Information Security Lead (GRC)

TL;DR

Information Security Lead (GRC): Defining strategy and leading security initiatives for a rapidly scaling energy technology group with an accent on automating GRC processes, policy-as-code, and compliance management. Focus on building high-performing teams, improving security culture, and maintaining robust frameworks like ISO 27001 and SOC 2.

Location: Hybrid role based in London, UK, with flexibility to work remotely if you cannot make it to the office regularly.

Company

A rapidly scaling, technology-first energy provider dedicated to accelerating the global transition to renewable energy through digital innovation and customer-centric products.

What you will do

• Define strategic security objectives and lead a functional team of information security analysts.
• Manage GRC processes and security initiatives with a strong focus on automation and efficiency.
• Maintain and improve the Information Security Management System (ISMS) using modern, tech-first approaches.
• Mentor and coach team members to ensure high-level performance and professional growth.
• Promote a positive security culture and lead security awareness training across the organization.
• Provide security guidance to technical teams and liaise with stakeholders on risk and remediation.

Requirements

• 5+ years of experience in information security or a closely related leadership role.
• Proven track record in managing and mentoring high-performing teams.
• Deep understanding of security frameworks and regulatory standards such as ISO 27001, SOC 2, and GDPR.
• Experience with GRC automation, policy-as-code, or low-code tools to reduce manual security operations.
• Strong ability to communicate complex security principles to non-technical stakeholders.
• Must demonstrate a passion for automating manual processes and driving security culture.

Nice to have

• Experience in a global organization managing security across multiple regions.
• Technical background or knowledge of AWS (or other CSPs) and SaaS environments.
• Familiarity with the MITRE ATT&CK framework.
• Relevant professional security certifications.

Culture & Benefits

• Unique company culture focused on autonomy, speed of decision-making, and transparency.
• Commitment to diversity and an inclusive, equitable work environment.
• Flexible hybrid working policy with support for remote work.
• Opportunity to work on impactful green energy products with real-world scale.
• Extensive employee perks hub and a focus on work-life balance.