Head of Information Security

Company: Fintel
Apply for the Head of Information Security
Location: Greater London
Job Description:

Fintel plc is the leading provider of financial services intelligence and technology, helping businesses navigate regulatory complexity and drive growth. Our mission is to simplify and enhance financial services, enabling better client outcomes. We have two core business divisions: Software and Data and Services.

Department: TechnologyLocation: Remote – UK

Role Overview

This is a pivotal, group-wide leadership role for a pragmatic and technically grounded security professional who wants genuine ownership, not just of policy documents, but of outcomes. You will own the information security and data protection strategy for the entire Fintel Group, operating at both the strategic and hands‑on technical level. Reporting directly to the CTO of Defaqto, you will act as the group’s effective CISO and Data Protection Officer (DPO), working across both Defaqto and SimplyBiz to align security policies, manage risk, respond to incidents, and continuously improve our security posture. You will be the person the board turns to for honest assessment, the engineer teams turn to for clear direction, and the clients turn to when they need confidence in how we handle their data. We are a technology company and we want a technology person in this role, someone who understands why controls exist, not just that they should exist.

Group Security Strategy

  • Own and drive the group‑wide information security strategy, aligned to business risk, regulatory obligations, and client expectations
  • Maintain and continuously improve security policies and standards across both Defaqto and SimplyBiz divisions
  • Define and manage the security roadmap, prioritising initiatives based on risk, technical impact, and business value
  • Champion security‑by‑design thinking across engineering, product, and operations teams

Technical Security & Penetration Testing

  • Lead the technical security posture of the group — not just from a governance perspective but with genuine understanding of the underlying infrastructure, applications, and data flows
  • Commission, manage, and act on the results of penetration testing and vulnerability assessments across group systems
  • Work closely with IT and engineering teams to remediate findings and embed security improvements into the development lifecycle
  • Maintain awareness of the threat landscape and translate it into relevant, actionable guidance for the organisation

CISO & DPO Responsibilities

  • Act as the group’s effective Chief Information Security Officer (CISO) and Data Protection Officer (DPO)
  • Ensure ongoing compliance with GDPR, UK Data Protection Act, and relevant financial services security obligations
  • Liaise closely with the Legal department on data protection matters, contracts, and regulatory enquiries
  • Manage data subject rights requests, breach notifications, and regulatory correspondence as required

Client & Commercial Security

  • Lead responses to client security questionnaires and due diligence requests, representing the group’s security posture clearly and accurately
  • Support commercial and client relationship teams with security assurance materials and briefings
  • Build and maintain trust with enterprise clients through transparency, responsiveness, and credible security governance

Incident Response

  • Own the group’s incident response plan and ensure it is tested, maintained, and ready to activate
  • Lead or co‑ordinate the response to security incidents, acting as the central point of communication to leadership and relevant stakeholders
  • Conduct post‑incident reviews and drive learning back into policies and controls

Risk & Governance Reporting

  • Report regularly to the board Risk Committee on the current security posture, identified risks, and the programme of work to address them
  • Produce clear, executive‑level communications that give the board a genuine understanding of risk — not just a status update
  • Maintain a risk register for information security and data protection across the group

Essentials Requirements

  • Demonstrable experience in an information security leadership role — either as a CISO, Head of Security, or senior security engineer who has operated at this level
  • Strong technical foundation: you understand how modern systems, cloud infrastructure, and web applications actually work, and why specific security controls are implemented
  • Experience commissioning and interpreting penetration test results and driving remediation programmes
  • Experience acting as or supporting a DPO function under GDPR / UK data protection law
  • Proven ability to respond to client security questionnaires and manage security due diligence processes
  • Comfortable owning the board relationship for security — able to communicate risk clearly to a non‑technical audience without dumbing it down
  • Experience with incident response — not just the theory, but having been in the room when something went wrong
  • Knowledge of common security frameworks and standards (e.g. NCSC Cyber Essentials, ISO 27001, NIST, SOC 2)

Highly Desirable

  • ISO 27001 Lead Implementer or Lead Auditor certification, or hands‑on experience leading an ISO 27001 certification programme
  • Experience in a regulated sector — financial services experience or working with FCA‑regulated businesses is a strong plus
  • Relevant certifications: CISSP, CISM, CEH, OSCP, or similar
  • Experience managing a security function within a technology product company rather than a traditional IT environment

How you work

  • Pragmatic over theoretical: you make risk‑based decisions rather than applying controls mechanically
  • Technically curious: you keep up with the threat landscape because you find it interesting, not just because you have to
  • Clear communicator: able to adjust your register from board‑level risk conversation to deep‑dive with an engineer
  • Autonomous: you are comfortable setting your own direction and do not need to be told what to look at next
  • AI‑literate: you actively use AI tools in your own work and have views on how they change both the security landscape and the way security practitioners should operate

What You’ll Join

Fintel Group is at an inflection point, growing its technology capability, modernising its data infrastructure, and investing seriously in engineering culture. Security is not an afterthought here: we already have Cyber Essentials Plus and active MDR capabilities through Rapid7. This role exists because we want to go further, faster, with someone who has genuine ownership and the authority to drive it. You will work alongside a CTO who thinks in systems, values technical depth, and will support you in building the programme properly. You will have the ear of the board and the trust of the IT and engineering teams. The role is new in its current form, so you will have the opportunity to shape it.

Location

We have offices from north to south of UK, but our new London office near Farringdon would be the ideal hub to collaborate with the team. This role is open to be hybrid based in London office 3 days/week or fully remote for the right candidate.

Right to Work

Applicants must already hold a legal right to work in the UK without time restrictions and without the need for future sponsorship. We are unable to provide Skilled Worker visa sponsorship.

Equal Opportunity

Fintel plc and all the businesses within it adopt a zero‑tolerance approach to discrimination on any of the protected grounds in the Equality Act 2010.

We are committed to providing equal opportunities to all current and prospective employees regardless of age, disability, sex, sexual orientation, pregnancy and maternity, race or ethnicity, religion or belief, gender identity, or marriage and civil partnership.

We aspire to have a diverse workforce because, in our view, diversity enables better business outcomes. We also believe that a more inclusive workplace, where people of different backgrounds work together, ensures better outcomes for all staff. From application to interview, we place inclusion at the heart of all we do.

#J-18808-Ljbffr…

Posted: April 21st, 2026
Popular Searches
Jobs by Sector
Jobs by Location

Admin jobs | Airport jobs | Amazon Driver jobs | Amazon Warehouse Operative jobs | Apprentice Electrician jobs | Apprenticeship jobs | Bricklaying jobs | Business Analyst jobs | Business Development Manager jobs | Care Assistant jobs | Care Home jobs | Caregiver jobs | Civil Service jobs | Class 1 Driver jobs | Cleaner jobs | Cleaning jobs | Council jobs | Cyber Security jobs | Data Analyst jobs | Data Entry jobs | Data Scientist jobs | Delivery Driver jobs | Digital Marketing jobs | Driver jobs | Driving jobs | Electrician jobs | Graphic Designer jobs | Healthcare Assistant jobs | HGV Class 2 Driver jobs | HGV Driver jobs | HGV jobs | HGVClass 1 Driver jobs | Hospital jobs | Housing jobs | Immediate Start jobs | It Consultant jobs | It Support jobs | Jobs for 16 Year Olds | Joiner jobs | Labourer jobs | Management jobs | NHS jobs | Night Shift jobs | Offshore jobs | Online jobs | Paralegal jobs | Personal Assistant jobs | Project Manager jobs | Receptionist jobs | Sales Assistant jobs | Scrum Master jobs | Security Guard jobs | Security jobs | Security Officer jobs | SEO jobs | Support Worker jobs | Teaching Assistant jobs | Van Driver jobs | Warehouse jobs | Warehouse Operative jobs | Web Designer jobs | Weekend jobs | Work From Home jobs

Accountancy jobs | Administration jobs | Advertising jobs | Aerospace jobs | Apprenticeships jobs | Automotive jobs | Banking jobs | Call Centre jobs | Catering jobs | Charity jobs | Construction jobs | Creative jobs | Customer Service jobs | Digital jobs | Education jobs | Engineering jobs | Finance jobs | FMCG jobs | Graduate jobs | Healthcare jobs | Hospitality jobs | HR jobs | Insurance jobs | IT jobs | Legal jobs | Leisure jobs | Logistics jobs | Management Consultancy jobs | Manufacturing jobs | Marketing jobs | Media jobs | Nursing jobs | Oil and Gas jobs | PA jobs | Part time jobs | Pharmaceutical jobs | PR jobs | Property jobs | Public Sector jobs | Recruitment Sales jobs | Renewable Energy jobs | Retail jobs | Sales jobs | Science jobs | Secretarial jobs | Senior Appointments jobs | Social Work jobs | Teaching jobs | Telecoms jobs | Temporary jobs | Tourism jobs | Transport jobs | Travel jobs | Utilities jobs | Wholesale jobs

Jobs in Aberdeen | Jobs in Belfast | Jobs in Birmingham | Jobs in Bolton | Jobs in Bournemouth | Jobs in Bradford | Jobs in Bristol | Jobs in Cambridge | Jobs in Cardiff | Jobs in Cornwall | Jobs in Coventry | Jobs in Derby | Jobs in Devon | Jobs in Doncaster | Jobs in Dundee | Jobs in East Anglia | Jobs in East Midlands | Jobs in Edinburgh | Jobs in Essex | Jobs in Exeter | Jobs in Glasgow | Jobs in Hull | Jobs in Inverness | Jobs in Ipswich | Jobs in Isle Of Wight | Jobs in Kent | Jobs in Leeds | Jobs in Leicester | Jobs in Liverpool | Jobs in London | Jobs in Luton | Jobs in Manchester | Jobs in Middlesbrough | Jobs in Milton Keynes | Jobs in Newcastle Upon Tyne | Jobs in Newport, Gwent | Jobs in North East | Jobs in North West | Jobs in Northampton | Jobs in Northern Ireland | Jobs in Norwich | Jobs in Nottingham | Jobs in Peterborough | Jobs in Plymouth | Jobs in Reading | Jobs in Scotland | Jobs in Sheffield | Jobs in South East | Jobs in South West | Jobs in Southampton | Jobs in Stoke On Trent | Jobs in Sunderland | Jobs in Surrey | Jobs in Swansea | Jobs in Swindon | Jobs in Telford | Jobs in Wales | Jobs in Wolverhampton | Jobs in Wrexham | Jobs in York | Jobs in Yorkshire

Latest Job Pages: