Chief Information Security Officer (CISO)

The Chief Information Security Officer will lead the company’s global information security strategy and ensure the protection of systems, data, and infrastructure. This role oversees security governance, risk management, compliance, and incident readiness, while working closely with engineering, product, legal, MIS and other teams to embed security across the organisation and support customer trust and business growth.

Key Responsibilities

• Develop and maintain the company’s information security strategy, policies, and long-term roadmap. Both for production environments and for internal business by overseeing security of enterprise systems
• Lead security risk assessments, mitigation planning, and ongoing security monitoring
• Lead incident response planning, preparedness, and execution
• Manage security governance, including controls, documentation, and audit readiness
• Ensure compliance with relevant standards and regulations such as SOC 2, ISO 27001, GDPR, and emerging AI frameworks
• Direct security architecture reviews and support secure development practices across product and engineering teams
• Ensure security is integrated into engineering culture and delivery without hindering velocity, while aligning platform security with engineering practices and production resiliency requirements
• Oversee vendor security, penetration testing, and third-party risk management
• Serve as the primary security contact for customers, partners, auditors, and regulators, and own the security aspects of the company’s products, in alignment with business and customers’ needs
• Provide regular updates to executive leadership on security posture, risks, and priorities
  
  

• Extensive experience in information security leadership, including prior ownership of a security program at scale at SaaS companies
• Strong understanding of security frameworks, cloud security, risk management, and secure software development
• Expertise in security governance, threat modeling, and compliance frameworks (SOC 2, ISO 27001, GDPR, and emerging AI regulations)
• Proven ability to manage incidents, lead cross-functional teams, and implement organisation-wide security practices
• Effective communicator with experience supporting enterprise customers and executive stakeholders
• Proven ability to represent the company’s security posture to enterprise customers, partners, auditors, and regulators
• Relevant certifications (CISSP, CISM, or equivalent) preferred
• Experience as CISO in a publicly traded company or IPO planning is preferred