discuss how your experience aligns with their needs. Practise common interview questions and think about how you can showcase your analytical mindset.
✨Tip Number 3
Show off your skills! If you’ve got hands-on experience with audits or vulnerability management, be sure to highlight that during interviews. Use specific examples to demonstrate how you've tackled complex problems in the past.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining the Form3 team.
We think you need these skills to ace Information Security Officer in London
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Information Security Officer role. Highlight your experience with security frameworks like ISO27001 and NIST, and show how your skills align with what we’re looking for at Form3.
Showcase Your Experience: Don’t just list your past jobs; explain how your hands-on experience in audits, risk assessments, and vulnerability management makes you a great fit. We want to see how you've tackled challenges in previous roles!
Be Clear and Concise: When writing your application, keep it straightforward. Use clear language and avoid jargon where possible. We appreciate a well-structured application that gets straight to the point without fluff.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands and shows us you’re genuinely interested in joining our team at Form3!
How to prepare for a job interview at Form3
✨Know Your Frameworks
Make sure you brush up on your knowledge of security frameworks like ISO27001, NIST, and GDPR. Be ready to discuss how you've applied these in past roles, as this will show your expertise and understanding of the industry standards.
✨Showcase Your Hands-On Experience
Prepare to share specific examples of your hands-on experience with audits, risk assessments, and vulnerability management. Highlight any complex situations you've navigated and how you contributed to improving security practices.
✨Engage with Stakeholders
Since this role involves collaboration across various teams, think about how you've successfully engaged with stakeholders in the past. Be ready to discuss your communication style and how you influence decisions at different levels within an organisation.
✨Demonstrate Continuous Improvement Mindset
Form3 values analytical thinking and continual improvement. Prepare to talk about how you've implemented changes based on feedback or audit results, and how you measure the success of those improvements in your previous roles.
