×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Security Strategy Lead

Job in Greater London, London, Greater London, EC1A, England, UK
Listing for: Iwoca Ltd
Full Time position
Listed on 2026-01-13
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 100000 - 150000 GBP Yearly GBP 100000.00 150000.00 YEAR
Job Description & How to Apply Below
Location: Greater London

Security Strategy Lead

Hybrid in London, United Kingdom

The company

Small businesses move fast. Opportunities often don’t wait, and cash flow pressures can appear overnight. To keep going, and growing, SMEs need finance that’s as flexible and responsive as they are.

That's why we built iwoca. Our smart technology, data science and five-star customer service ensures business owners can act with the speed, confidence and control they need, exactly when it's needed.

We’ve already cleared the way for 100,000 businesses with more than £4 billion in funding. Our passionate team is driven to help even more SMEs succeed, through access to better finance and other services that make running a business easier. Our ultimate mission is to support one million SMEs in their defining moments, creating lasting impact for the communities and economies they drive.

The

team

iwoca builds and operates credit products that handle sensitive financial and customer data, where securing such data is important. Until now, security has been managed across engineering and IT. This role establishes security as a dedicated discipline, embedded in how products are designed, built, and operated, with a focus on proportionate controls aligned to real risk rather than abstract compliance goals.

The

role

As Security Strategy Lead, you’ll define how security works at iwoca and own the decisions that shape it. You’ll assess security risks, influence priorities across teams, and embed security into how products are built and operated. This is iwoca’s first dedicated security role, reporting to the Engineering Director, with visibility at company level and scope to shape standards, ways of working, and long‑term security strategy.

You’ll be accountable for the following areas, deciding priorities and how work is delivered in iwoca’s context. We expect this to involve judgement, trade‑offs, and discussion rather than following a fixed playbook.

  • Security strategy and leadership:
    Own iwoca’s security strategy, minimising security risk while avoiding unnecessary friction for customers and developers. Act as the key decision maker for security checks and processes, and decide how the security function evolves over time, including when to use internal capability, third‑party expertise, or new tooling.
  • Tooling and process optimisation:
    Decide how security tooling and processes should be designed and applied across iwoca’s systems. Maintain a consolidated view of our security posture, including identity risks, third‑party exposure, and supply‑chain vulnerabilities, and oversee the development or adoption of automated detection where it adds value.
  • Monitoring, reporting, and continuous improvement:
    Establish monitoring and reporting that provides visibility into the effectiveness of security controls. Use this to generate insights, recommend improvements, and guide prioritisation as risks and the business evolve.
  • Collaboration and incident response:
    Work closely with product, engineering, and infrastructure teams to align on security priorities and trade‑offs. Act as the primary point of contact for security matters and lead coordinated incident response and triage of emerging threats.
The requirements

Essential:

  • Proven ability to analyse security risks across application and infrastructure systems, and implement effective protections and monitoring solutions.
  • Understanding of security techniques such as static analysis, network scanning, and penetration testing, and how to apply them in practice.
  • Experience turning security plans into action, prioritising work, and delivering meaningful improvements with engineering teams.
  • Experience leading or influencing change across teams, making trade‑offs explicit and aligning security decisions with business context.

Bonus:

  • Experience contributing to security certifications such as ISO 27001.
  • Experience building security practices in a fast‑growing company.
  • Exposure to identity‑based attacks, supply chain vulnerabilities, or other advanced threat classes.
The salary

We expect to pay from £100,000 - £150,000 for this role. But, we’re open‑minded, so definitely include your salary goals with your application. We routinely…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search