Chief Information Security Officer

Sortitt
London
GBP 150,000 - 200,000
Job description

Position Title: Chief Information Security Officer

Location: UK (Hybrid)

Company: Client

About Us: Welcome to Sortitt, the revolutionary marketplace that's reshaping the future of resource acquisition. As a dynamic platform, Sortitt connects businesses with top-tier resources across the globe, transcending traditional constraints. Our cutting-edge approach delivers tailored solutions that precisely match client demands, creating opportunities for professionals seeking remote engagements. At Sortitt, resources are available on demand, and clients are empowered with diverse choices to ensure the best talent with matching skills. Join us in revolutionizing talent sourcing-where innovation, flexibility, and growth converge to redefine success in the modern workforce.

Job Summary: We are seeking a highly skilled Chief Information Security Officer (CISO) for a startup digital bank to develop and implement a comprehensive information security strategy that aligns with the business goals. The CISO will ensure compliance with UK regulatory standards, including those set by the FCA, PRA, and GDPR. Incumbent will also lead efforts to manage cybersecurity risks, protect sensitive data, and strengthen the resilience of financial services. Our aim is to find a candidate who can drive both security and compliance while supporting innovation.

Responsibilities:

  • Develop and implement a security strategy that ensures compliance with UK financial regulatory frameworks, including FCA, PRA, GDPR, and the UK Data Protection Act 2018.
  • Ensure the institution meets cybersecurity requirements outlined by the National Cyber Security Centre (NCSC) and implements Cyber Essentials standards.
  • Lead communication and reporting to regulatory authorities, ensuring alignment with Senior Managers and Certification Regime (SMCR) requirements and other UK-specific compliance obligations.
  • Perform regular reviews to ensure compliance with FCA and PRA rules on data protection, cybersecurity, and operational resilience.
  • Lead the development of policies that adhere to UK Cybersecurity Standards (Cyber Essentials, ISO/IEC 27001, PCI-DSS) and other international frameworks.
  • Ensure GDPR compliance, including managing data privacy risks and overseeing data subject access requests (DSARs).
  • Oversee the cybersecurity operations specific to UK financial institutions, including managing risks related to Open Banking, FinTech platforms, and other digital banking solutions.
  • Lead the institution's incident response and crisis management efforts, ensuring compliance with regulatory reporting to the FCA and PRA for significant cyber incidents.
  • Manage risks associated with outsourcing and cloud-based services, ensuring third-party vendors comply with UK financial regulations.
  • Lead due diligence efforts for vendors and external partners in alignment with UK regulatory requirements.
  • Lead security awareness programs across the institution, ensuring all employees understand their responsibilities under UK law, especially GDPR and financial security regulations.
  • Stay informed on UK financial sector-specific cybersecurity trends, such as threats posed by Open Banking, digital currencies, and blockchain technologies.
  • Collaborate with UK financial technology providers to secure new digital services, including mobile banking and online payments.

Requirements:
  • Bachelor's degree in Information Technology, Cybersecurity, or related field (Master's degree preferred).
  • Relevant certifications such as CISSP, CISM, CISA, or Cyber Essentials (a UK-specific cybersecurity certification).
  • 7+ years in information security or leadership roles within a UK financial institution.
  • Strong knowledge of UK financial sector regulations (FCA, PRA) and data protection laws (GDPR, DPA 2018).
  • Deep knowledge of UK cybersecurity standards, including NCSC guidelines, Cyber Essentials, ISO/IEC 27001 and PCI-DSS.
  • Experience with GDPR compliance, data privacy laws, and UK-specific cloud security risks.
  • Ability to manage relationships with UK regulatory bodies and present security initiatives to senior leadership and the board.

Benefits:
  • Competitive compensation with opportunities for growth and advancement.
  • Health benefits package, including medical.
  • Exposure to a dynamic and innovative work environment.
  • Collaborative and team-oriented work culture.

Equal Opportunity Employer:

Sortitt values diversity and inclusion in its workforce. We encourage candidates from all backgrounds and experiences to apply.
Get a free, confidential resume review.
Select file or drag and drop it
Avatar
Free online coaching
Improve your chances of getting that interview invitation!
Be the first to explore new Chief Information Security Officer jobs in London