The client

They aim to build software to enable the safe and ethical use of valuable data for both analytics and machine learning. Working with a variety of large organisations around the world, in sectors as varied as financial services, pharma and telecommunications, they enable these businesses to get the most out of their data without compromising on privacy or security.

 

How does their platform work?

Most insights that are valuable to organisations stem from analysing sensitive data. This company’s product enables analysts and data scientists to find, understand and share useful datasets. By maximising the utility of the data and expanding its safe access, organisations can improve insights to prevent money laundering, improve sales and enhance research models through data sharing and enable cloud migration technologies.

The role

What will I be doing?

To summarise quickly, you’d be working across three streams – compliance, cloud and pre-sales. Here’s a bit more info:

• Ensuring new architecture components are designed with best security practices.
• Own initiatives aimed at implementing and automating security controls, reducing risk, establishing a security-first culture, adopting a secure code development practice and providing technical leadership for security.
• Drive application security best practices across the engineering teams.
• Work closely with Software Engineers and SRE’s to make sure their products are secure throughout the SDLC.
• Lead or respond to security investigations as necessary and conduct Product Security training and workshops.
• Engage with customers and partners and communicate their feedback to relevant parts of the company.
• Transform security from siloed practices to everyone’s responsibility by integrating security activities into development routines and processes.

 

What background will I have?

• A good understanding of business needs and objectives, as well as the ability to drive change and take initiative. You’ll also be able to educate and explain complex concepts in layman’s terms.
• Knowledge and experience within InfoSec, Application Security (think OWASP) and Cloud Security.
• A strong technical background in large-scale multi-tenant and container based cloud environments, as well as being comfortable with large codebases that are using multiple languages and infrastructure as code.
• A solid understanding of Agile development and systems thinking.
• Experience in defining a strategy to follow and adopt across multi-role teams.
• Ideally have worked to achieve and maintain compliance with the likes of SOC2 and ISO27001.

Bonus points if you’re comfortable delving into code when needed, review pull requests and stay close to the team’s work. It would also be great if you have experience implementing and designing security controls for cloud.

The candidate

What’s in it for me?

They’re offering a salary of up to £110K, as well as 30 days holiday (plus bank holidays). They’ve also recently introduced the freedom to work from anywhere in the world for a month, as well as matching pension contributions up to 5% and giving stock options within the company. They’ve a flexible working culture and would be looking for people to pop into the office once or twice a week ideally, though can flex on this for the right person. They also offer 20 weeks full pay maternity, and 12 weeks full pay paternity.

On top of the above there’s your more standard benefits, such as a laptop, phone and equipment, sickness, critical illness, worldwide travel and life insurance, a bike to work scheme and regular socials.