Chief Information Security Officer in Manchester

As our Chief Information Security Officer, you will define and lead the information security strategy for Suits Me®, reporting directly to the Board of Directors. You will own the security vision, build and mature our security programme, and ensure the organisation meets its regulatory and compliance obligations while enabling continued growth across the UK, Europe, and beyond.

About Suits Me

Suits Me® is a multi-award-winning, ethical fintech dedicated to promoting financial inclusion and equal opportunity. We provide an innovative alternative to traditional banking that’s built to serve the needs of people who are underserved or excluded by mainstream financial institutions. We’re in a dynamic phase of growth, expanding across the UK and actively exploring opportunities for European and global reach.

What you’ll be doing:

• Define, implement, and continuously evolve the company’s information security strategy, aligning it with business objectives and regulatory requirements.
• Report regularly to the Board of Directors on the organisation’s security posture, emerging threats, and risk landscape.
• Establish and maintain security governance frameworks, policies, standards, and procedures across the organisation.
• Own the relationship with regulators, external auditors, and certification bodies, leading compliance efforts for PCI-DSS, FCA, Cyber Essentials Plus, and other applicable frameworks.
• Build, lead, and develop the security team, fostering a culture of security awareness and accountability across all departments.
• Oversee enterprise risk management including threat modelling, vulnerability management, and third-party risk assessments.
• Direct the incident response programme, including tabletop exercises, business continuity planning, and disaster recovery strategy.
• Manage the security budget, evaluate and procure security tooling, and negotiate contracts with security vendors and managed service providers.
• Champion security-by-design principles across product development and technology initiatives, partnering with engineering, product, and operations teams.
• Design and deliver a company-wide security awareness and training programme, ensuring all staff understand their role in protecting customer data and company assets.

What you’ll bring to Suits Me:

• Significant senior leadership experience in information security, ideally as a CISO, Head of Security, or equivalent within fintech or regulated financial services.
• Deep expertise in security governance, risk management, and compliance frameworks including PCI-DSS, FCA, Cyber Essentials, and ISO 27001.
• Proven track record of building and managing high-performing security teams and developing talent at all levels.
• Experience presenting security strategy, risk assessments, and incident reports to board-level and C-suite stakeholders.
• Strong understanding of cloud security architectures, identity and access management, and modern application security practices.
• Experience managing security budgets, vendor relationships, and third-party risk programmes.
• Relevant professional certifications such as CISSP, CISM, CISA, or equivalent.
• Excellent communication skills with the ability to translate complex technical risks into clear business language for non-technical audiences.
• A strategic mindset with the ability to balance security requirements against business agility in a fast-growing organisation.

Standout candidates will also:

• Experience scaling security programmes during periods of rapid organisational growth or international expansion.
• Background in payments, e-money, or banking security with an understanding of the specific threat landscape facing financial inclusion products.
• Hands-on experience leading incident response during live security events in a regulated environment.

30 days holiday per year plus Bank Holidays. Access to a comprehensive suite of insurances. Structured career path with support for continuous learning and development.