Define and maintain security standards, guardrails, and controls across tails.com.
Ensure standards are clear, pragmatic, and consistently applied across teams.
Align controls to recognised frameworks (e.g. ISO 27001, PCI-DSS, GDPR).
Embed security expectations through collaboration and enablement.
Promote secure-by-design principles across delivery lifecycles.
Provide oversight to ensure controls remain effective and proportionate.
Partner with engineering, infrastructure, data, and business teams to embed security requirements.
Provide practical guidance to help teams implement secure patterns independently.
Collaborate with Nestlé Cyber, leveraging SOC intelligence, tooling, and insights.
Lead assurance activities and support audits with clear, accurate evidence.
Conduct risk assessments, identify gaps, and track remediation to closure.
Translate central insights into local actions and ensure accountable ownership.
Support incident response through structured analysis and hands-on validation where needed.
Deliver targeted communications and training to improve security awareness.
Review and evolve standards and practices to stay effective and business-aligned.
Improve automation, efficiency, and consistency across governance and assurance activities.
Monitor emerging threats and technologies, updating guidance as required.
Drive measurable improvements through maturity tracking and regular review cycles.
Contribute to the ongoing development of the tails.com cyber security function.
Requirements
Experience in cyber security, security engineering, or security governance roles.
Strong knowledge of security frameworks (ISO 27001, NIST CSF, CIS, PCI-DSS, GDPR).
Understanding of secure design, cloud security, and infrastructure security patterns.
Experience defining, assessing, or assuring security controls and standards.
Familiarity with SOC operations, threat intelligence, and incident response.
Ability to translate technical risk into clear, actionable requirements.
Basic scripting or automation skills (e.g. Python, Bash, PowerShell).
Strong written and verbal communication skills across technical and non-technical audiences.
Relevant certifications beneficial but not required.
Tech Stack
Cloud
Cyber Security
Python
Benefits
Competitive salary, reviewed annually
Annual bonus, based on company performance
Flexible core hours, giving you true work life balance
Hybrid role to ensure this role works for you
We expect employees to have a conducive remote working environment (including an appropriate desk and adjustable chair) available for their start date.
25 days of holiday (excluding bank holidays) which increases over time to a max of 27 days
9/10 day working week to enhance your wellbeing without a reduction in pay and leave allowance
Optional 5 days unpaid leave and 1 paid volunteer day each year
When you need a change of scenery, you can work from abroad 2 weeks every 6 months
Health insurance for you, paid by Tails.com
Extended maternity, paternity, shared parental and adoption pay. 6 months at 70% pay
Flexible paid care leave to support immediate dependants, people close to you and pets
In house L&D team, with access to year round courses to help drive your development