×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Head of information security risk

Job in City of Edinburgh, Edinburgh, City of Edinburgh Area, EH1, Scotland, UK
Listing for: Seccl Technology Limited
Full Time position
Listed on 2026-02-19
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 110000 - 130000 GBP Yearly GBP 110000.00 130000.00 YEAR
Job Description & How to Apply Below
Location: City of Edinburgh

Hybrid role to be based in our Edinburgh or London office.

About us

Seccl is the Octopus-owned embedded investment platform that’s on a mission to helping more people to invest – and invest well.

We’re B-Corp certified with an amazing product-market fit, impressive early traction and the potential to transform an outdated industry, for the better. We've been growing fast and will scale even faster over the next few years.

We’re also proud to be part of Octopus, the £multi billion group that's on a mission to breathe new life into broken industries, through companies like Octopus Energy, Octopus Investments and Octopus Money.

Check out the Seccl website for the latest on our products and our mission to shape the future of investments.

The role

Reporting into the Chief risk officer (CRO), the head of information security risk role is responsible for the day to day management and continual improvement of the information security management system (ISMS). You will be responsible for designing, implementing, and monitoring Seccl’s Information Security Management System (ISMS). You will also provide second line oversight of all security activities at Seccl.

On a typical day you will be…
  • Shaping and driving our information security strategy alongside the CRO and executive team, ensuring security enables - not slows - our growth.
  • Partnering with Risk to define and embed our security risk appetite, making smart, commercially aware decisions in a fast-moving environment.
  • Evolving and strengthening our ISMS, continuously improving policies, controls and processes as we scale.
  • Owning oversight of third‑party security reviews and customer due diligence, helping us move quickly while maintaining high standards.
  • Turning security metrics and risk insights into clear, actionable reporting for senior leadership and governance forums.
  • Leading internal audits and control effectiveness reviews, including ISO 27001/27002 controls, with a focus on pragmatism and continuous improvement.
  • Driving resilience across the business — from business continuity and disaster recovery testing to hands‑on incident oversight and lessons learned.
  • Acting as our Data Protection Officer, championing GDPR compliance, advising on DPIAs and confidently engaging with regulators and data subjects when needed.
This role’s for you if…
  • You hold current CISSP certification.
  • You bring significant experience leading Information/Cyber Security in a regulated environment.
  • You’ve operated within ICO‑regulated environments and understand the practical realities of GDPR compliance.
  • You have strong working knowledge of risk methodologies, security frameworks and industry standards.
  • You’re comfortable with modern cloud technologies and understand the security considerations that come with them.
  • You’re a certified ISO 27001 Lead Auditor and/or Implementer, with hands‑on experience applying the standard in practice.
  • You have a solid technical foundation in IT or security, allowing you to engage credibly across engineering and leadership teams.
This role isn’t for you if…
  • You rely on a lot of top‑down direction. Here, you’ll have a lot of freedom and ownership of your role, and you’ll be expected to shape your own progression.
  • You’re not comfortable working in a fast‑paced environment. Our speed and scalability are what set us apart; you need to be able to act quickly and think on your feet.
  • You struggle to follow through on ideas. We value people who do what they say they will. If you care about something, you have the freedom here to make it happen.
  • You don’t like change. You’ll get on great here if you relish the ambiguity of rapid growth and are willing to embrace uncertainty.
What’s in it for you…

We offer a generous mix of benefits for the things that really matter to our people, including:

💰 A salary between £110,000 and £130,000 – dependant on experience + reviewed annually

🌴 27 days holiday + bank holidays (some can be flexible) + day off on your birthday + three days (full time) per year for Dependant leave

💙 Two volunteering days per year

🌎 Option to work abroad for up to six weeks a year

🌟 Secclbrate - our recognition programme that offers a mix of flexible rewards…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search