Head of Information Security
Fintech / Payments / EMI
London Hybrid / UK Remote
We are partnering with a fast-growing fintech group operating across payments, banking technology and regulated financial services to hire a highly technical Head of Information Security.
This is not a traditional board-level or governance-heavy CISO role. The position is heavily focused on hands-on Security Engineering, Cloud Security, Infrastructure Security and operational security delivery within a modern cloud-native fintech environment.
The role would suit a highly technical Security Engineering Lead, Security Architect, Platform Security Lead or senior hands-on security professional looking to step into a broader leadership position within a scaling fintech environment.
The business is looking for someone who can work closely with engineering, infrastructure and product teams while remaining heavily involved in the practical implementation of security controls, Security Architecture and operational security improvements across a modern cloud-native fintech platform.
The group includes an FCA-regulated EMI, private banking operations and a software development company building core banking and payments technology used within regulated financial environments.
The role will focus heavily on Security Engineering, DevSecOps, Cloud Security, Platform Security, Infrastructure Security and Application Security across multiple businesses within the group. You will work closely with software engineers, architects, DevOps teams and third-party providers to strengthen security posture across both internal systems and customer-facing platforms.
A large part of the role will involve securing GCP environments alongside AWS infrastructure, implementing Cloud Security architecture, IAM/PAM controls, vulnerability management, monitoring, incident response and secure software development practices. You will also support CI/CD security, Kubernetes Security, container security, API security and broader operational security across endpoints, office environments and infrastructure.
This is a highly practical role where the successful candidate will help design, implement and improve security controls directly rather than operate purely at strategy or governance level.
This role would suit someone from a fintech, payments, EMI, regulated SaaS or cloud-native technology background who enjoys operating in highly technical environments and working closely with engineering teams to solve real-world security challenges.
Our client is looking for someone who:
Has strong hands-on Security Engineering and cybersecurity experience
Has deep practical knowledge of GCP Security and cloud-native infrastructure
Has experience securing modern fintech, payments or regulated SaaS environments
Can work closely with software engineers, DevOps and infrastructure teams
Understands DevSecOps, secure SDLC practices and modern Security Architecture
Has experience with CI/CD security, vulnerability management and incident response
Is comfortable implementing and improving security controls directly
Has strong knowledge of Cloud Security, Infrastructure Security, IAM/PAM, Kubernetes Security, API Security, SIEM/SOC, logging and monitoring
Has experience with Platform Security, Application Security and operational resilience
Has experience within fintech, payments, EMIs, banking or regulated SaaS environments
Nice to have:
EMI or payments experience
PCI-DSS / PSD2 familiarity
ISO 27001 or SOC 2 experience
Cloud security certifications
CISSP, CISM, CCSP or similar certifications
Why join?
Opportunity to shape security across multiple growing fintech and technology businesses
High-impact technical leadership role with significant ownership
Modern cloud-first engineering environment
Direct collaboration with engineering, product and leadership teams
Strong scope for progression as the security function grows