Job Description

Our mission is to make meaningful learning a part of your everyday . The shelf life of our skills is now less than 5 years. So, if you stopped learning today, your skills would soon be irrelevant. Think that's a big problem? You'd be right.


Enter HowNow. Founded in 2019, our Learning and Skills Platform is disrupting the way people learn and upskill through technology. Whether it's finding a quick answer, learning skills or tapping into shared knowledge, we make it easy for people to learn what they need, when they need it.


Already used by fast-growing scale-ups and global enterprises, such as the UK Government, Investec, and Trainline, we're pushing the boundaries of how people learn. Plus we've just raised 9M in funding to fuel the next phase of our journey.


Hi I'm Kuvera, the COO at HowNow I'm looking for an Information Security Lead to join us. As our first InfoSec hire, you will be our subject matter expert, guiding our fast-growing Learning Tech SaaS platform with your practical knowledge on everything security related. You'll be responsible for identifying, assessing, and mitigating risks for the business, as well as developing processes and controls to support our commercial, engineering and product teams.


Alongside the opportunities to develop and grow your career, we're a fun and friendly bunch. Have a watch of the video below to get an understanding of what it's like to work here.

Day-to-day tasks will include

Security Ownership & Leadership:

Own and lead HowNow's information security function, working cross-functionally to align with business needs. Maintain and evolve our ISO 27001 certification and manage the ISMS lifecycle.

Governance, Risk & Compliance:

Perform regular risk assessments, manage remediation plans, and conduct internal audits. Ensure compliance with data protection laws (e.g., GDPR) and customer security requirements.

Policies, Processes & Training:

Create and manage information security policies, standards, and procedures. Deliver internal training, onboarding, and awareness programs to promote secure behaviours.

Security Operations:

Work with engineering and DevOps to implement security controls across infrastructure (e.g., access control, encryption, logging). Lead the incident response process and manage third-party pen testing and vulnerability management.

Customer & Vendor Security:

Support security questionnaires, RFPs, and due diligence for customer deals. Review third-party vendors and tools for security posture and risks.

The key things that we will be looking for in applicants

3-5 years of hands-on experience in an information security or IT risk/compliance role Experience working at a SaaS company or fast-paced startup/scale-up Good working knowledge of ISO 27001 and experience maintaining or achieving certification Understanding of cloud environments (AWS preferred) and common SaaS security risks Hands-on knowledge of endpoint protection, SIEMs, DLP, identity and access management (IAM), and SSO Clear understanding of data privacy laws (especially GDPR) Familiarity with security tooling (e.g., endpoint protection, SSO/IAM, monitoring/logging, vulnerability scanning) Experience with risk assessments, incident response planning, and writing security policies Strong communication skills, with the ability to explain security to both technical and non-technical teams

What you'll get:

Our salaries are calculated using a SaaS benchmarking tool called (Figures). The salary band for this role is 60,000-75,000 per annum. You'll also receive a 10% performance based bonus on top.


Hybrid working (2x a week in our London office, Tuesdays and Thursdays) and flexible working hours


Work From Anywhere, for up to two weeks per quarter, which you can read about here


Wind-down Fridays. No meetings from 2pm onwards on Fridays, for you to wind down for the weekend. Our HowNow'ers use this time to exercise, study, or spend some time with their family and friends, which you can read about here


Enhanced maternity and paternity policies which you can read about here





25 days holiday, plus bank holidays and your birthday day off


An enhanced employee pension scheme


?? Private health insurance through Bupa


An annual 500 learning and development budget


Dog friendly offices - we love our pets!


Monthly socials, which have included mini-golf, Hijingo, shuffleboarding, 5-a-side football and Badminton


Access to the very best learning platform out there (HowNow+) to keep you at the top of your game


Cycle to Work scheme


Financial wellbeing support via Mintago, which includes access to Yellownest where you can receive up to 47% off childcare.

What's next?

Once you've applied, we'll get back in touch with you. This is usually within the next 3 working days. Sometimes it can take slightly longer, but we will get back to you as soon as we can, regardless of what the outcome of your application is.


1. You'll be invited to a 30-minute video call with Lizzie, our Senior People Partner.


2. A 45 minute interview with Kuvera (COO & Co-Founder) covering your technical skills and experience in more depth


3. You'll deliver a short-task back, detailing how you'd tackle a risk assessment and mitigation plan, compliance and governance, and penetration testing. This will be presented to Kuvera, Ashish, our CTO, and Anil, our Senior Project Manager.