×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Information Security Officer

Job in Glasgow, Glasgow City Area, G1, Scotland, UK
Listing for: Form3 - External
Full Time position
Listed on 2026-02-16
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

THE ROLE

As an Information Security Officer at Form3, you'll play a pivotal role in strengthening and evolving our information security governance, risk, and compliance practices. Working within the Information Security team, you'll help ensure that Form3 continues to operate securely and maintain the trust of our customers and partners.

You'll work closely with teams across the organisation, from Engineering and Product to Legal and Risk teams, to embed security into business and technology decisions. This is a hands‑on role that combines strategic oversight with practical execution, ensuring our controls, frameworks, and awareness initiatives remain industry leading as we scale globally.

What you'll do
  • Apply expert knowledge of security frameworks and controls such as NIST, ISO
    22301, ISO
    27001, ISO
    27017/18, ISAE
    3000/SOC2, and GDPR to support security governance.
  • Support the development, maintenance, and continual improvement of the ISMS and BCMS.
  • Assist in drafting and maintaining Information Security Policies and ensure alignment with business and customer requirements.
  • Contribute to the planning and execution of external audits, engaging directly with auditors and customers.
  • Monitor and report on adherence to security controls across all areas of the business via risk assessments and internal audits.
  • Assess and support the remediation of information security risks, non‑conformities, and issues across systems and services.
  • Support vulnerability management processes, from triage and tracking to remediation reporting, in partnership with Offensive Security and Engineering teams.
  • Conduct vendor and third‑party security assessments, ensuring suppliers meet Form3's security and compliance requirements.
  • Partner with the Defensive Engineering team to ensure security requirements are built into product developments.
  • Deliver and enhance security awareness and training initiatives to promote a strong security culture across Form
    3.
  • Collaborate with the Security Operations team to maintain situational awareness of emerging threats and vulnerabilities, ensuring timely escalation and risk‑based response.
WE'RE LOOKING FOR

Form3's Information Security Governance, Risk and Compliance (GRC) team plays a critical role in protecting the organisation, so we're looking for someone who is analytical, collaborative, and passionate about driving security excellence. You'll thrive on solving complex problems, balancing deep technical knowledge with strong governance principles, and finding ways to make security scalable across a fast‑moving, cloud‑native business.

Essential
  • 5+ years' experience in Information Security, ideally within a fast‑paced technology or financial services industry.
  • Strong working knowledge of frameworks such as ISO
    27001, ISO
    22301, SOC 1, SOC 2, NIST, and GDPR.
  • Proven experience developing, implementing, and improving information security policies, standards, and controls aligned to recognised frameworks.
  • Hands‑on experience conducting audits, risk assessments, and business impact analyses.
  • Hands‑on experience with vulnerability management within a complex and dynamic cloud environment
  • Broad understanding of cloud security
  • Excellent communication and stakeholder engagement skills, with the confidence to influence at all levels of the organisation.
  • Analytical mindset with a focus on continual improvement and measurable outcomes.
Desirable
  • Security‑related qualifications such as CISSP, CISM, CISA, or ISO
    27001 Lead Implementer/Auditor.
  • Experience leading certification and attestation programmes such as ISO
    27001, ISO
    22301 or SOC 2
  • Experience operating in regulated or high‑availability environments such as financial services, payments, or critical infrastructure.
  • Familiarity with GRC tooling and automation to streamline compliance, risk, and control management activities.
THE TEAM

This role sits within Form3's Information Security Governance, Risk and Compliance (GRC) team and reports directly to the Head of GRC. As part of a highly collaborative security function, you'll play a key role in shaping how Form3 manages information security risk, compliance, and assurance across all areas of the business.

The GRC team underpins…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search