Head of Security Strategy & Architecture (Fintech)

TL;DR

Head of Security Strategy & Architecture (Fintech): Defining and maintaining security architecture strategy and roadmaps, ensuring security controls are designed and adopted effectively across the organization. Focus on embedding security into change at pace, enabling secure innovation, and strengthening security posture through risk-based decision-making.

Location: Hybrid in Manchester or London, UK. For new team members, the first 3 months will be spent full-time in the office.

Company

hirify.global is a rapidly growing UK investment platform business listed on the London Stock Exchange, managing over £103.3 billion in assets for over 644,000 customers.

What you will do

• Define and maintain a security architecture strategy and multi-year capability roadmap aligned with business objectives and regulatory requirements.
• Establish security principles, standards, and reusable patterns, ensuring their adoption across platforms, applications, infrastructure, and data.
• Lead a security-focused Technical Design Authority and architectural review process for technology change.
• Partner with Product, Engineering, and Delivery to integrate security into organizational and technical changes and provide assurance.
• Set minimum security expectations for third parties and oversee technical assurance activities for suppliers.
• Provide senior oversight of security capabilities in cloud and application environments, driving maturity in secure software delivery.
• Provide security leadership and architectural guidance for emerging technologies like AI.

Requirements

• Senior experience in security leadership, architecture, or engineering in a complex regulated environment (financial services strongly preferred).
• Strong understanding of enterprise security architecture, control design, and security governance models.
• Proven ability to define and embed security standards and reusable patterns.
• Experience operating architectural review forums/design authorities, including managing exceptions and risk acceptance.
• Strong knowledge of cloud and application security concepts, secure software delivery, and vulnerability management.
• Ability to translate risk and security requirements into pragmatic architecture decisions.
• Excellent communication skills, able to influence at executive level.

Nice to have

• Familiarity with UK financial services regulatory expectations.
• Experience shaping security capability roadmaps and investment cases.
• Experience in third-party assurance models for SaaS/cloud-hosted services.
• Awareness of security considerations for AI-enabled systems.

Culture & Benefits

• Hybrid working model (minimum 50% in office).
• Starting holiday entitlement of 27 days, increasing up to 31 days with length of service and a holiday buy and sell scheme.
• A choice of pension schemes with matched contributions up to 8%, discretionary bonus, and annual free share awards scheme.
• Health Cash Plan, discounted private healthcare scheme and dental plan, and free on-site gym.
• Enhanced maternity, paternity, and shared parental leave, bike loan scheme, and sick pay+ pledge.
• Professional qualification support, ongoing technical training, and personal development programmes.
• Calendar of social events, including monthly payday drinks, annual Christmas/summer parties, and monthly leadership breakfasts/lunches.
• Casual dress code and access to a range of benefits from sponsorship deals.