Overview
Head of Cyber Security at PEXA UK, leading our Security Operations (SOC), Security Engineering, and Information Security and Governance functions across PEXA UK, Smoove, and Optima Legal. You will define and drive the security strategy, standards, and posture, collaborating with the UK CTO, Group CISO in Australia, and the PEXA UK leadership team. This is a senior leadership role to shape security strategy, governance, and protection of critical systems, data, and operations, and to embed secure-by-design principles while promoting security awareness across the organisation.
We’re growing fast and expanding our UK presence. This role partners with technology, legal, risk, and operations teams, as well as external partners, to ensure alignment and resilience, enabling cyber security as a trusted enabler for customers and colleagues.
Why join PEXA
PEXA is a recognised leader in modernising property settlements. We value growth, wellness, work/life balance, and a culture of security and innovation. This role offers the opportunity to lead security in a multi-brand UK context and to work with global teams and external partners.
Key Responsibilities
Leadership and Strategy
* Define and deliver the UK cyber security strategy and roadmap aligned with business and group objectives
* Act as the senior security authority for PEXA UK, Smoove, and Optima Legal
* Partner with the Group CISO, UK CTO, and Risk functions to align frameworks and initiatives
* Lead and mentor a multi-disciplinary team across SOC, engineering, and information security
* Represent UK security priorities in leadership forums, lender assurance discussions, and governance reviews
Security Operations and Governance
* Oversee SOC operations ensuring timely threat detection, response, and resolution
* Continuously improve detection and response capabilities using Cortex XDR, Abnormal Security, Splunk, and Nucleus
* Manage vulnerability management end-to-end, from scanning and prioritisation to remediation tracking
* Coordinate with third-party partners to ensure effective service delivery
* Oversee secure configuration, endpoint management, and patch compliance across hybrid environments including Azure and AWS
* Own the UK information security framework and assurance programs including ISO 27001, FCA standards, SOC audits, and lender assurances
* Maintain and evolve security policies, standards, and control frameworks
* Lead audit preparation, evidence collection, and control testing for certifications and partner reviews
Collaboration and Culture
* Build strong partnerships across engineering, IT, legal, HR, and operations to embed security in everyday practices
* Provide input on vendor assessments and third-party risk management
* Promote a culture of security awareness through training, phishing simulations, and education programs
* Report on cyber risk, maturity, and incidents to senior leadership with transparency and continuous improvement
Key Skills
* Proven experience leading cyber security operations in a regulated or financial services environment (FCA exposure preferred)
* Strong understanding of security governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus)
* Experience with modern security tooling such as Cortex XDR/Palo Alto Networks, Splunk (SIEM and dashboarding), Abnormal Security (email security), Prisma Cloud (cloud security posture management), Airlock (application and API security), Nucleus (vulnerability management and reporting)
* Deep knowledge of incident response, threat hunting, and vulnerability management
* Excellent stakeholder management and communication skills — able to explain complex risks in simple terms
* Experience building and mentoring high-performing teams across technical and governance functions
* Confident working in partnership with global teams and external partners to deliver consistent, secure outcomes
Location notes: Oxfordshire, Maidenhead, Reading, High Wycombe, and other UK locations are listed in the job postings.
#J-18808-Ljbffr