Working Student in Information Security at Allianz Direct supporting security monitoring and managing vulnerability assessments. Collaborating with cross - functional teams to enhance cybersecurity posture and awareness.
About the role
- As a Staff Security Engineer, build hx's security function while integrating security into engineering workflows. Collaborate across teams to ensure secure architecture and compliance.
Responsibilities
- Build hx's security programme from the ground up, setting direction for security architecture, compliance, and incident response as we scale globally.
- Design and implement security controls across AWS cloud infrastructure, Kubernetes workloads, and our multi-product platform, ensuring systems are secure by design.
- Integrate security into engineering workflows by embedding automated security testing, vulnerability management, and threat detection into CI/CD pipelines without slowing teams down.
- Lead or contribute to compliance initiatives (SOC2, ISO27001) by implementing technical controls and working cross-functionally with legal, engineering, and business teams to enable enterprise sales.
- Build security automation and tooling by writing code and scripts that scale security practices, detect vulnerabilities, and enforce policies efficiently.
- Partner with Engineering Managers, Principal Engineers, and Product Managers to embed security thinking early in design and architecture decisions.
- Act as a trusted voice in critical moments: responding to incidents, unblocking teams on security questions, and keeping high-stakes initiatives secure and on track.
- Assess and secure AI-powered systems across hx's platform, implementing controls that enable safe adoption of AI while mitigating risks like prompt injection, data leakage, and model vulnerabilities.
Requirements
- Built or significantly contributed to security programmes from the ground up, establishing foundational security controls, compliance readiness, and incident response capabilities.
- Designed and implemented security architecture for cloud-based distributed systems (AWS or equivalent), including multi-account strategies, identity and access management, network security, and data protection.
- Driven technical security improvements by writing code, building tools, and implementing controls that scaled with company growth.
- Integrated security into development workflows through DevSecOps practices including automated testing, secrets management, container security, and infrastructure-as-code security.
- Led or supported compliance initiatives (SOC2, ISO27001, GDPR, or similar), mapping technical controls to compliance requirements and guiding teams through audit cycles.
- Built trust with engineering teams by contributing technically and making security collaborative and frictionless.
- Balanced security rigor with business goals, making risk-based trade-offs that enabled growth while protecting customers and the business.
- Evaluated security implications of AI/ML systems, including understanding AI-specific risks and implementing controls to secure them.
Benefits
- £5,000 training and conference budget for individual and group development.
- 25 days of holiday plus 8 bank holidays (33 days total).
- Company pension scheme via Penfold.
- Mental health support and therapy via Spectrum.life.
- Individual wellbeing allowance via Juno.
- Private healthcare insurance through AXA.
- Income protection and Life Insurance.
- Cycle to Work Scheme
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Enterprise Security Implementation Specialist at Vodafone supporting customers in implementing security solutions. Responsibilities include onboarding, incident management, and ensuring service quality with Fortinet and Zscaler products.
Cyber Security Specialist at Vodafone responsible for shaping and deploying security measures. Collaborating with business, IT, and Network teams as a trusted security partner.
Manager at PwC contributing to digital transformation in Utilities through technology consulting and stakeholder management. Focused on creating strategies and providing technology solutions in a data - driven world.
Research Associate conducting advanced research in iOS security within a leading institute for applied cybersecurity. Emphasis on secure application development and vulnerability analysis.
Cybersecurity Engineer focused on threat monitoring and incident response for Verizon's network security. Collaborating on security architecture and vulnerability management across multiple locations.
Senior Manager of Application Security leading initiatives to protect applications at Nordstrom through strategic leadership and AI - driven tooling. Collaborating with engineering to ensure secure software development practices.
Information Security Engineer responsible for deploying and supporting security tools across cloud and on - premise systems. Collaborating with IT to mitigate security risks in a hybrid work environment.
Casual Retail Security Officer for MSS Security ensuring safety at Tweed Mall in Tweed Heads. Responsible for patrols, incident response, and customer service.
Financial security advisor at Desjardins developing client relationships and selling life and health insurance products. Focusing on customer satisfaction and personalized financial solutions.