InfoSec and Compliance Lead People & Ops · London, United Kingdom ·

Do you want to superpower engineering? We’re a team of scientists, engineers, and creative thinkers working to build AI systems that solve intractable problems. We have ambitious plans moving forward… it’s very exciting!We are seeking an

Information Security and Compliance Lead

to autonomously own, run, and evolve Monolith’s information security strategy and practices. This role requires a balance of technical expertise, regulatory and compliance knowledge, and the ability to influence and educate colleagues across the organisation. The successful candidate will ensure that Monolith not only maintains compliance with current frameworks and legislation (e.g., GDPR, ISO27001) but also proactively aligns with emerging standards related to AI, cloud computing, and personal data.This role sits at the intersection of business, policy, and technology, ensuring that information security supports our mission, protects our clients, and scales with our growth.Location:

Remote (Monolith HQ is headquartered in London, UK)Reports To:

Director of OperationsYou''ll be responsible for:Information Security OwnershipAct as the primary owner for information security within Monolith, maintaining policies, controls, and frameworks.Manage technical security across our cloud infrastructure, ensuring best practices for access, monitoring, and data protection.Compliance and GovernanceLead in-house ISO27001 compliance programme, including audits, documentation, and certification renewal.Ensure GDPR compliance across technical systems, business operations, and supplier relationships.Research, evaluate, and apply relevant standards and regulations affecting AI, cloud computing, and personal data.Supplier and Vendor Security ManagementEstablish and maintain a vendor risk management programme, including due diligence, contract reviews, and ongoing monitoring.Education and CultureBuild a security-first culture by educating employees on security best practices, awareness, and compliance obligations.Engage and influence senior leadership to embed information security into business decision-making.Continuous ImprovementStay ahead of evolving threats, regulations, and industry standards to ensure Monolith remains compliant and competitive.Recommend and implement security tooling, automation, and monitoring improvements.A bit about you:Requirements:4-7 years of experience in information security, compliance, or related rolesHands-on experience with ISO27001 compliance (audits, certification, renewals)Strong knowledge of GDPR requirements across technical and business operationsSolid understanding of cloud infrastructure security (AWS, Azure, or GCP)Experience with supplier/vendor risk managementExcellent communication skills with the ability to educate colleagues and influence senior leadersProactive, analytical, and comfortable working autonomouslyNice to have:ISO27001 Lead Implementer or Auditor certificationProfessional security certifications (e.g., CISSP, CISM, CCSK).Data protection certification (CIPP/E, CIPM)What We OfferAt Monolith, you’ll join a fast-growing AI scale-up where security and compliance are critical to our success. We offer competitive compensation,flexible working arrangements, and a culture that values autonomy, trust, and collaboration. You’ll have the freedom to shape our information security approach end-to-end, access to personal development and certification support, and the opportunity to make a tangible impact on how AI and cloud technologies are adopted securely across industries.This role is perfect for someone who thrives on ownership and impact — a security professional who enjoys working hands-on while also shaping business-wide practices. It’s ideal for a candidate with strong knowledge of ISO27001, GDPR, and cloud security who wants to step beyond a purely technical role and influence at a company-wide level. If you’re excited by the chance to be both the

guardian and educator

of security within a high-growth AI company, and want to future-proof compliance against emerging AI and data standards, this role is for ..... full job details .....