Director of Information Security & AI Governance

Flagstone is many things. An online savings platform, reinventing how individuals, businesses, and charities manage, protect, and grow their cash. A diverse group of people, bound by a collaborative spirit, and shared purpose. And lastly, a thriving, profitable business — where smart people do their best work.

Each definition shares a common thread: our unique culture. It's our pride and joy. And our competitive advantage.

To revolutionise the savings market, we need to be at our best. But high performance takes more than talent — it takes a culture of kindness, respect, and growth.

That's why we're building a diverse, inclusive community, where your voice is heard and valued. Where, with close support and room to develop, you can surpass even your own expectations. And be rewarded for it.

We may not change the world, but we can change the world of financial technology. And all it takes is a winning mix of drive, talent, and empathy. Our culture celebrates all three.

But enough about us. Let's talk about you.

You're a senior technology leader with a hands-on background in information security, and you've spent your career building things, not just governing them. You understand that in a world where AI is reshaping how businesses operate, security and governance aren't a brake on progress, they're what make progress sustainable.

You're genuinely excited by AI. You use it in your own work, you follow where it's going, and you understand both the opportunity and the risk it presents in a regulated environment. You don't need a fully formed AI governance framework on your CV, but you need the mindset, the curiosity, and the conviction to build one.

You're comfortable with ambiguity, energised by a blank sheet, and ready to shape what a world class internal technology function looks like when the economics of building software are changing fast.

Flagstone is at a genuine inflection point in how it thinks about technology, security, and AI, and this role is at the centre of it. As Director of Information Security & AI Governance, you'll report directly to the CTO and own three things that sit at the heart of how we grow, with IT Operations as part of your broader remit:

• Own Flagstone's information security strategy, aligned to our regulatory obligations and risk appetite
• Lead and develop the InfoSec team, driving ISO 27001 to certification and building the programme to sustain it
• Own our security posture across Microsoft 365, incident response, vulnerability management, and third-party risk
• Work closely with the Head of GRC to embed security controls within the broader risk framework

• Own the AI governance framework - policy, risk classification, tool approval, and ongoing oversight of AI adoption across the business
• Chair an AI governance forum across engineering, product, risk, compliance, and legal
• Work hands-on with the tooling - we're already deploying LLM integrations and agentic workflows, and governance needs to work in practice, not just on paper

• Lead the strategic question at the heart of this role: what does world-class internal technology look like when AI changes the economics of building?
• Own the vision for how Flagstone builds, buys, and operates internal technology, and make the case for change where the evidence supports it
• Lead the IT function: end-user computing, device management, network infrastructure, and internal tooling for a hybrid workforce

• A hands-on background in information security, where you've built or scaled a security programme, not just inherited one
• Real experience owning both IT and security, with the judgement to know when to be strategic and when to roll your sleeves up
• ISO 27001 implementation or programme ownership experience
• Genuine enthusiasm for AI and how it's changing the way businesses operate - you use the tools yourself, you follow the space, and you have a credible point of view on where it's going
• Working knowledge of AI governance, with the intellectual curiosity and learning velocity to develop it fast
• Director level people leadership across multi disciplinary teams, with the presence to operate at board level and with regulators
• Commercial instinct on build-vs-buy - you understand total cost of ownership and when building creates durable advantage
• Experience in a regulated environment, ideally fintech, payments, or financial services would be preferred

We're deliberately open on background for this one. Whether you've come up through InfoSec, IT, engineering, or a combination of all three. What matters is that you've been close to the work, you've built things, and you're genuinely excited about where AI is taking internal technology.

We'd love to hear from people who have worked in product led, regulated businesses where the pace is fast and the remit is broad. If your profile doesn't tick every box but the role sounds like the right challenge, please apply anyway.

At Flagstone, the benefits extend beyond false gifts like "fruit and snacks". Instead, we invest in your health, wealth, and professional development. Here's a selection of our benefits:

• Hybrid working - Spend at least 1 day a week with your team in our collaborative London office
• Competitive bonus scheme - designed to reward and recognise high performance
• Flexible benefits budget - a pot to fund meaningful benefits for you, whether it's hormone or fertility testing, cancer screening, neuro-diversity coaching or something that matters for you.
• A range of salary sacrifice options to help you make tax efficient savings on electric cars, nursery schemes, home and tech goods.
• Around the World scheme - 3 months work from anywhere scheme
• Mental wellbeing support – Access therapy and mental health sessions through Spill
• Learning and development – £1,000 personal development budget to help you grow in your role.
• Private health care - Enjoy all the benefits AXA has to offer, including reduced gym memberships and medical history disregarded
• Medical cash plan - To help you with the costs of dental and optical expenses
• Life insurance and Income Protection- four times your annual salary for peace of mind
• Matched pension contributions up to 5%
• 25 days holiday - plus bank holidays, well-being days and volunteering days
• Enhanced Parental Leave – enhanced maternity, paternity and adoption pay.  

At Flagstone, we're assembling a diverse team that defies our industry's norms. Think this role could suit you? We encourage you to apply, no matter your background.

#LI-Hybrid