Intro
Information security is central to earning the trust of our global customers and protecting the data that powers our AI-driven products.
We’re looking for a pragmatic, hands-on security professional to own our information security program. We value strong fundamentals and a willingness to grow and you should be confident in most of the below mentioned areas and motivated to pursue ongoing development.
This role directly reports to the CIO and carries ownership over security strategy, operations, and compliance across our international footprint.
What will you do
- Security Operations:
1. Monitoring and triaging security alerts, coordinating incident response, and seeing issues through to resolution
2. Managing vulnerability scanning and remediation across endpoints, servers, networks, and applications
3. Overseeing cloud security posture across AWS, Azure (and regional equivalents)
4. Owning the security tooling stack: SIEM, EDR, email security, vulnerability scanning, WAF
5. Guiding identity and access management practices, SSO, MFA, privileged access, joiner/mover/leaver processes, and periodic access reviews
6. Providing architecture reviews and security guidance for new systems and infrastructure changes
- Governance & Compliance:
7. Maintaining and evolving our ISO 27001 certification
8. Coordinating external audits and penetration tests
9. Developing and maintaining security policies, standards, and operational playbooks
10. Tracking risks and driving remediation across the organization
11. Running security awareness training to build a strong security culture
- Client & Stakeholder Engagement:
12. Completing security questionnaires and vendor assessments for customers
13. Supporting sales on security-related RFPs and client conversations
14. Communicating security updates, policy changes, and required actions clearly across all locations
What do we expect
15. At least 3 to 5 years in information security with hands-on technical work
16. Solid incident monitoring and response experience and triaging alerts and managing incidents end-to-end
17. Working knowledge of cloud security in at least one major platform (AWS, Azure, or GCP)
18. Familiarity with ISO 27001 or SOC 2 programs
19. Experience with vulnerability management and security monitoring tools
20. Self-starter mindset, comfortable working independently and driving initiatives
21. Clear communicator who can translate security topics for IT, engineering, business, and customer audiences
22. Comfortable to visit other locations once or twice per year
23. Relevant certifications such as CISSP, CISM, or cloud security specialties is a plus
24. Experience in multi-site or multi-region security is considered an advantage
25. Background in SaaS, deeptech, or product-led technology companies is beneficial
26. Exposure to DevSecOps practices or infrastructure-as-code is considered a plus
Our offer
27. Competitive remuneration package
28. Team building events and company activities
29. Opportunities for professional development
30. Free car parking
For this position we only consider direct applications via our platform.