Job Title: Interim Chief Information Security Officer (Interim CISO)
Location: Colchester
Salary: £100,000 to £120,000 pro rata
Employment Type: Permanent, 2 days per week
Working Arrangements: Onsite working for 2 days a week
We are seeking an experienced Interim Chief Information Security Officer (Interim CISO) to provide strategic information security, compliance, and rigorous IT financial governance on a two day per week. This is a high-autonomy, top level representative role during a period of active organisational transformation, reporting to the CTO.
The organisation is actively transitioning away from legacy commercial SaaS platforms platforms (e.g., Salesforce, HubSpot), toward AI-first, customised add-ons built on proprietary Product Data Management (PDM) software and core ERP architectures to drive significant operating cost reductions with process optimisation. The incoming CISO will hold ultimate accountability for ensuring this lean, modernised architecture remains aggressively secure and audit-ready.
Core Responsibilities
- AI-First Architecture & Security Scoping: Personally audit and define the compliance boundaries for newly deployed custom AI infrastructure (built on LLM platforms like Anthropic Claude). Ensure robust data handling, strict access controls, and correct isolation of proprietary data pipelines.
- - Rigorous Framework Delivery: Maintain full operational control of an in-progress SOC2 Type 1/Type 2 compliance track via a GRP automation platform. Own the internal execution, documentation, and C3PAO assessment preparation for CMMC Level 2 (NIST SP (Apply online only)) utilising a secure proxy architecture.
- Budget Ownership & Cost Consolidation: Take immediate custody of the IT OPEX budget. Ruthlessly consolidate a fragmented AI tooling footprint and manage vendor contract rationalisation following structural changes.
- Vendor & Operational Governance: Oversee all external IT vendor relationships and contract lifecycles. Provide clear technical escalation paths and strategic direction for our on-site IT technician.
What You’ll Bring
- Proven Executive Security Experience: Demonstrated tenure as a CISO, Head of Information Security, or Security-focused IT Director in an organisation of 50–300 employees.
- Hands-on SOC2 & CMMC Tracking: Direct experience personally driving a SOC2 audit to completion and a deep, non-advisory familiarity with CMMC Level 2/NIST SP (Apply online only) compliance paths. Strong competence utilising GRC automation tools and encrypted enclave/secure proxy solution
- Emerging Tech Literacy: A clear, practical understanding of security profiles, scoping, and data governance for custom LLM integrations and proprietary software ecosystems.
- Commercial Sharpness: Proven experience managing $500k+ IT budgets, reporting directly to the C-Suite/Board, and negotiating vendor agreements.
- Must come with a strong understanding of UK GDPR compliance and Cyber Essentials frameworks.
For more information, please contact Cathy Swain.
T: (phone number removed)
E: (url removed)
:quality(80))
:quality(80))
:quality(80))