Head of Information Security

**About WSD**

WSD is a leading provider of document and workflow automation software for the global structured products industry. With a strong presence in the financial services sector, WSD supports tier-one banks and asset managers by delivering scalable, secure, and cloud-agnostic solutions that streamline operations from inception to maturity. Backed by private equity and headquartered in London, WSD combines deep domain expertise with cutting-edge technology to drive operational excellence and regulatory compliance.

**Role Overview**

As Head of Information Security & Controls, you will be responsible for defining, implementing, and maintaining WSD’s security strategy, governance framework, and operational security controls. This is a senior leadership role requiring strategic vision, hands-on technical oversight, and cross-functional collaboration across engineering, compliance, and client-facing teams.

**Key Responsibilities**

**Strategic Leadership**
- Own and deliver WSD’s security strategy and roadmap.
- Lead the development and maintenance of security and governance policies, standards, procedures, and configurations.

**Security Operations**
- Oversee all technical security controls across infrastructure, endpoints, and mobile devices.
- Manage the Managed Detection & Response (MDR) service including SIEM/SOC/alerting.
- Lead Threat & Vulnerability Management using Qualys VMDR.
- Oversee Web Application Scanning (Qualys WAS) and Static Code Analysis (SonarQube).
- Direct the Security Incident Management process and ensure timely resolution.

**Compliance & Risk Management**
- Maintain ISO/IEC 27001:2022 certification and ensure ongoing compliance.
- Lead risk management activities including risk assessments and mitigation planning.
- Manage external security assessments and ensure timely remediation.
- Serve as the principal authorizer for policy exceptions, privileged access, and critical security decisions.

**Governance & Vendor Oversight**
- Manage vendor relationships and ensure third-party compliance with WSD’s security standards.
- Oversee escrow arrangements and change management processes.

**Business Continuity & Disaster Recovery**
- Ensure BC & DR plans are current, tested, and effective.
- Lead BC & DR testing and remediation activities.

**Client & Regulatory Engagement**
- Respond to client security questionnaires and audits with accuracy and professionalism.
- Liaise with client-side security, risk, vendor, compliance, and audit teams.

**Team Leadership**
- Manage and mentor a small, high-performing Security team.
- Foster a culture of security awareness and continuous improvement across the organisation.

**PreSales / Contract Reviews**
- Support pre-sales and onboarding processes by defining security requirements and participating in due diligence discussions.
- Act as the security authority for reviewing data processing agreements, SLAs, and regulatory obligations tied to client engagements.

**Qualifications & Experience**
- Proven experience in a senior information security role, ideally within fintech or SaaS.
- Strong understanding of ISO/IEC 27001, SOC, SIEM, vulnerability management, and secure SDLC.
- Experience managing external audits, pen tests, and client compliance engagements.
- Excellent stakeholder management and communication skills.
- Relevant certifications (e.g., CISSP, CISM, ISO Lead Auditor) are highly desirable.

**Why Join WSD?**
- Be part of a mission-critical team powering the structured products industry.
- Work with cutting-edge technologies in a cloud-agnostic environment.
- Collaborate with experienced professionals in a fast-paced, innovative culture.Enjoy a flexible, hybrid working model and strong career development opportunities.