Global Head of Information Security £150,000 - £160,000
Global remit | B2B SaaS | FinTech
LT Harper is representing a growing SaaS business in the financial services technology market. The company works with major financial institutions globally, providing a platform that automates complex operational processes, improves data integrity, strengthens governance, and reduces risk.
They are looking for a Global Head of Information Security to lead security, GRC, and IT Operations across an international business.
This is a broad leadership role for someone who can set strategy, own delivery, and remain close enough to the detail to make pragmatic decisions. You will work with senior leadership, technical teams, client-facing stakeholders, and enterprise customers.
The role
You will take ownership of the company’s global security posture, including:
* Defining and delivering the information security strategy
* Leading security architecture, threat modelling, vulnerability management, and incident response
* Owning the GRC function, including ISO 27001, SOC 1, SOC 2, ISMS, risk management, audit readiness, and client assurance
* Building scalable security controls for a regulated, enterprise client base
* Managing third-party risk and vendor assurance
* Overseeing IT Operations, including tooling, infrastructure, support, and operational standards
* Supporting client assurance conversations with global financial services customers
* Advising the business on security, privacy, compliance, and risk
* Leading and developing a small team across InfoSec, GRC, and IT Ops
What they are looking for
The ideal candidate will have:
* 8+ years’ experience in information security
* 3+ years in a senior security leadership role
* Hands-on ownership of ISO 27001, SOC 1, and SOC 2 programmes
* Strong GRC experience, including ISMS, policies, risk registers, controls, and audits
* Experience managing security incidents from start to finish
* Strong cloud security knowledge, ideally AWS
* Experience in B2B SaaS, fintech, financial services technology, or another regulated environment
* Experience building or managing third-party risk programmes
* Confidence working with boards, senior stakeholders, enterprise clients, and technical teams
* Strong written communication skills, with the ability to explain complex security topics clearly
* Experience leading a small, high-performing team
Useful experience
* DLP, SIEM, SOC, or advanced threat detection
* CISSP, CISM, ISO 27001 Lead Implementer, or similar certifications
* Capital markets, asset management, securities services, or wider financial services experience
* Exposure to AI governance or security considerations around agentic AI systems