Key skills
AWSCloudLeadershipRisk ManagementDecision Making
About this role
Role Overview
- Compliance & Audit Leadership: Support the maintenance of our compliance frameworks, specifically ISO 27001 and SOC2 Type II. You will need to be comfortable being a primary point of contact for external auditors.
- Client Assurance: Own the end-to-end process for Client Audits and Security RFIs, translating our complex technical controls into clear, professional, and digestible responses for stakeholders.
- Cloud Governance: Apply a GRC lens to our cloud environment, ensuring that our AWS infrastructure aligns with best practices (CIS benchmarks) and triage alerts in line with our internal risk appetite.
- Incident Management & Triage: Monitor security tools and act as a first-to-second responder for alert triage. You’ll manage the lifecycle of security incidents, from discovery to post-mortem.
- Third-Party Risk Management: Conduct thorough due diligence on suppliers, integrations , ensuring our supply chain meets our rigorous security standards.
- Risk-Based Decision Making: Conduct risk assessments across the business, providing actionable advice that balances security requirements with operational efficiency.
- Security Automation: Identify opportunities to automate manual GRC and SecOps tasks to increase the team's velocity.
Requirements
- 3-5 years experience in Information Security, with a proven track record in a ‘full stack’ security or GRC role
- Experience triaging alerts (CSPM/SIEM/EDR), incident management and a foundational understanding of cloud native security tools
- You enjoy creating processes where none exist and can move from "problem identified" to "solution implemented" independently.
- You’ve led SOC2 or ISO27001 audits and know how to manage evidence collection, auditor expectations and communicate to stakeholders effectively.
- Relevant certifications are a plus (CISA, CISSP), but we value functional experience and the ability to apply security principles to real-world business problems above all else.
Tech Stack
- AWS
- Cloud
Benefits
- Share Options
- 20 days of PTO per year + public holidays
- 3 volunteer days to use for any charitable/voluntary cause you would like.
- A top-tier private health insurance package.
- 401k contribution plan
- Work from home stipends
- A personal learning and development budget through Learnerbly. You’ll be supported in your quest for knowledge, whatever that looks like to you.
- globally consistent parental leave approach
- Employee Referral Scheme.
- multiple Cutover mental health initiatives, from fully subsidized therapy sessions to subscriptions to leading wellbeing platforms.