OverviewSenior Information Security Officer (SISO) to lead our global security programme. This hands-on leadership role is responsible for building, scaling, and maturing a robust, audit-ready security function. You will define our 3-year security strategy and oversee implementation across infrastructure, applications, risk, compliance, and operations to ensure Fourth meets the highest standards of trust, resilience, and regulatory excellence. You will report directly to the CFO and partner with executive, product, engineering, legal, IT, compliance, and customer teams. Your work will directly impact our ability to grow securely in regulated environments such as SaaS, fintech, and global data services.

Primary Responsibilities

Security Strategy and Leadership

Define and execute a long-term security roadmap aligned with business goals. Advise executive leadership and the board on risk posture, threats, and programme maturity.

Risk, Compliance and Governance

Own security policies, risk registers, and internal controls. Ensure ongoing compliance with global standards (SOC 1/2, ISO 27001, GDPR, HIPAA, CCPA). Lead external audits and client assessments.

Cloud and Infrastructure Security

Oversee security across Azure-based SaaS environments. Ensure secure architecture, access control, and vendor security.

Application and DevSecOps

Embed security into CI/CD pipelines and development lifecycles. Promote secure coding, threat modelling, and secure-by-default practices.

Security Operations and Incident Response

Lead detection, response, and recovery activities. Manage vulnerability remediation, threat intelligence, and crisis response, including simulations and playbooks.

Customer Trust and Stakeholder Engagement

Represent the business in client security reviews, RFPs, and external audits. Align security with commercial objectives and customer expectations.

Team, Culture and Awareness

Build a strong security culture across the company. Lead awareness campaigns, mentor security team members, and manage external partners.

Key Skills And Competencies

8+ years in information security with 3+ years in a senior leadership role.

Proven success building and operating security programmes in Azure and SaaS businesses with agile environments.

Hands-on familiarity with threat modelling, vulnerability management, and detection/response tools.

Strong knowledge of ISO 27001, SOC 2, GDPR, HIPAA, CCPA, and related frameworks.

Skilled in executive communication and cross-functional collaboration.

Preferred Experience And/or Qualifications

Experience in regulated industries (fintech, healthcare, education, etc.).

Familiarity with SSDLC, privacy frameworks, cryptography, and AI/ML security.

Certifications: CISSP, CISM, CISA, CCSP, ISO 27001 Lead Implementer, or equivalent.

Experience leading security culture change, board-level exercises, and external audits.

Benefits

Holidays: 25 basic holidays, with option to grow to 30, plus your birthday off and bank holidays.

Flexible working: Flexible hours and hybrid working environments.

Wellness: Wellness activities and gym subscription discounts.

Laptop and equipment provided.

Healthcare expense claim tools.

Certification support for professional growth.

Annual meet-ups.

Enhanced parenting scheme.

Cycle to work scheme and season ticket loan.

Pension and life insurance options.

On-demand pay tools to access salary earlier.

Equal OpportunityFourth is an Equal Opportunity Employer. All qualified applicants will receive consideration without discrimination because of sex, gender identity, gender expression, sexual orientation, marital status, race, colour, age, national origin, military status, religion, disability, or any other legally protected status.

Details

Seniority level: Executive

Employment type: Full-time

Job function: Information Technology

Industries: IT Services and IT Consulting

#J-18808-Ljbffr