Overview

We are seeking a Senior Information Security Officer to lead our global security programme. This is a hands-on leadership role responsible for building, scaling, and maturing a robust, audit-ready security function. You will define our 3-year strategy and oversee implementation across infrastructure, applications, risk, compliance, and operations, ensuring Fourth continues to meet the highest standards of trust, resilience, and regulatory excellence.

You will report directly to the CFO and partner with executive stakeholders, product, engineering, legal, IT, compliance, and customer teams. Your work will directly impact our ability to grow securely in complex, regulated environments such as SaaS, fintech, and global data services.

Responsibilities

• Security Strategy & Leadership: Define and execute a long-term security roadmap aligned with business goals. Advise executive leadership and the board on risk posture, threats, and programme maturity.


• Risk, Compliance & Governance: Own security policies, risk registers, and internal controls. Ensure ongoing compliance with global standards (SOC 1/2, ISO 27001, GDPR, HIPAA, CCPA). Lead external audits and client assessments.


• Cloud & Infrastructure Security: Oversee security across Azure-based SaaS environments. Ensure secure architecture, access control, and vendor security.


• Application & DevSecOps: Embed security into CI/CD pipelines and development lifecycles. Promote secure coding, threat modelling, and secure-by-default practices.


• Security Operations & Incident Response: Lead detection, response, and recovery activities. Manage vulnerability remediation, threat intelligence, and crisis response, including simulations and playbooks.


• Customer Trust & Stakeholder Engagement: Represent the business in client security reviews, RFPs, and external audits. Align security with commercial objectives and customer expectations.


• Team, Culture & Awareness: Build a strong security culture across the company. Lead awareness campaigns, mentor security team members, and manage external partners.

Key Skills and Competencies

• 8+ years in information security with 3+ years in a senior leadership role.


• Proven success building and operating security programmes in Azure and SaaS businesses with agile environments.


• Hands-on familiarity with threat modelling, vulnerability management, and detection/response tools.


• Strong knowledge of ISO 27001, SOC 2, GDPR, HIPAA, CCPA, and related frameworks.


• Skilled in executive communication and cross-functional collaboration.

Preferred Experience and/or Qualifications

• Experience in regulated industries (fintech, healthcare, education, etc.).


• Familiarity with SSDLC, privacy frameworks, cryptography, and AI/ML security.


• Certifications: CISSP, CISM, CISA, CCSP, ISO 27001 Lead Implementer, or equivalent.


• Experience leading security culture change, board-level exercises, and external audits.

Benefits

Holidays. We all need to rest so you get 25 basic holidays with the option to grow up to 30 with service + your birthday off + bank holidays!

Flexible working! Use our flexible working hours and hybrid working environments to manage it.

Wellness activities and a lot of pampering included. On top of that, you can add gym subscription discounts.

Laptop and equipment.

Like in life, at work we also want you to grow with certifications.

Cycle to work scheme and season ticket loan provided.

Pension and life insurance? Several, for you to choose what looks convenient.

On demand pay tools for you to be able to access salary even before the end of the month!

All personal data provided by you in your application will be processed by Fourth LTD solely for our recruitment purposes. More information on Fourth LTD's privacy policy for job candidates is availablehere and by applying you confirm that you have read it.

Fourth is an Equal Opportunity Employer

All qualified applicants will receive consideration without discrimination because of sex, gender identity, gender expression, sexual orientation, marital status, race, colour, age, national origin, military status, religion, or disability or any other legally protected status.

Seniority level

• Not Applicable

Employment type

• Full-time

Job function

• Information Technology

Industries

• Software Development