Information Security Team Lead

🔒 Confidential Employer
Posted 28 April 2026
LOCATION
London
TYPE
Full-time
LEVEL
Mid-Senior level
SALARY
£140,000 / year
CATEGORY
Cyber Security
This employer holds a UK Home Office sponsor license — sponsorship for this specific role is at the employer’s discretion

SKILLS

AWS security architecture CI/CD Application security practices ISMS controls Stakeholder management Communication skills Cloud-native product company experience SSDLC v2.0 adoption

FULL DESCRIPTION

Information Security Team Lead

Company: [Employer hidden — view at passion-project.co.uk]

Location: London

Work Type: Hybrid

Job Type: Full-time

Experience Level: Mid-Senior level

Salary: £60,000 - £140,000 per year

About [Employer hidden]

[Employer hidden] is a blockchain analytics & crypto compliance platform with 101-200 employees, operating in the B2B, Cryptocurrency, Enterprise, Compliance, Analytics, Cyber Security, and Blockchain sectors.

Who you are

  • Proven experience leading security delivery in a cloud‑native product company
  • Strong understanding of AWS security architecture, modern CI/CD, and application security practices
  • Experience operationalising ISMS controls and preparing audit evidence for enterprise customers
  • Excellent stakeholder management and communication skills
  • Relevant certifications are a plus (e.g., CISSP, CCSP, AWS Security), but practical impact matters most

What the job involves

  • Lead the day‑to‑day operation and uplift of [Employer hidden]’s information and cyber security programme
  • Drive SSDLC v2.0 adoption, improve cloud and SaaS security posture, and ensure external audit and customer due diligence readiness. Partner with Engineering, Platform, Legal, Procurement and Customer teams to reduce risk while enabling delivery and revenue, including Enterprise Tier security features
  • Own delivery of the InfoSec roadmap and metrics. Translate strategy into quarterly plans with measurable outcomes
  • Establish gates, controls and reporting for SSDLC v2.0 across build and deploy pipelines
  • Lead CSPM/SSPM baselining and targeted burn‑down of misconfigurations and vulnerabilities
  • Maintain ISMS processes aligned to ISO 27001. Coordinate evidence for customer audits and external assurance (e.g., pen test, TPOs)
  • Chair or contribute to risk forums. Ensure timely remediation, risk acceptance and exception tracking
  • Partner with Platform to harden AWS (IAM, KMS, network segmentation, Security Hub, GuardDuty, logging)
  • Uplift endpoint, identity and access, vulnerability management, and logging across the estate
  • Provide day‑to‑day guidance to TISO, Analysts and cross‑functional contributors
  • Embed a pragmatic, developer‑friendly security culture through enablement, playbooks and training
  • Oversee vendor security due diligence with clear SLAs and evidence trails. Support data protection and BC/DR control owners

Success measures in the first 12 months

  • SSDLC v2.0 gates defined and enforced across critical services. Coverage reported monthly
  • 40% reduction in outstanding high/critical vulnerabilities and misconfigurations
  • Green audit outcomes for priority customers with evidence pack library established
  • Baseline CSPM/SSPM metrics in place with trend improvement quarter‑on‑quarter
  • Vendor DD process with SLAs and scorecards operating and measured

Salary Benchmarks

Security Engineer: Expert, Senior

£60k - £140k

Company Benefits

  • Share options
  • Health insurance
  • Hybrid Working
  • Individual training budget of USD 1,000 a year
  • Mental Health Support

Application Instructions

Apply via the 'Apply' button.

Sign up free — access 45,000+ UK sponsor-licensed jobs