Information Security Engineer (CISO track)
New
United Kingdom, CET timezone or closeFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years in security engineering or security-heavy infrastructure work
- Required Skills
- AWSPythonTerraform
Requirements
- 5+ years of experience in security engineering or security-heavy infrastructure roles.
- Deep technical proficiency in AWS security (IAM, SCPs, logging, detection, encryption).
- Strong automation skills using Python and Terraform.
- Proven experience with SOC 2 compliance, ideally including Type II audits.
- Working knowledge of privacy legislation.
- Experience or strong interest in financial-services sector security requirements.
- Ability to assess and build controls for LLM security risks.
- Strong judgment in balancing technical security risks with business needs.
- Excellent written communication skills for documentation and remote collaboration.
- Ambition and professional maturity to grow into an executive leadership role.
Responsibilities
- Manage AWS infrastructure security, including IAM, network segmentation, encryption, and logging/detection.
- Integrate security into the development pipeline through secrets management, dependency scanning, and threat modeling.
- Automate compliance evidence collection, security alerting, and IaC guardrails.
- Lead incident response and vulnerability management, including developing and testing runbooks.
- Establish security policies for AI and LLM usage, focusing on risk assessment and data protection.
- Own the SOC 2 compliance process, including control design and auditor interactions.
- Handle regulatory requirements such as GDPR, CCPA, DORA, and EBA guidelines.
- Conduct customer security reviews, including due diligence questionnaires and RFP responses.
- Oversee vendor risk management and internal security awareness training.
View Full Description & ApplyYou'll be redirected to the employer's site