×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security

Head of Operational Risk & Information Security m​/f​/d

Job in Greater London, London, Greater London, EC1A, England, UK
Listing for: Pliant
Full Time position
Listed on 2026-01-13
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security
Job Description & How to Apply Below
Position: Head of Operational Risk & Information Security m/f/d)
Location: Greater London

ABOUT US

Pliant is a European fintech specializing in B2B payment solutions. Our modular, API-first platform helps businesses streamline spending, improve cash flow, and integrate payments into their financial workflows. Designed for industries with complex payment needs, such as travel and fleet, Pliant enables greater efficiency, control, and profitability.

We serve two primary customer segments:

  • Companies looking to optimize operational processes through intuitive apps and APIs, gaining control, automation, and financial flexibility through extended credit lines.
  • Businesses such as financial software platforms, ERP providers, and banks that want to launch or enhance their credit card offerings using Pliant’s embedded finance and white-label solutions.

Founded in 2020 and headquartered in Berlin, Pliant supports over 4,000 businesses and more than 20 partners globally. As a licensed e‑money institution (EMI), we issue Visa‑powered credit cards in 11 currencies across more than 30 countries, helping companies streamline and simplify payments.

Learn more at

ABOUT

THE ROLE

The Head of Operational Risk & Information Security, based at Pliant Payments Ltd, the Group’s UK entity applying for an Electronic Money Institution (EMI) licence, is responsible for establishing, maintaining, and continuously strengthening Pliant’s Operational Risk, ICT Risk, and Information Security frameworks in line with FCA, PRA, and UK regulatory expectations.

The role ensures compliance with relevant UK and international standards, including FCA SYSC requirements, Operational Resilience rules, UK GDPR, ISO 27001, SOC 2, and PCI DSS.

While part of the Second Line of Defence, the role provides group-wide oversight and coordination across Pliant’s operations in the UK, Germany, and the US.

The Head is responsible for promoting a strong risk and security culture, ensuring operational resilience, and protecting the confidentiality, integrity, and availability of Pliant’s systems and data. The role also acts as the primary UK contact for regulators, auditors, and partners on operational risk and information security matters.

WHAT YOU’LL DO 1. Governance, Framework & Leadership
  • Lead the development and continuous enhancement of Pliant’s Operational Risk and Information Security Frameworks in line with FCA, PRA, and UK EMI expectations.
  • Maintain governance, control, and reporting structures that meet SYSC 13A, Operational Resilience, and Risk Management requirements.
  • Act as the 2nd Line of Defence lead, providing independent oversight, challenge, and assurance across all Pliant entities.
  • Partner with Engineering, Compliance, and Operations teams to embed security by design into all products and processes.
  • Advise senior management, the UK Board, and Group Risk Committee on risk trends, resilience, and information security posture.
2. Risk Oversight & Incident Management
  • Own and maintain the enterprise‑wide incident management framework, covering ICT and non‑ICT incidents.
  • Ensure consistent incident classification, escalation, root‑cause analysis, and reporting in line with FCA/PRA operational incident and major incident requirements.
  • Lead post‑incident reviews and ensure lessons learned are documented and integrated into ongoing risk management processes.
  • Oversee compliance with UK incident notification obligations.
3. Information Security Governance
  • Maintain and improve Pliant’s Information Security Management System (ISMS) in accordance with ISO 27001, SOC 2, and PCI DSS.
  • Develop, implement, and enforce security policies and standards aligned with NCSC guidance and ICO data protection expectations.
  • Oversee cyber incident detection, response, and recovery in coordination with the Group Technology team.
  • Ensure business continuity and disaster recovery plans are regularly tested and compliant with FCA and PRA operational resilience principles.
4. Business Continuity & Operational Resilience
  • Coordinate Business Continuity Management (BCM) and Operational Resilience across the UK entity and the wider group.
  • Conduct and maintain Business Impact Analyses (BIAs) and ensure Important Business Services (IBS) have tested impact tolerances.
  • Oversee alignment…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search