Information Security Engineer

KX software powers the time-aware, data-driven decisions that enable fast-moving companies to outpace competitors, realizing the full potential of their AI investments. The KX platform delivers transformational value by addressing data challenges related to completeness, timeliness and efficiency, ensuring companies understand change over time and can achieve faster, more accurate insights at any scale, cost-effectively. KX is essential to the operations of the world's top investment banks, aerospace and defence, high-tech manufacturing, healthcare and life sciences, automotive and fleet telematics organisations. The company has established offices and a robust customer base across North America, Europe, and Asia Pacific.

Overview of the Role

KX is hiring a Senior Security Analyst to serve as a cornerstone of our global security operations. This is a high-visibility role bridging technical security operations, cloud security engineering, and compliance governance. You will act as the primary escalation point for advanced security investigations, orchestrate MSSP services, strengthen our multi-cloud security posture (AWS, Azure, GCP), and ensure alignment with key frameworks including ISO 27001, SOC2 Type 2, and CMMC.

Key Responsibilities

• Act as primary technical point of contact for MSSP/SOC providers, ensuring SLA/SLO adherence.
• Provide Tier 3 escalation support for complex security incidents and lead forensic investigations.
• Own Cloud Security Posture Management (CSPM) across AWS, Azure and GCP.
• Lead the end-to-end vulnerability management lifecycle (including Qualys) and drive remediation.
• Design and deploy security controls across IaaS, PaaS and FaaS environments.
• Implement Zero Trust principles across IAM and network layers.
• Manage Data Loss Prevention (DLP) and encryption strategies.
• Map technical controls to ISO 27001, SOC2 Type 2 and CMMC frameworks.
• Lead audit evidence collection and validation.

Skills

• Advanced SOC / Tier 2–3 incident response expertise
• Strong SIEM, XDR and EDR platform experience
• Deep understanding of AWS, Azure and GCP security controls
• Vulnerability management lifecycle expertise
• IAM, encryption and Zero Trust architecture knowledge
• Ability to communicate security risks to non-technical stakeholders
• Multi-cloud security experience across at least two major providers
• Hands-on vulnerability management ownership
• Experience in regulated environments (SOC2 / ISO 27001 / CMMC)
• CISSP (or equivalent)
• Professional-level cloud security certification (AWS / Azure / GCP)

Preferred Qualifications

• GCIH, GCFA, GCTI or similar incident lifecycle certifications
• OSCP or CREST certification
• Threat hunting or forensic certifications
• Qualys certification

Location & Workplace Type

Hybrid working model based out of the UK.

Why Choose KX

• Data Driven: We lead with instinct and follow fact.
• Naturally Curious: We lean in, listen and learn fast.
• All In: We take ownership, take on challenges and give it our all.

Competitive salary aligned to experience and market standards. Individually tailored training and skills development. Private healthcare package and Employee Assistance Programme. Enhanced maternity and paternity package.