Information Security Expert overseeing ISMS development and IT security compliance in Germany. Collaborates with management and leads regulatory requirements implementation.
About the role
- Head of Cyber Security at PEXA UK overseeing security strategy and governance across UK brands. Leading operations and collaboration to ensure security and compliance while driving culture awareness.
Responsibilities
- As the Head of Cyber Security at PEXA UK, you’ll play a key role in protecting the digital backbone of our business.
- Working closely with the UK CTO, Group CISO in Australia, and the PEXA UK leadership team, you’ll define and drive the security strategy, standards, and posture across our three UK brands: PEXA UK, Smoove, and Optima Legal.
- You’ll lead our Security Operations (SOC), Security Engineering, and Information Security and Governance functions, covering everything from incident response and secure architecture to audits, lender assurance, and compliance with ISO 27001 and FCA requirements.
- This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations.
- You’ll shape how we manage threats, embed secure-by-design principles, and foster a culture of security awareness across the organisation.
- You’ll also collaborate closely with technology, legal, risk, and operations teams, as well as external partners, to ensure alignment and resilience, making cyber security a trusted enabler for our customers and colleagues.
Requirements
- Proven experience leading cyber security operations in a regulated or financial services environment (FCA exposure preferred).
- Strong understanding of security governance, assurance frameworks, and audit processes (ISO 27001, NIST, GDPR, Cyber Essentials Plus).
- Experience with modern security tooling such as:
- o Cortex XDR / Palo Alto Networks
- o Splunk (SIEM and dashboarding)
- o Abnormal Security (email security)
- o Prisma Cloud (cloud security posture management)
- o Airlock (application and API security)
- o Nucleus (vulnerability management and reporting)
- Deep knowledge of incident response, threat hunting, and vulnerability management.
- Excellent stakeholder management and communication skills — able to explain complex risks in simple terms.
- Experience building and mentoring high-performing teams across technical and governance functions.
- Confident working in partnership with global teams and external partners to deliver consistent, secure outcomes.
Benefits
- We encourage you to hit your personal and professional learning and development goals with our tailored programs and tools.
- We care about your holistic wellbeing
- We want to help you create your ideal work/life blend, rather than squeezing in life around work.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
IT Professional responsible for implementing innovative industrial IT solutions. Working in an agile environment while ensuring IT and OT security for production networks.
Security Compliance Specialist enhancing cybersecurity and compliance framework at Trezor. Collaborating across teams to shape security and compliance operations in the tech sector.
Cyber Security Specialist focusing on IT security measures and infrastructure protection for a motivated team. Engaging in both project work and internal security processes.
IT & Cybersecurity Intern assisting with help desk support and IT system maintenance at OBDeleven. Collaborating with teams and improving IT documentation in a fun workplace culture.
Werkstudent supporting information security management and business continuity projects for Syneco's energy operations. Engaging in the development and upkeep of management systems and reporting tools.
Security Consultant providing IT - Security Consulting by leveraging knowledge and skills to assist clients. Involved in diverse projects from analysis to execution and results presentation.
Lead functional safety for product development in PEM electrolyzers at Quest One. Collaborate with teams and support certification processes in the field of green hydrogen technology.
Consultant specializing in Cyber & Product Security for clients in a hybrid role. Focused on implementing security strategies and conducting assessments with a collaborative approach.
(Senior) Consultant in Automotive - & Product Security at Wavestone, focusing on cyber security solutions for clients in innovative projects. Collaborative work in a vibrant team environment across multiple German cities.