×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Head of Information Security

Job in Greater London, London, Greater London, W1B, England, UK
Listing for: DUCO
Full Time position
Listed on 2026-06-18
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 100000 - 125000 GBP Yearly GBP 100000.00 125000.00 YEAR
Job Description & How to Apply Below
Location: Greater London

Requirements

  • Proven track record of strategic impact at company-wide and industry-wide
  • Recognised internally and externally as an Info Sec expert, with evidence of
  • Exceptional technical and people leadership
  • Establishes long-term security architecture aligned to business strategy and regulatory requirements; guides enterprise technology decisions including cloud strategy and zero trust
  • Anticipates emerging threats, leverages AI/ML for predictive security, and sets the technology vision
  • Deep understanding of the GRC landscape; implements appropriate controls and adapts as the environment shifts
  • Develops proven solutions and replicates them across teams; designs systems and frameworks built to last
  • Accountable and collaborative: works with clients and colleagues to resolve complex issues and views challenges as opportunities to improve
  • Owns execution of security, GRC, and IT Ops strategy; ensures frameworks are scalable, adaptable, and aligned to business strategy and executive-level risk expectations
  • Market knowledge
  • Deep understanding of the security and risk landscape across fintech and beyond; adapts market knowledge to continuously improve Duco's posture
  • Evaluates and integrates advanced security technologies and GRC best practices; knows when to buy, adapt, or build internally
  • Acts as a recognised industry leader: participates in regulatory advisory groups, defines Duco's position on Info Sec maturity, and anticipates regulatory shifts before they arrive
  • Scope and influence
  • Operates across all departments; builds sponsorship for strategic initiatives and drives them through
  • Leads all Info Sec, GRC, and IT Ops functions with cross-functional influence across product, engineering, and compliance
  • Recognised outside of Duco for technology excellence; participates in industry events and shapes the wider conversation on risk and threat
  • Influences executive peers, board decisions, and global regulatory compliance strategy
  • 8+ years of progressive experience in information security, with at least 3 years in a senior or leadership role
  • Hands‑on experience owning ISO 27001 and SOC 1 and SOC 2 programmes, not just supporting them
  • Demonstrated experience managing security incidents end-to-end, including client and regulatory communications
  • Strong understanding of cloud security, particularly AWS, including IAM, logging, and observability infrastructure
  • Experience operating in a B2B SaaS or fintech environment, with exposure to enterprise client security requirements
  • Track record of building and managing TPRM programmes at scale
  • Excellent stakeholder management skills; comfortable presenting to the board and to client security teams in equal measure
  • Ability to make pragmatic decisions based on company culture and risk appetite
  • Strong written communication skills: able to translate complex security topics into clear, plain-language communications for non-technical audiences
  • Experience leading and developing a small, high-performing team
  • Familiarity with AI governance and the security implications of agentic AI systems
What the job involves
  • We are looking for a Head of Information Security to own our end-to-end security posture, govern our risk and compliance programme, and lead our IT Operations function. This is a VP Level role with company-wide scope
  • With approximately 200 employees across London, New York, Wroclaw, Antwerp, and Singapore, we move fast, build with purpose, and hold ourselves to a high bar. As we scale, information security, governance, and IT operations sit at the heart of that ambition
  • Define security architecture standards and lead threat modelling across the organisation
  • Establish and maintain long-term security architecture aligned to business strategy and regulatory requirements
  • Guide technology decisions at an enterprise level, including cloud strategy and zero trust adoption
  • Oversee penetration testing, DLP, and advanced threat detection programmes
  • Own the vulnerability management programme
  • Implement enterprise frameworks including IAM, SIEM, and data classification
  • Anticipate emerging threats, leverage AI/ML for predictive security, and set the technology vision
  • Lead Security Incident Response Programme
  • Define…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search