Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead our information security function and ensure compliance with data protection laws.
- Company: Join HowNow, a disruptive Learning Tech SaaS platform on a mission to enhance everyday learning.
- Benefits: Competitive salary, hybrid working, 25 days holiday, and a £500 learning budget.
- Why this job: Be the first InfoSec hire and make a real impact in a fast-growing company.
- Qualifications: 3-5 years in information security, SaaS experience, and knowledge of ISO 27001.
- Other info: Enjoy a fun, dog-friendly office with monthly socials and wind-down Fridays.
The predicted salary is between 60000 - 75000 £ per year.
Join to apply for the Information Security Lead role at HowNow. Our mission is to make meaningful learning a part of your everyday. The shelf life of our skills is now less than 5 years. So, if you stopped learning today, your skills would soon become irrelevant. Enter HowNow. Founded in 2019, our Learning and Skills Platform is disrupting the way people learn and upskill through technology. Whether it’s finding a quick answer, learning new skills, or tapping into shared knowledge, we make it easy for people to learn what they need, when they need it.
As our first InfoSec hire, you will be our subject matter expert, guiding our fast-growing Learning Tech SaaS platform with your practical knowledge on everything security-related. You’ll be responsible for identifying, assessing, and mitigating risks for the business, as well as developing processes and controls to support our commercial, engineering, and product teams.
Day-to-day tasks will include:
- Security Ownership & Leadership: Own and lead HowNow’s information security function, working cross-functionally to align with business needs. Maintain and evolve our ISO 27001 certification and manage the ISMS lifecycle. Perform regular risk assessments, manage remediation plans, and conduct internal audits. Ensure compliance with data protection laws (e.g., GDPR) and customer security requirements. Create and manage information security policies, standards, and procedures. Deliver internal training, onboarding, and awareness programs to promote secure behaviours.
- Security Operations: Work with engineering and DevOps to implement security controls across infrastructure (e.g., access control, encryption, logging). Lead the incident response process and manage third-party pen testing and vulnerability management. Support security questionnaires, RFPs, and due diligence for customer deals. Review third-party vendors and tools for security posture and risks.
The key qualities we’re looking for in applicants:
- 3–5 years of hands-on experience in an information security or IT risk/compliance role.
- Experience working at a SaaS company or fast-paced startup/scale-up.
- Good working knowledge of ISO 27001 and experience maintaining or achieving certification.
- Understanding of cloud environments (AWS preferred) and common SaaS security risks.
- Hands-on knowledge of endpoint protection, SIEMs, DLP, IAM, and SSO.
- Clear understanding of data privacy laws (especially GDPR).
- Familiarity with security tools (e.g., endpoint protection, SSO/IAM, monitoring/logging, vulnerability scanning).
- Experience with risk assessments, incident response planning, and writing security policies.
- Strong communication skills, with the ability to explain security concepts to both technical and non-technical teams.
What you’ll get:
- Salary band for this role is £60,000-75,000 per annum, plus a 10% performance-based bonus.
- Hybrid working (2x a week in our London office, Tuesdays and Thursdays) and flexible working hours.
- Work From Anywhere, for up to two weeks per quarter.
- Wind-down Fridays: No meetings from 2 pm onwards on Fridays.
- Enhanced maternity and paternity policies.
- 25 days holiday, plus bank holidays and your birthday off.
- An annual £500 learning and development budget.
- Dog-friendly offices.
- Monthly socials, including mini-golf, Hijingo, shuffleboarding, 5-a-side football, and badminton.
- Access to the best learning platform (HowNow+) to keep you at the top of your game.
- Cycle to Work scheme.
- Financial wellbeing support via Mintago.
What’s next? Once you’ve applied, we’ll get back to you within 3 working days. You’ll be invited to a 30-minute video call with Lizzie, our Senior People Partner, followed by a 45-minute interview with Kuvera (COO & Co-Founder). You will deliver a short task detailing how you’d approach a risk assessment, mitigation plan, compliance, governance, and penetration testing.
Information Security Lead employer: HowNow
Contact Detail:
HowNow Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Lead
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for those interviews! Research HowNow, understand their mission, and think about how your skills align with their needs. Practise common interview questions and be ready to showcase your expertise in information security.
✨Tip Number 3
Show off your passion for learning! Since HowNow is all about upskilling, share examples of how you've continued to learn and grow in your field. This will resonate well with the team and show you're a great fit for their culture.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows you’re genuinely interested in being part of the HowNow family. Don’t miss out on this opportunity!
We think you need these skills to ace Information Security Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Information Security Lead role. Highlight your relevant experience, especially in SaaS and ISO 27001, to show us you’re the perfect fit for our team.
Craft a Compelling Cover Letter: Your cover letter should tell us why you’re passionate about information security and how your skills align with our mission at HowNow. Be genuine and let your personality shine through!
Showcase Your Achievements: Don’t just list your responsibilities; showcase your achievements in previous roles. Use metrics where possible to demonstrate how you’ve made a difference in security practices or compliance.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates from our team!
How to prepare for a job interview at HowNow
✨Know Your Stuff
Make sure you brush up on your knowledge of ISO 27001 and the specific security risks associated with SaaS platforms. Be ready to discuss how you've applied this knowledge in previous roles, especially in risk assessments and compliance.
✨Show Your Leadership Skills
As the first InfoSec hire, you'll need to demonstrate your ability to lead and own the information security function. Prepare examples of how you've successfully led security initiatives or teams in the past, and be ready to share your vision for HowNow's security landscape.
✨Communicate Clearly
You'll be working with both technical and non-technical teams, so practice explaining complex security concepts in simple terms. Think about how you can convey the importance of security measures without getting too bogged down in jargon.
✨Prepare for Practical Tasks
Expect to deliver a short task during the interview that involves risk assessment and mitigation planning. Familiarise yourself with common scenarios and think through your approach beforehand, so you can present your ideas confidently and clearly.
