The Company
MuchBetter is revolutionising the payments space.
Offering a variety of products including a digital wallet app, wearables, cash vouchers and more, MuchBetter serves over one million users across 100+ markets in over 16 languages.
The MuchBetter Wallet allows customers to spend, send, and store money securely, all from their mobile phones with the ability to pair MuchBetter Wearables, such as key fobs, watches, and more to make contactless payments.
Our newest product, MuchBetter Gateway has been designed to power e-commerce performance through localised payment processors
Overview:
We are seeking an experienced, hands-on and visionary Head of Cyber Security to drive the strategic development, implementation, and continuous improvement of our security programs across our infrastructure, endpoints, cloud environments, and online platforms. This role requires a proactive leader who can safeguard the organisation against evolving cyber threats while fostering a strong culture of security and compliance across all departments. The successful candidate will play a pivotal role in securing digital assets, ensuring regulatory compliance, and driving enterprise-wide security initiatives. This role offers the potential to evolve into a Chief Information Security Officer (CISO) position based on your experience and performance.
Key Responsibilities:
Strategic Leadership & Governance:
- Develop and execute the company’s cyber security strategy, ensuring alignment with business goals, regulatory requirements, and industry best practices.
- Establish, maintain, and enforce cybersecurity governance frameworks, policies, and procedures to protect the organisation’s assets and ensure compliance with global security standards.
- Lead risk management efforts, including risk assessments, business impact analyses, and mitigation planning.
- Provide strategic security guidance to the C-suite, ensuring security priorities align with business objectives.
- Lead annual audit programmes from external entities validating the organisations credentials. Experience in PCI DSS V4 +, SWIFT CSCF & ISO 27001:x is preferred
Threat Management, Incident Response & Security Testing:
- Oversee the investigation, analysis, and documentation of security incidents and breaches, ensuring swift and effective resolution.
- Ensure well-defined incident response protocols are in place.
- Develop and test business continuity and disaster recovery plans to minimise business disruption in the event of a cyberattack.
- Drive threat intelligence programs, proactively identifying and mitigating emerging risks.
- Manage external teams of security penetration testers working on monthly cycles so test and improve security implementations
Infrastructure & Cloud Security:
- Design, implement, and manage robust security measures across networks, endpoints, cloud platforms, and IT infrastructure to safeguard systems and data.
- Oversee the deployment and management of firewalls, intrusion detection systems (IDS), endpoint security solutions, and zero-trust architectures.
- Collaborate with IT and DevOps teams to embed security into cloud environments (AWS, Azure, Google Cloud) and application development lifecycles.
- Implantation and management of SOC and EDR functions.
Vulnerability & Risk Management:
- Conduct regular vulnerability assessments, penetration testing, and red-team exercises, working closely with external partners to continuously test and improve security defences.
- Develop a comprehensive risk register, prioritising risks based on business impact and likelihood of exploitation.
- Implement continuous monitoring and advanced threat detection tools to proactively identify security threats and vulnerabilities.
Security Awareness & Culture:
- Develop and deliver security training programs for employees, promoting a company-wide culture of cyber awareness.
- Conduct phishing simulations, cybersecurity drills, and awareness campaigns to improve security posture across the organisation.
- Engage with business units to ensure secure development practices and adherence to security policies.
Stakeholder Collaboration & Vendor Management:
- Act as the primary security advisor for internal teams, ensuring seamless collaboration with IT, engineering, compliance, legal, and operations.
- Assess and manage third-party security risks, ensuring vendors and partners comply with security requirements.
- Provide clear, actionable security reports and recommendations to senior leadership, translating technical risks into business terms.
Skills and Experience Required
- Leadership & Strategic Vision:
- Proven track record of leadership in cybersecurity, with at least 5+ years of experience in senior security roles.
- Experience leading cybersecurity programs, teams, and enterprise-wide security initiatives.
- Ability to influence C-suite executives on cybersecurity priorities and risk management.
Technical Expertise:
- Deep understanding of security architectures, network security, cloud security, and endpoint protection.
- Hands-on expertise in firewalls, IDS/IPS, SIEM solutions, IAM (Identity and Access Management), and zero-trust frameworks.
- Strong knowledge of secure software development practices (DevSecOps) and modern application security methodologies.
- Experience with forensic analysis, malware analysis, and threat hunting.
Industry Knowledge & Compliance:
- Strong familiarity with financial, e-commerce, and payment security regulations, including PCI DSS and ISO 27001.
- Experience working within highly regulated industries, ensuring compliance with GDPR, NIST, and SOC 2.
- In-depth understanding of cyber threat intelligence, MITRE ATT&CK framework, and cyber kill chain methodologies.
Communication & Problem-Solving:
- Exceptional ability to communicate technical security concepts to non-technical stakeholders.
- Strong analytical skills and the ability to make sound decisions under pressure.
- Ability to prioritise tasks effectively in fast-paced environments, managing multiple projects simultaneously.
Remuneration:
- A competitive salary
- BUPA Health and Dental Insurance for you and your Spouse/Dependents up to the age of 18
- Aviva Pension
- Hybrid working
- Free parking
- Professional qualification Support
- 25 Days annual leave + all bank holidays
- 1 extra day annual leave for your birthday
- Access to Employee Assistance Programme
- New, modern office
- Social and Celebration Events
