Information Security Engineer

Information Security Engineer

We are seeking an Information Security Engineer to help drive enterprise-level information security initiatives and embed information security across our operations.

Role Overview

In this role, you will design, implement, and maintain robust security infrastructure and controls to protect the organization's computer networks, systems, and data from cyber threats. You will build and manage security tools, conduct vulnerability assessments, and respond to security incidents. You will also advise the business on cyber security matters. This is primarily a remote position, with occasional in-person responsibilities held at our Bristol, UK office.

Ideal Candidate

The ideal candidate is an experienced security specialist who:

• Blends technical skills with business awareness
• Comfortable working across multiple areas of security and excited to learn more
• Has some familiarity with compliance (PCI, GDPR) and protection (NIST and ISO 27001) frameworks
• Partners cross-functionally to drive security, automation, and continuous improvement
• Communicates effectively across technical and non-technical stakeholders
• Evangelizes a proactive security culture organization-wide

Key Responsibilities

System Design & Implementation

• Design and deploy secure, scalable and reliable security tools

Monitoring & Threat Detection

• Monitor systems for security incidents
• Analyze and troubleshoot alerts
• Tune alerting systems

Incident Response

• Respond to security incidents
• Conduct investigations and coordinate cross-functional response
• Identify vulnerabilities and/or gaps in security posture
• Coordinate and track remediation of any issues identified

Vulnerability Management

• Perform regular vulnerability assessments
• Identify and remediate weaknesses
• Implement and maintain controls aligned with internal standards

Penetration Testing

• Coordinate the company’s penetration tests with internal and external stakeholders
• Identify, surface, and track issues with the relevant system owners

Automation & Scripting

• Develop scripts to automate security tasks and improve efficiency
• Identify processes where automation can be leveraged to create efficiencies

Security Awareness & Training

• Educate internal teams on security responsibilities, procedures, and controls
• Help select appropriate security training modules
• Track completion of training requirements

Cross-Functional Collaboration & Enablement

• Contribute to creation and updates of security policies and procedures
• Engage with stakeholders across Engineering, Product, Legal, and other departments