Chief Information Security Officer

Chief Information Security Officer (CISO)

Swap is the infrastructure behind modern agentic commerce. The only AI-native platform connecting backend operations with a forward-thinking storefront experience. Built for brands that want to sell anything - anywhere, Swap centralises global operations, powers intelligent workflows, and unlocks margin-protecting decisions with real-time data and capability. Our products span cross-border, tax, returns, demand planning, and our next-generation agentic storefront, giving merchants full transparency and the ability to act with confidence. At Swap, we're building a culture that values clarity, creativity, and shared ownership as we redefine how global commerce works.

Responsibilities

Security Strategy & Leadership • Define and execute the global information security strategy aligned to business growth • Serve as the executive owner of security risk management across all regions • Report regularly to the executive team and board on security posture, risk, and compliance

ISO Certification & Audit Ownership • Own the end-to-end delivery and ongoing maintenance of ISO certification • Lead all ISO audits, acting as primary interface with external auditors • Manage ongoing surveillance audits and recertification cycles • Build and maintain a scalable Information Security Management System (ISMS) • Ensure audit readiness is continuous, not event-driven • Drive remediation of audit findings and ensure closure of non-conformities within deadlines

Compliance & Framework Alignment • Ensure alignment with global compliance frameworks including: • SOC 2 • GDPR • NIST Cybersecurity Framework • Lead internal audits and risk assessments across engineering, infrastructure, and corporate systems • Partner with Legal, HR, and Engineering to embed security controls across all functions

Risk & Security Operations • Oversee incident response planning and execution across global teams • Define and enforce security policies, standards, and controls • Ensure effective vulnerability management, penetration testing, and threat monitoring

Cross-Functional Leadership • Partner with Engineering to embed security into architecture and SDLC • Work closely with Product and GTM teams to meet enterprise customer security requirements • Support sales and procurement processes for security reviews and questionnaires

Requirements

• Proven track record as a CISO, Head of Security, or equivalent senior security leadership role in a high-growth technology company • Extensive hands-on experience leading ISO/IEC 27001 certification programmes from gap assessment through to audit success • Deep experience managing external ISO auditors, including successful Stage 1, Stage 2, and surveillance audits • Strong understanding of ISMS design, governance, and operationalisation • Experience scaling security and compliance across multi-region environments (UK, EU, North America) • Familiarity with SOC 2, GDPR, and other enterprise security frameworks Preferred • Experience in Series B–pre-IPO or high-growth SaaS environments • Prior success preparing organisations for enterprise customer security requirements • Cloud-native security experience (AWS, GCP, Azure) • Experience building or scaling security teams from early stage to maturity • Automation of compliance, audit readiness, and security reporting processes

What Success Looks Like

• Achieves and maintains ISO 27001 certification with no major audit findings • Builds a continuous compliance model, not reactive audit preparation • Enables enterprise sales through strong security posture and trust • Establishes a scalable, well-documented ISMS that supports rapid growth • Reduces security risk while enabling speed of engineering delivery