Chief Information Security Officer

Are you ready to transform the insurance industry? Policy Expert is a forward‑thinking business that loves to get things done. Leveraging proprietary technology and smart data, we offer reliable products and a wow customer experience. Having achieved rapid growth since being founded in 2011, we’ve won over 1.5 million customers in Home, Motor and Pet insurance and have been ranked the UK’s No.1‑rated home insurer by Review Centre since 2013.

Responsibilities

• Set and drive the day‑to‑day execution of a scalable, business‑embedded cyber security strategy aligned to commercial goals.
• Oversee and continuously improve third‑party risk management, including vendor assessments, monitoring, and remediation actions.
• Lead initiatives to strengthen data protection and application security across all products and platforms.
• Ensure robust physical and network security controls are in place, monitored, and evolving with business needs.
• Maintain and test operational resilience, including incident response readiness, crisis simulations, and recovery planning.
• Manage and optimise security across a multi‑cloud environment, ensuring consistent posture and governance.
• Guide the organisation’s progression toward a more mature, NIST‑aligned security framework.
• Translate security priorities into clear, actionable plans for technical and non‑technical stakeholders.
• Engage regularly with executive leadership and the board, providing updates, risk insights, and strategic direction.
• Act as the central point of accountability for cyber risk, balancing security needs with business growth and delivery.
• Support business‑critical events such as audits, due diligence, and exit readiness activities.
• Build, lead, and develop a high‑performing security function capable of scaling with the organisation.

About You

• Bring experience from fast‑paced environments such as insurtech, fintech, or PE‑backed SaaS/digital platforms.
• Demonstrate strong expertise in cloud‑native and product security, with hands‑on understanding of modern architectures.
• Make pragmatic, commercially aware decisions, balancing security risk with business growth objectives.
• Operate effectively in lean, high‑growth settings, prioritising impact and scalability over perfection.
• Manage and secure complex third‑party ecosystems, including vendors, partners, and API integrations.
• Bridge the gap between traditional IT security and modern product engineering, working comfortably across both domains.
• Understand the demands of private equity environments, including transaction readiness and due diligence processes.
• Bring exposure to investment‑backed growth journeys (PE or VC), with an appreciation for pace, scrutiny, and value creation.

Location & Salary

This role will be based in our London office in a 50/50 Hybrid mode. We match your pension contributions up to 7%. Learning budget of £1,000 a year + Study leave (with encouragement to use it). Enhanced maternity & paternity. Travel season ticket loan. Access to a wide selection of London O2 events and use of a private lounge.

Equal Opportunity

We pride ourselves on being an equal opportunity employer. We treat all applications equally and recruit based solely on an individual’s skills, knowledge, and experience. The quality and growing diversity of our team is a testament to this commitment. At Policy Expert, we are committed to fostering an inclusive and supportive environment for all candidates. If you require any reasonable adjustments during the interview process to accommodate your needs, please do not hesitate to let us know. We are dedicated to ensuring every candidate has an equal opportunity to succeed and will work with you to provide the necessary support.