An Embedded Finance company based in Central London are seeking an exceptional Head of Cyber Security that will lead the implementation of the company’s InfoSec and Cloud Engineering improvement initiatives.
Responsibilities
Act as the day-to-day lead for the Security Incident Response Team, managing all stages of incident containment and resolution.
Lead the DevSecOps team and work closely with the CISO, CTO, and other key tech leaders
Develop the skills of the DevSecOps team and foster a security-focused culture across the Railsr Engineering division.
Build and maintain security tools, including those supporting secure code releases within Security CI/CD pipelines.
Manage penetration testing, review findings, and ensure issues are resolved by the appropriate teams, including DevSecOps
Establish KPIs and KRIs for continuous improvement, providing visibility into security risks, remediation plans, and DevSecOps initiatives.
Shape the architecture, roadmap and technological direction for security as a technical lead
Oversee timely application of software, hardware updates, and manage vulnerability monitoring and remediation
Skills & Experience
Experience with Identity & Access Management / OAuth
Strong networking knowledge
Strong understanding of cloud-native approaches (security groups, AWS principles)
Familiarity with financial regulatory requirements and industry standards like ISO 27001, SOC 2, or NIST CSF
Strong communication skills with the ability to explain complex technical issues to non-technical stakeholdersStrong knowledge of securing containers (Docker/Kubernetes)