Information Security Lead

Information Security Lead - create the security strategy for a SaaS startup - £60,000 - £75,000 + 10% Bonus

A dynamic and rapidly expanding technology company focused on revolutionizing learning and upskilling is seeking its first dedicated Information Security Lead. This is a crucial role for a fast-growing SaaS platform that empowers individuals to learn what they need, when they need it, and is already trusted by major organizations.

This is an exciting opportunity for an experienced Information Security professional to be the subject matter expert and build the security function from the ground up. You will take ownership of identifying, assessing, and mitigating information security risks across the business, as well as establishing and maintaining robust security processes and controls to support commercial, engineering, and product teams.

The ideal Information Security Lead will be responsible for:

• Owning and leading the information security function, working collaboratively across all departments.
• Maintaining and evolving ISO 27001 certification and managing the Information Security Management System (ISMS) lifecycle.
• Performing regular risk assessments, developing and managing remediation plans, and conducting internal security audits.
• Ensuring compliance with data protection laws (e.g., GDPR) and addressing customer security requirements throughout the sales process.
• Developing, implementing, and managing information security policies, standards, and procedures.
• Delivering internal security awareness training and onboarding programs.
• Collaborating with engineering and DevOps teams to implement security controls across cloud infrastructure (ideally AWS), including access control, encryption, and logging.
• Leading the incident response process and managing third-party penetration testing and vulnerability management activities.

The ideal Information Security Lead will have experience with the following:

• 3-5 years of hands-on experience in an information security or IT risk/compliance role.
• Proven experience working within a SaaS company or a fast-paced startup/scale-up environment.
• Strong working knowledge of ISO 27001 and practical experience maintaining or achieving certification.
• A solid understanding of cloud environments (AWS preferred) and common security risks associated with SaaS platforms.
• Hands-on knowledge of security tooling, including endpoint protection, SIEMs, DLP, identity and access management (IAM), and SSO.
• A clear understanding of data privacy laws, particularly GDPR.
• Familiarity with a range of security tools for endpoint protection, SSO/IAM, monitoring/logging, and vulnerability scanning.
• Demonstrable experience with risk assessments, incident response planning, and the creation of security policies.
• Excellent communication skills with the ability to articulate security concepts to both technical and non-technical audiences.

This is a unique opportunity to be the foundational Information Security leader within a well-funded and rapidly growing learning technology company with a clear mission to disrupt the way people learn. If you are a proactive and knowledgeable security professional ready to build and lead the security posture of an innovative SaaS platform, we encourage you to apply!

Information Security Lead - £60,000 - £75,000 + 10% Bonus

Burns Sheehan Ltd will consider applications based only on skills and ability and will not discriminate on any grounds.