Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security and compliance for a health tech startup, ensuring safety and privacy.
- Company: Join a dynamic health tech startup revolutionising mental health support with innovative technology.
- Benefits: Enjoy private medical insurance, gym membership support, and 25 days annual leave plus extra breather days.
- Why this job: Be part of a mission-driven team making a real impact in mental health care.
- Qualifications: 5+ years in information security, with expertise in ISO 27001 and cloud security.
- Other info: Hybrid work model in London, perfect for balancing life and career.
The predicted salary is between 60000 - 80000 £ per year.
I’m hiring for a standout InfoSec Lead to join one of the UK’s most ambitious health tech startups. This is a company on a mission, combining clinical expertise with smart tech to shake up how people access mental health support. They need someone sharp, hands-on, and forward-thinking to take charge of security, privacy, and compliance as they scale.
What You’ll Do
- Define and implement security and compliance policies and controls across infrastructure, applications, and internal systems.
- Lead the development and execution of the roadmap toward ISO 27001 certification and other key compliance frameworks.
- Collaborate with external stakeholders and customers to support security-related queries and onboarding.
- Drive internal audits and prepare documentation for external assessments.
- Work with engineering leadership to integrate security best practices into the SDLC, CI/CD, and cloud infrastructure.
- Guide secure architectural decisions and deployment processes.
- Maintain and evolve security training, policy documentation, and incident response plans.
- Monitor the regulatory landscape to ensure compliance with UK health data and AI-in-health tech regulations.
Your Experience
- 5+ years of experience in information security and compliance, ideally in regulated environments such as health tech.
- Deep knowledge of ISO 27001, UK GDPR, and industry best practices.
- Proven experience preparing for and leading ISO or similar audits.
- Solid understanding of AWS / Azure / GCP cloud security and web application security principles.
- Strong communication and documentation skills.
- Experience with tools like SIEM, CSPM, vulnerability scanners, and monitoring platforms.
Nice to Have
- Experience working in or with UK healthcare organisations (e.g., NHS or private providers).
- CISSP, CISM, or ISO 27001 Lead Implementer.
- Exposure to agile environments or health tech startups.
Perks & Benefits
- Private medical insurance
- Gym membership support
- Workplace pension
- 25 days annual leave + 3 "breather" days
- Flexible work culture
Information Security Lead employer: Formula Recruitment
Contact Detail:
Formula Recruitment Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Lead
✨Tip Number 1
Familiarise yourself with the specific compliance frameworks mentioned in the job description, especially ISO 27001 and UK GDPR. Being able to discuss these frameworks confidently during your interview will demonstrate your expertise and readiness for the role.
✨Tip Number 2
Showcase your hands-on experience with cloud security, particularly with AWS, Azure, or GCP. Prepare examples of how you've integrated security best practices into development processes, as this is a key responsibility of the role.
✨Tip Number 3
Highlight any previous experience you have working with healthcare organisations or in regulated environments. This will set you apart from other candidates and show that you understand the unique challenges of the health tech sector.
✨Tip Number 4
Prepare to discuss your approach to security training and incident response plans. The ability to articulate how you would maintain and evolve these aspects will be crucial in demonstrating your leadership capabilities in the role.
We think you need these skills to ace Information Security Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in information security and compliance, particularly in health tech or regulated environments. Emphasise your knowledge of ISO 27001 and UK GDPR, as well as any specific tools you've used.
Craft a Compelling Cover Letter: In your cover letter, express your passion for health tech and how your skills align with the company's mission. Mention specific experiences that demonstrate your ability to lead security initiatives and collaborate with stakeholders.
Showcase Your Technical Skills: Be explicit about your technical expertise in cloud security (AWS, Azure, GCP) and web application security principles. Include examples of how you've integrated security best practices into development processes.
Highlight Communication Skills: Since strong communication is crucial for this role, provide examples of how you've effectively communicated security policies and collaborated with teams. This could include leading training sessions or preparing documentation for audits.
How to prepare for a job interview at Formula Recruitment
✨Showcase Your Compliance Knowledge
Make sure to highlight your understanding of ISO 27001 and UK GDPR during the interview. Be prepared to discuss how you've implemented these frameworks in previous roles, as this will demonstrate your hands-on experience and suitability for the position.
✨Demonstrate Technical Proficiency
Familiarise yourself with cloud security principles, especially if you have experience with AWS, Azure, or GCP. Be ready to explain how you've integrated security best practices into the software development lifecycle (SDLC) and continuous integration/continuous deployment (CI/CD) processes.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving skills in real-world scenarios. Think about past experiences where you had to lead audits or respond to security incidents, and be ready to share specific examples that showcase your leadership and decision-making abilities.
✨Communicate Effectively
Strong communication skills are essential for this role. Practice articulating complex security concepts in a way that is easy to understand, as you'll need to collaborate with various stakeholders. Being able to convey your ideas clearly will set you apart from other candidates.
