Chief Information Security Officer

Job description

Ripjar specialises in the development of software and data products that help governments and organisations combat serious financial crime. Our technology is used to identify criminal activity such as money laundering and terrorist financing, enabling organisations to enforce sanctions at scale to help combat rogue entities and state actors.

Lead Ripjar’s Global Security Strategy

As we scale globally, this role is central to our mission of delivering secure, resilient technology to governments and enterprises around the world.

As Chief Information Security Officer (CISO), you will be responsible for developing and executing our cyber risk strategy, driving alignment with international frameworks such as ISO27001, SOC2, DORA and regional frameworks like Cyber Essentials, and leading executive team engagement on security governance, regulatory readiness, and organisational resilience. You will be responsible for monitoring and improving the information security of Ripjar’s technology infrastructure, products and services as we continue to scale.

This is a hands-on leadership role. You will be responsible not only for setting strategy, but also for directly executing core activities such as policy development, supporting audits and accreditations, incident response, and day-to-day security operations.

What you’ll be doing:

Strategic Security Leadership

• Set the organisation-wide security vision and roadmap; act as security evangelist at the executive level.
• Maintain and evolve our security and compliance posture to support international expansion and customer growth.
• Manage and own the Information Security budget, investments, and ROI.

Governance, Risk, and Compliance

• Maintain compliance with ISO27001, SOC2, Cyber Essentials and evolving DORA regulations.
• Lead internal risk assessments, security audits, and regulatory readiness efforts.
• Oversee third-party and supply chain security due diligence and assurance processes.

Operational Security & Infrastructure

• Partner with infrastructure and engineering teams to drive secure architecture, code, and systems.
• Identify vulnerabilities and lead remediation in hybrid environments (AWS, private cloud).
• Ensure security principles are implemented and continuously improved.

Culture, Education, and Awareness

• Embed a security-first culture across the business through education, training, and policy.
• Support the commercial team in client conversations and security due diligence including contributing actively to RFI/RFP processes.
• Act as the point of contact for external audits, client reviews, and incident communications.

About You:

We’re looking for a security leader who blends deep technical acumen with strong strategic and business leadership. You will take a pragmatic approach to information security and its practical application to our organisation as it scales.

Ideally, you will have:

• Proven leadership in high-growth scale-up environments.
• Expertise in ISO27001, SOC2, NIST CSF, Cyber Essentials, and DORA.
• Experience with modern cloud infrastructure and security (AWS, Azure, GCP, PaaS/IaaS/SaaS).
• Familiarity with IAM, DLP, and Linux-based environments.
• Strong understanding of security architecture, governance, and regulatory trends.
• Professional certifications such as CISSP, CISM, or CRISC (preferred).
• Exceptional communication skills to engage senior internal and external stakeholders.
• High level of integrity, resilience, and executive presence.

Why we think you’ll enjoy it here:

• Salary up to 140k DOE
• 25 days annual leave + your birthday off, rising to 30 days after 5 years of service
• Fully remote working with occasional travel.
• Life assurance
• Private Family Healthcare
• Employee Assistance Programme
• Company contributions to your pension
• Enhanced maternity/paternity pay
• The latest tech including a top of the range MacBook Pro
• Offices equipped with well-stocked pantries with food, snacks and drinks when in the office