VP Information Security & IT

at Paddle
  • Remote - United Kingdom

Remote

Cybersecurity

Executive

Job description

What do we do?

Paddle offers digital product companies a completely different approach to their payment infrastructure. Instead of assembling and maintaining a complex stack of payments-related apps and services, we’re a Merchant of Record for our customers. That means we take away 100% of the pain of payment fragmentation. It’s faster, safer, cheaper, and, above all, way better.

We’re backed by investors including KKR, FTV Capital, Kindred, Notion, and 83North and serve over 5000 software sellers in 245 territories globally.

The role:

The VP Information Security & IT will have overarching responsibility for Paddle’s security posture on an international scale, and our internal IT capability. This leader will report to the CTO and will work closely with the wider management team to build and manage world-class security controls. They will be responsible for providing a reliable and effective security foundation and IT capability that serves the customers, shareholders, and business operations of the company.

This individual will provide a blend of strong and current security technology understanding, combined with broader management responsibilities around policy, risk assessment, and organisational education. We are looking for an experienced security professional who can provide operational and strategic leadership while also being willing to roll up their sleeves, with a pragmatic bias towards incremental action, rather than a purely policy-led approach.

What you’ll do:

Leadership:

  • Represent Information Security and IT internally and externally at Paddle, feeding into company strategy through our extended leadership team.

  • Instil a “security-first” mindset across the entire company—from the C-suite to junior staff.

  • Recruit, lead, and mentor high-performing teams across Information Security and IT, fostering a culture of accountability, agility, and trust.

  • Oversee the delivery of strategic Security and IT projects, ensuring alignment with organisational goals and available resources. Manage the entire project lifecycle, from defining scopes to monitoring progress.

Information Security:

  • Design and deliver a security strategy and roadmap that facilitates the organisation’s growth plans through the use of leading-edge technology and talented employees.

  • Develop and mature security programs that encompass security incident response, threat detection, and vulnerability management.

  • Champion a zero trust security model, including modern identity and access management practices.

  • Develop, maintain, and recommend approval of Paddle’s Information Security policy and control framework.

  • Collaborate with engineering leaders to drive a culture of secure coding through threat modelling, automated testing and adoption of application security best practices.

  • Improve security tooling and processes while scaling the team to support future product development. Focus on automation and tool maturity to increase effectiveness in security engineering.

  • Partner with legal and data teams to ensure robust data governance, protection, and privacy practices across jurisdictions.

  • Collaborate with the People & Talent Training Function to deliver comprehensive security training and awareness programs for employees across the business that drive engagement and deliver outcomes effectively.

  • Ensure that we maintain our SOC2 and PCI compliance, and lead the acquisition of any additional accreditations as necessary to support the broader business strategy.

IT Management:

  • Oversee IT operations, ensuring reliable and secure internal systems, SaaS tools and smooth onboarding/offboarding processes.

  • Drive our internal identity and access management strategy to ensure the proper access controls are in place across tools and systems.

  • Proactively manage our relationship and contract negotiations with third party SaaS software vendors, ensuring we manage procurement and seat usage, and deduplication of tools effectively and practically.

  • Own the IT budget and allocate resources for various projects and operational needs. Evaluate costs and seek opportunities to optimise spending.

  • Note - maintenance of the cloud infrastructure that powers our production service for Paddle itself is outside the scope of this role, and is handled by a separate Platform team.

We’d love to hear from you if:

  • Proven senior leadership in Information Security (e.g., current CISO, VP InfoSec, or strong deputy).

  • Experience running security in a technology-led environment; ownership of security in a platform/cloud setup preferred.

  • Previously established centralised visibility into security risks with trackable metrics.

  • Implemented frameworks such as ISO/IEC 27001, SOC2, ITIL, COBIT, NIST, and compliance with standards like GDPR.

  • Matured an Application Security function in a CI/CD environment, focusing on automation and scalability.

  • Defined clear methodology for assessing and managing third-party security risk.

  • Ability to earn internal trust, navigate complexity, and collaborate effectively across functions.

  • Excellent presentation and communication skills.

  • Experience with cloud platforms such as AWS, Azure, Google Cloud, etc.

  • CISSP, CISM and CCSP are desirable.

  • Bachelor’s in Computer Science, Information Security, or related field desirable, or equivalent experience.

  • The ability to balance a strong theoretical understanding, combined with a bias to action, a willingness to be pragmatic, roll up your sleeves and get into the practical details to drive delivery to support the organisation.

Everyone is welcome at Paddle

At Paddle, we’re committed to removing invisible barriers, both for our customers and within our own teams. We recognise and celebrate that every Paddler is unique and we welcome every individual perspective.

As an inclusive employer, we don’t care if, or where, you studied, what you look like or where you’re from. We’re more interested in your craft, curiosity, passion for learning and what you’ll add to our culture. We encourage you to apply even if you don’t match every part of the job ad, especially if you’re part of an underrepresented group. Please let us know if there’s anything we can do to better support you through the application process and in the workplace. We will do everything we can to support any accommodations needed. We’re committed to building a diverse team where everyone feels safe to be their authentic self. Let’s grow together.

Why you’ll love working at Paddle

We are a diverse, growing group of Paddlers across the globe who pride ourselves on our transparent, collaborative and respectful culture.

We live and breathe our values, which are:

Paddle for others

Paddle together

Paddle simply

We offer a full suite of benefits, including attractive salaries, stock options, retirement plans, private healthcare and well-being initiatives.

We are a ‘digital-first’ company, which means you can work remotely, from one of our stylish  hubs, or even a bit of both! We offer all team members unlimited holidays and enhanced parental leave. We invest in learning and will help you with your personal development via constant exposure to new challenges, an annual learning fund, and regular internal and external training.

Share this job:
Please let Paddle know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Paddle logo

Paddle

SaaS payments infrastructure

  • 201-500 employees
  • Founded in 2012
  • 17 remote jobs
View all jobs

Latest Jobs at Paddle

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply