Chief Information Security Officer

Summary

Join Ripjar as their Chief Information Security Officer (CISO) and lead their global security strategy. Develop and execute Ripjar's cyber risk strategy, ensuring alignment with international frameworks like ISO27001, SOC2, DORA, and regional frameworks such as Cyber Essentials. Monitor and improve the information security of Ripjar's technology infrastructure, products, and services. This hands-on leadership role requires setting the security vision, managing the security budget, and executing core activities such as policy development, audits, incident response, and daily security operations. You will also embed a security-first culture, support the commercial team in client conversations, and act as the point of contact for external audits and incident communications. Ripjar offers a competitive salary, remote work options, and various benefits.

Requirements

• Proven leadership in high-growth scale-up environments
• Expertise in ISO27001, SOC2, NIST CSF, Cyber Essentials, and DORA
• Experience with modern cloud infrastructure and security (AWS, Azure, GCP, PaaS/IaaS/SaaS)
• Familiarity with IAM, DLP, and Linux-based environments
• Strong understanding of security architecture, governance, and regulatory trends
• Exceptional communication skills to engage senior internal and external stakeholders
• High level of integrity, resilience, and executive presence

Responsibilities

• Set the organisation-wide security vision and roadmap; act as security evangelist at the executive level
• Maintain and evolve our security and compliance posture to support international expansion and customer growth
• Manage and own the Information Security budget, investments, and ROI
• Maintain compliance with ISO27001, SOC2, Cyber Essentials and evolving DORA regulations
• Lead internal risk assessments, security audits, and regulatory readiness efforts
• Oversee third-party and supply chain security due diligence and assurance processes
• Partner with infrastructure and engineering teams to drive secure architecture, code, and systems
• Identify vulnerabilities and lead remediation in hybrid environments (AWS, private cloud)
• Ensure security principles are implemented and continuously improved
• Embed a security-first culture across the business through education, training, and policy
• Support the commercial team in client conversations and security due diligence including contributing actively to RFI/RFP processes
• Act as the point of contact for external audits, client reviews, and incident communications

Preferred Qualifications

Professional certifications such as CISSP, CISM, or CRISC

Benefits

• Salary up to 140k DOE
• 25 days annual leave + your birthday off, rising to 30 days after 5 years of service
• Fully remote working with occasional travel
• Life assurance
• Private Family Healthcare
• Employee Assistance Programme
• Company contributions to your pension
• Enhanced maternity/paternity pay
• The latest tech including a top of the range MacBook Pro
• Offices equipped with well-stocked pantries with food, snacks and drinks when in the office