Enable job alerts via email!
Information Security Lead
Formula Recruitment
London
On-site
GBP 70,000 - 90,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
A leading health tech startup in the UK is seeking an InfoSec Lead to oversee security, privacy, and compliance. This role involves defining security policies, leading audits, and ensuring compliance with health regulations. Ideal candidates will have over 5 years of experience in information security, particularly within regulated environments, and a strong understanding of ISO 27001 and cloud security principles.
Benefits
Qualifications
- 5+ years of experience in information security and compliance.
- Deep knowledge of ISO 27001 and UK GDPR.
Responsibilities
- Define and implement security and compliance policies.
- Lead the development toward ISO 27001 certification.
- Collaborate with stakeholders for security-related queries.
Skills
Tools
Job description
I’m hiring for a standout InfoSec Lead to join one of the UK’s most ambitious health tech startups. This is a company on a mission, combining clinical expertise with smart tech to shake up how people access mental health support.
They need someone sharp, hands-on, and forward-thinking to take charge of security, privacy, and compliance as they scale.
What You’ll Do
- Define and implement security and compliance policies and controls across infrastructure, applications, and internal systems.
- Lead the development and execution of the roadmap toward ISO 27001 certification and other key compliance frameworks.
- Collaborate with external stakeholders and customers to support security-related queries and onboarding.
- Drive internal audits and prepare documentation for external assessments.
- Work with engineering leadership to integrate security best practices into the SDLC, CI/CD, and cloud infrastructure.
- Guide secure architectural decisions and deployment processes.
- Maintain and evolve security training, policy documentation, and incident response plans.
- Monitor the regulatory landscape to ensure compliance with UK health data and AI-in-health tech regulations.
Your Experience
- 5+ years of experience in information security and compliance, ideally in regulated environments such as health tech.
- Deep knowledge of ISO 27001, UK GDPR, and industry best practices.
- Proven experience preparing for and leading ISO or similar audits.
- Solid understanding of AWS / Azure / GCP cloud security and web application security principles.
- Strong communication and documentation skills.
- Experience with tools like SIEM, CSPM, vulnerability scanners, and monitoring platforms.
Nice to Have
- Experience working in or with UK healthcare organisations (e.g., NHS or private providers).
- CISSP, CISM, or ISO 27001 Lead Implementer.
- Exposure to agile environments or health tech startups.
- Private medical insurance
- 25 days annual leave + 3 "breather" days
Please enter your email address to continue setting up an email alert for similar jobs to this one. By entering your email address and clicking apply you will sign up to Jobs4 and agree to our terms and conditions .
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Similar jobs
API / Web Application Security Specialist | Remote Contract
JR United Kingdom
London
Remote
GBP 60,000 - 80,000
job faster
