Head of IT and InfoSec

As we continue to innovate, we are looking for a talented Head of IT and InfoSec to join our growing team. You’ll be responsible for our IT and InfoSec strategy and focus on creating a secure, resilient environment that aligns with our business goals. You’ll manage the day-to-day operations related to IT infrastructure, information security, risk management, and compliance. You’ll be strategic and hands and will lead a small IT Operations team. You’ll join us during a period of exciting growth, secure long-term investment, and a new leadership team onboard. If you are skilled in navigating and supporting business change whilst ensuring operational excellence across IT and InfoSec, we’d love to hear from you. Ready for a reset? Join us at Gumtree!

Location: London, hybrid working applies with circa 2 to 3 days in the office.

About the role:

As a Head of IT & InfoSec you’ll be responsible for ensuring our systems and tooling meet the needs of a fast growth tech scale up. You’ll report directly to the CPTO and provide leadership across IT operations, infrastructure, security strategy and roadmap, architecture and governance, and operational excellence whilst owning the IT/InfoSec budget. You’ll also set up and manage the IT/InfoSec risk register and report on any associated risks. You’ll be an inspirational leader, mentor and coach, helping us to build a high-performing team that remains current with emerging IT and security trends and technologies. Day to day you’ll oversee all essential IT Operations including cloud services, operating systems, servers, email systems, laptops, and desktops . You’ll also ensure security practices, including OWASP top 10 guidelines, are integrated into the software development lifecycle as well as undertake penetration testing and vulnerability management. This includes running our Bug Bounty Program. Additionally, you’ll own and maintain the business continuity and disaster recovery plans, ensuring regular testing and updates to align with evolving threats and business needs.

Gumtree is an equal opportunities employer, valuing diversity and is strongly committed to providing equal employment opportunities for all employees and all applicants.

What’s in it for you?

• An exciting opportunity to join Gumtree as we embark upon a journey of growth and transformation. Operational excellence across IT and InfoSec will be a key enabler.

• A business with purpose - we are on a mission to make buying and selling safer, simpler and more enjoyable.

• An exciting Greenfield set up, where you get to build the complete IT/InfoSec strategy and roadmap from ground up.

• Opportunity to transform and innovate. We are a small team of passionate individuals, on a journey to deliver big things. You’ll help us get there.

• An excellent salary and perks including annual bonus, private medical, healthcare plan and more!

What are we looking for?

• A proven background in IT and Information Security leadership roles. This includes comprehensive experience managing security programs, initiatives and tooling within complex environments. Previous experience in a fast growth direct to consumer marketplace or tech scale up is essential.

• You’ll have extensive experience in managing IT infrastructure, including cloud services, applications, servers, laptops, and software combined with strong project management skills across digital transformation programmes.

• You’ll have strong analytical skills, and the ability to identify IT vulnerabilities, recommend solutions, and boost operational efficiency through technological innovation.

• Excellent interpersonal and leadership skills, able to communicate complex IT concepts to non-technical stakeholders and manage a small team of IT professionals including setting up a service desk.

• You’ll have relevant security certifications such as CISSP, CISM, ISO 27001 Lead Auditor/Implementer, or equivalent qualifications.

• Experience in risk & compliance management overseeing compliance with security frameworks and regulations such as ISO 27001, NIST, GDPR, and PCI, and managing internal and external audits.

• Familiarity with ransomware readiness, cyber insurance and managing risks around supply chain attacks is essential.

About us

Gumtree is one of the UK’s most popular online classifieds platforms, connecting millions of people every month to buy, sell, and trade locally. We’re embarking on an exciting transformation to revolutionise this much-loved platform into a cutting-edge, modern marketplace. With a well-known brand and heritage, we’re evolving to provide seamless buying and selling experiences powered by innovative features like integrated shipping, payments, and a comprehensive home services marketplace. This is your opportunity to join a dynamic team at the forefront of reshaping a household name for the digital age. Together, we’re redefining how communities connect and trade, building a platform that’s ready for the future.