Omaze
Online Retail
HeadofSecurity
Neural analysis suggests this role is
optimal for Director candidates.
“Head of Security at Omaze. Skills: End-to-end security posture ownership, Company-wide security strategy building, ISO 27001 certification leadership, Information Security Management System (ISMS) establishment, GDPR and data protection program design, Incident response planning and execution, Security risk management and reporting. Owning Omaze’s security posture end-to-end across AWS, SaaS platforms, and employee devices. Building and delivering a company-wide security strategy aligned to our ”
What You'll Achieve.
Growth; IPO readiness; Regulatory landscape; Investor scrutiny; ISO 27001 certification; Significant social impact on a global scale
Industry & Context.
Pragmatic — know how to prioritise and deliver impact without overcomplicating things
What They're Looking For.
Must Have
Senior security leadership role (Head of, Director, or similar), Experience in building security programmes from scratch, Successfully led or been deeply involved in ISO 27001 certification, Understand the realities of GDPR and data protection in a consumer-focused business, Worked in environments preparing for major milestones like IPO, enterprise expansion, or regulatory scrutiny, Confidently communicate with senior stakeholders, including execs, investors, and auditors, Pragmatic — know how to prioritise and deliver impact without overcomplicating things, Naturally collaborative and can influence across Engineering, Product, Legal, and beyond
Nice to Have
Ideally in a high-growth or scaling tech environment, Care about building something meaningful and want to have a real impact on how we scale
What You'll Do.
Owning Omaze’s security posture end-to-end across AWS
Building and delivering a company-wide security strategy aligned to our growth
and regulatory landscape
Leading our ISO 27001 certification journey
including gap analysis
Establishing and embedding a robust Information Security Management System (ISMS)
Designing and implementing a formal GDPR and data protection programme
Defining and owning our incident response plan — and leading response during security events
Working with IT in MDM processes and strengthening endpoint security across the business
Conducting security reviews across our infrastructure and tooling (AWS
Owning relationships with external partners (e. g. auditors
Bringing clarity and visibility to risk through regular board-level reporting
Building a security culture through awareness
and practical guidance
Laying the foundations for a future security team
How You'll Work.
Team & Collaboration
Collaborate across Engineering, Product, Legal, and beyond; Working with IT in MDM processes; Owning relationships with external partners (e. g. auditors, pen testers, security vendors)
Communication Scope
Confidently communicate with senior stakeholders, including execs, investors, and auditors; Board-level reporting
Process & Methodology
Roadmap creation, Delivery
Full Job Description
Who We Are: At Omaze, we give our community in the UK and Germany the chance to win luxury homes and other life-changing prizes — all while raising money for the causes they love. Thanks to our Omaze Community, we’ve raised over £100 million for UK charities in just five years. That’s millions helping organisations like Age UK, the RSPCA, British Heart Foundation and Great Ormond Street Hospital Charity deliver life-saving work. And the best part? We’re only just getting started. Omaze is building a business and culture committed to growth and creating significant social impact on a global scale. 🔑 ABOUT THE JOB We’re looking for a Head of Security to take ownership of Omaze’s end-to-end security posture at a pivotal moment in our growth. As we scale, expand into new territories, and mature our operational foundations, security is moving from a shared responsibility to a critical, business-wide priority. Right now, it sits across Engineering and IT — but we need a dedicated leader to bring it together into a clear, structured, and scalable programme. This is a rare opportunity to build a security function from the ground up. You’ll define our strategy, implement the right controls, and establish the frameworks we need to support our next stage — from ISO 27001 certification to investor scrutiny. You’ll be just as comfortable operating at board level as you are rolling up your sleeves to get things done. At Omaze, everyone is hands-on — including our exec team — and this role is no exception. 🔧 WHAT YOU’LL BE DOING - Owning Omaze’s security posture end-to-end across AWS, SaaS platforms, and employee devices - Building and delivering a company-wide security strategy aligned to our growth, IPO readiness, and regulatory landscape - Leading our ISO 27001 certification journey, including gap analysis, roadmap creation, and delivery - Establishing and embedding a robust Information Security Management System (ISMS) - Designing and implementing a formal GDPR and data prot
Applying for this Head of Security role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Ashby
- Ashby is a fast modern ATS — most applications take under 3 minutes.
- The resume parser is strong; verify parsed experience dates and job titles.
- Custom screening questions are often scored algorithmically — answer completely.
- Location field affects geo-based screening; use your actual metro area.
ANONYMOUS · UNFILTERED
What do employees actually say about Omaze?
Real rants from real employees. Read before you apply.