π Chief Information Security Officer (CISO)
About Swap: Redefining Global Commerce with AI
At Swap, we're not just building software; we're architecting the future of agentic commerce. As the pioneering AI-native platform, we seamlessly connect sophisticated backend operations with a revolutionary, forward-thinking storefront experience.
Designed for ambitious brands ready to sell anything, anywhere, Swap centralises global operations, fuels intelligent workflows, and empowers margin-protecting decisions through real-time data and unparalleled capability. Our robust product suite spans critical areas like cross-border commerce, tax compliance, returns management, demand planning, and our groundbreaking agentic storefront β providing merchants with complete transparency and the confidence to act decisively.
Join a culture at Swap that champions clarity, ignites creativity, and fosters shared ownership, as we collectively redefine how global commerce functions.
About the Role: Forge the Future of Security at Swap
We are searching for an exceptional Chief Information Security Officer (CISO) to spearhead and scale our global security, risk, and compliance strategy across the UK, Europe, and North America. This is a pivotal, executive-level role that demands a visionary leader capable of embedding best-in-class security standards into our DNA, all while navigating rapid growth and exceeding the expectations of our demanding enterprise customers.
As our CISO, you will hold end-to-end ownership of Swap's entire security posture. You will be instrumental in achieving and maintaining ISO/IEC certification, cultivating a continuous state of audit readiness, and weaving security into the very fabric of our innovative organisation.
Your Impact & Responsibilities: π‘οΈ Security Strategy & Executive Leadership Architect, champion, and execute Swapβs global information security strategy, seamlessly aligning it with our aggressive business growth objectives. β
ISO Certification & Audit Mastery Own the end-to-end delivery and ongoing maintenance of ISO certification, transforming it from a task into a core operational strength. π Compliance & Framework Alignment Ensure unwavering adherence to critical global compliance frameworks, including: SOC 2 Lead comprehensive internal audits and meticulous risk assessments across engineering, infrastructure, and corporate systems. π¨ Risk & Security Operations Establish and fortify our incident response planning and execution capabilities across global teams. π€ Cross-Functional Leadership Collaborate closely with Engineering to embed security by design into our architecture and throughout the entire SDLC. What You'll Bring: Must-Haves: A proven track record as a CISO, Head of Security, or equivalent senior security leadership role within a high-growth technology company. Bonus Points β What Will Set You Apart: Experience in Series Bβpre-IPO or other high-growth SaaS environments. Your Milestones & What Success Looks Like: You achieve and continuously maintain ISO 27001 certification with zero major audit findings, establishing Swap as a benchmark for security.
Serve as the executive owner of security risk management, providing strategic oversight across all regions.
Provide strategic insights and regular updates to the executive team and board on our security posture, emerging risks, and compliance status.
Spearhead all ISO audits, acting as the primary interface and trusted advisor for external auditors.
Proactively manage ongoing surveillance audits and navigate recertification cycles with precision.
Design, build, and maintain a scalable and robust Information Security Management System (ISMS) that supports our exponential growth.
Ensure audit readiness is a continuous, integrated process, not a reactive event.
Drive swift and effective remediation of audit findings, guaranteeing the timely closure of non-conformities.
GDPR
NIST Cybersecurity Framework
Forge strategic partnerships with Legal, HR, and Engineering teams to embed robust security controls throughout all functional areas.
Define, enforce, and continuously refine security policies, standards, and controls.
Ensure highly effective vulnerability management, rigorous penetration testing, and proactive threat monitoring are in place.
Partner with Product and Go-To-Market teams to proactively meet and exceed enterprise customer security requirements.
Provide expert support for sales and procurement processes, including comprehensive security reviews and questionnaires.
Extensive hands-on experience leading ISO/IEC 27001 certification programs, from initial gap assessment through to successful audit completion.
Deep expertise managing external ISO auditors, with a history of successfully navigating Stage 1, Stage 2, and surveillance audits.
A profound understanding of ISMS design, robust governance, and practical operationalisation.
Demonstrated success in scaling security and compliance programs across multi-region environments (UK, EU, North America).
Intimate familiarity with SOC 2, GDPR, and other critical enterprise security frameworks.
Prior success in preparing organisations to meet the most stringent enterprise customer security requirements.
Cloud-native security expertise (AWS, GCP, Azure).
Experience building or scaling security teams from early-stage to maturity.
A passion for and experience in automating compliance, audit readiness, and security reporting processes.
You build a truly continuous compliance model, moving beyond reactive audit preparation to proactive, embedded security.
Your robust security posture and instilled trust directly enable and accelerate enterprise sales.
You establish a scalable, meticulously documented ISMS that effortlessly supports Swap's rapid and ambitious growth trajectory.
You master the delicate balance of significantly reducing security risk while simultaneously enabling the speed and agility of engineering delivery.