Director of IT & Cloud

United KingdomPermanentPosted Jul 6, 2026

Job Description

The Director of IT & Information Security is responsible for protecting Thesis SM’s technology assets, data, and infrastructure while enabling seamless IT operations for a globally distributed workforce. This leader will execute the company’s IT and security strategy, ensuring compliance with regulatory frameworks, managing risk, and building a resilient and secure technology environment. The ideal candidate brings strong expertise in enterprise IT, cybersecurity, and compliance, combined with leadership and cross-functional collaboration skills.

Requirements

  • Proven track record managing enterprise IT operations and cybersecurity programmes in a SaaS or technology environment.
  • Demonstrable experience with compliance frameworks such as ISO 27001, SOC 2, GDPR, and NIST.
  • Strong  background in identity & access management, endpoint security, and  cloud security.
  • Experience managing and scaling IT functions for a remote-first, globally distributed organisation.
  • Relevant certifications such as CISSP, CISM, CISA, or equivalent strongly preferred.
  • Deep knowledge of cloud security (AWS, Azure, GCP), Zero Trust architecture, and data privacy regulations.

Job Responsibilities

  • Lead and execute Thesis SM’s IT and information security strategy, policies, and roadmap.
  • Lead all aspects of IT operations, including infrastructure, end-user computing, and IT service management.
  • Build and manage a comprehensive information security programme, including threat detection, incident response, and vulnerability management.
  • Implement and enforce Thesis's AI security and acceptable use policies, governing shadow AI risk, data classification in AI workflows, and third-party AI vendor assessment.
  • Evaluate AI-augmented threat detection and AIOps capabilities to improve security monitoring efficiency and IT operational reliability.
  • Report on AI risk posture to senior leadership and ensure compliance with GDPR, ISO 27001, SOC 2, and emerging AI regulation across Thesis's operating jurisdictions.
  • Ensure compliance with applicable security and data privacy regulations, including GDPR, ISO 27001, and SOC 2.
  • Conduct and oversee regular security risk assessments, audits, and penetration testing.
  • Collaborate with Engineering and Product teams to embed security best practices (DevSecOps) into the SDLC.
  • Lead security awareness and training programmes across the organisation.
  • Manage vendor relationships for security tools, IT services, and managed security providers.




Job Benefits

  • Competitive Base Salary
  • Work from home allowance to contribute towards your monthly bills
  • Annual Discretionary Bonus/Commission Plan
  • Salary Exchange Pension Scheme with 8% contribution from Thesis and 3% minimum employee contribution 
  • Enjoy flexible, trust-based time off to recharge and maintain a healthy work-life balance
  • Private Medical Insurance
  • BHSF Health Cash Plan which allows you to claim back the costs of the excess on Private Medical, various other health benefits such as dental, optical, private prescriptions.  
  • Yu Life Long Term Health Insurance & 4x Base Salary Life Insurance
  • Mortgage Benefit
  • EAP
  • Enhanced Family Leave policies

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free