Title: Information Security Lead
Location: Birmingham, West Midlands
Salary: Up to £80, % Bonus
Working arrangements: Hybrid - 1/2 days on site
Harvey Nash is proud to partner with an exciting B2B SaaS scaleup, looking for their new Information Security Lead. The organisation is an exciting place to be with lots of innovation in the logistics space.
We are seeking a proactive and experienced Information Security Lead to establish and mature our security posture across the entire business. This is a critical role responsible for defining and implementing security strategies, policies, and practices that protect our systems, data, and customers. Reporting directly to the CPTO, you will work across the Product, Technology, and wider business teams to embed a security-first mindset, ensure compliance, and manage risk effectively, particularly as we onboard and serve large corporate clients.
What They are Looking for:
* Own and evolve the information security strategy, policies, and procedures.
* Lead risk assessments and manage our security risk register.
* Drive compliance initiatives including ISO 27001, GDPR, and client-specific standards.
* Oversee vulnerability management and coordinate penetration testing.
* Develop and execute incident response plans.
* Deliver engaging security awareness training across the business.
* Evaluate and manage third-party vendor security risks.
* Collaborate with engineering teams on monitoring and alerting systems.
* Stay ahead of emerging threats and industry trends.
* Support business continuity and disaster recovery planning.
* Be the go-to contact for security queries from corporate clients, prospects, and auditors.
What You'll bring:
* Strong knowledge of security frameworks (ISO 27001, NIST).
* Experience with GDPR and corporate client compliance requirements.
* Technical understanding of web app vulnerabilities and testing methodologies.
* Proven ability to develop and implement security policies and procedures.
* Skilled in risk assessment and stakeholder communication.
* Excellent interpersonal and influencing skills across all levels.
* Collaborative mindset with experience working across Engineering, IT, Legal, etc.
* Security certifications (CISSP, CISM, CompTIA Security+) are highly desirable.
* SaaS experience is a plus.
If this sounds like yourself or you would like to know more either apply directly or email me with an updated CV for a confidential chat around this exciting role and company -