Jul 14, 2026

Director of IT & Cloud

Apply Now →
The Director of IT & Information Security is responsible for protecting Thesis SM’s technology assets, data, and infrastructure while enabling seamless IT operations for a globally distributed workforce. This leader will execute the company’s IT and security strategy, ensuring compliance with regulatory frameworks, managing risk, and building a resilient and secure technology environment. The ideal candidate brings strong expertise in enterprise IT, cybersecurity, and compliance, combined with leadership and cross-functional collaboration skills. Proven track record managing enterprise IT operations and cybersecurity programmes in a SaaS or technology environment. Demonstrable experience with compliance frameworks such as ISO 27001, SOC 2, GDPR, and NIST. Strong  background in identity & access management, endpoint security, and  cloud security. Experience managing and scaling IT functions for a remote-first, globally distributed organisation. Relevant certifications such as CISSP, CISM, CISA, or equivalent strongly preferred. Deep knowledge of cloud security (AWS, Azure, GCP), Zero Trust architecture, and data privacy regulations. Lead and execute Thesis SM’s IT and information security strategy, policies, and roadmap. Lead all aspects of IT operations, including infrastructure, end-user computing, and IT service management. Build and manage a comprehensive information security programme, including threat detection, incident response, and vulnerability management. Implement and enforce Thesis's AI security and acceptable use policies, governing shadow AI risk, data classification in AI workflows, and third-party AI vendor assessment. Evaluate AI-augmented threat detection and AIOps capabilities to improve security monitoring efficiency and IT operational reliability. Report on AI risk posture to senior leadership and ensure compliance with GDPR, ISO 27001, SOC 2, and emerging AI regulation across Thesis's operating jurisdictions. Ensure compliance with applicable security and data privacy regulations, including GDPR, ISO 27001, and SOC 2. Conduct and oversee regular security risk assessments, audits, and penetration testing. Collaborate with Engineering and Product teams to embed security best practices (DevSecOps) into the SDLC. Lead security awareness and training programmes across the organisation. Manage vendor relationships for security tools, IT services, and managed security providers. Competitive Base Salary Work from home allowance to contribute towards your monthly bills Annual Discretionary Bonus/Commission Plan Salary Exchange Pension Scheme with 8% contribution from Thesis and 3% minimum employee contribution  Enjoy flexible, trust-based time off to recharge and maintain a healthy work-life balance Private Medical Insurance BHSF Health Cash Plan which allows you to claim back the costs of the excess on Private Medical, various other health benefits such as dental, optical, private prescriptions.   Yu Life Long Term Health Insurance & 4x Base Salary Life Insurance Mortgage Benefit EAP Enhanced Family Leave policies