Chief Information Security Officer (CISO)
Location: Hybrid Permanent
ClearCourse is seeking an experienced Chief Information Security Officer (CISO) to lead and evolve our group wide security strategy across a diverse portfolio of 40+ software and payments businesses.
Reporting to the Chief Technology & Transformation Officer, with a dotted line to the Board and Audit Committee, this is a pivotal executive leadership role responsible for security governance, operations, compliance, and risk management across a complex technology estate spanning payments, healthcare, and B2B SaaS.
With ongoing M&A activity, active PCI-DSS obligations, and a rapidly evolving platform landscape, you'll play a critical role in protecting our customers, supporting business growth, and embedding security across the organisation.
What you'll do
- Define and lead the Group's security strategy, policies, and governance framework
- Provide Board-level reporting on security posture, risks, and compliance activities
- Oversee security operations, including threat detection, incident response, and remediation
- Act as the executive lead during security incidents and manage external stakeholder communications
- Own PCI-DSS compliance across ClearAccept and ClearDebit payment platforms
- Lead the Group's Governance, Risk and Compliance (GRC) function, including ISO 27001, Cyber Essentials, PCI-DSS, and data protection obligations
- Manage relationships with auditors, regulators, cyber insurers, and certification bodies
- Lead security assessments and integration activities for acquisitions, driving alignment to Group standards
- Partner with Platform Engineering teams to embed security practices into development lifecycles without impacting delivery velocity
- Lead and develop the GRC function to support a proactive and risk aware security culture
- Previous experience operating at CISO level within a multi-product or multi-entity organisation
- Hands on experience leading PCI DSS compliance programmes and QSA assessments
- Proven expertise building and managing enterprise wide GRC frameworks and risk registers
- Experience assessing and integrating security functions following M&A activity
- Strong understanding of DevSecOps principles and embedding security into engineering practices
- Experience leading major security incidents, including external communications and stakeholder management
- Ability to influence at Board and executive leadership level
- Strong leadership skills with experience building and developing high performing security teams
- Competitive salary + benefits
- 25 days holiday + your birthday off
- Private medical insurance (Bupa) & health cash plan
- Life assurance & income protection
- Enhanced parental leave & family wellbeing support
- Perkbox discounts & perks
- Generous pension contributions
- Hybrid working model
This is a rare opportunity to shape and lead the security strategy of a fast growing international software and payments group. You'll work at executive level, influence critical business decisions, and play a key role in safeguarding the future growth of the organisation. If you're passionate about security leadership and thrive in complex, evolving environments, we'd love to hear from you.