At a Glance
- Tasks: Lead security for our innovative Greenfield Product and ensure it's enterprise-ready.
- Company: Join a forward-thinking tech company focused on cutting-edge security solutions.
- Benefits: Competitive salary, flexible work options, and opportunities for professional growth.
- Other info: Fast-paced environment with a small, senior team and excellent career advancement.
- Why this job: Make a real impact in security while working with the latest technologies.
- Qualifications: Hands-on security engineering experience and strong AWS knowledge required.
The predicted salary is between 60000 - 80000 Β£ per year.
Responsibilities Be the internal security lead on our Greenfield Product with full access to source code, cloud infrastructure, and configurations.
Ensure the product is enterprise-ready before customers go near it.
Work alongside the Greenfield Product hardening squad for collaboration.
Act as day-to-day counterpart to external security and pen test partners.
Build and implement controls, not writing recommendations for others to action.
Own AWS security posture including account structure, IAM, RBAC, logging, and monitoring.
Manage SOC 2 Type II controls and evidence for the Greenfield Product on AWS.
Handle application-level hardening including authentication, API rate limiting, web security headers, etc.
Manage penetration test engagements with external firms, triaging findings, and closing them rapidly.
Put automated processes in place for continuous security validation.
Ensure data residency requirements are met for US and UK law firm customers.
Qualifications Deep, hands-on security engineering experience, building and implementing controls, not just advising Strong AWS security knowledge: IAM, account structure, Well-Architected Framework, Cloud Trail, Guard Duty, Config, Security Hub Driven a real SOC 2 Type II engagement: controls, evidence collection, and audit preparation, not just policy documentation Application security experience: auth, RBAC, common web vulnerabilities, ability to implement fixes directly in code and config Managed external pen test engagements: scoping, triaging findings, and closing them Comfortable working at pace with minimal hand-holding in a small, senior team Available immediately or within days, not weeks. #J-18808-Ljbffr