IT - Systemadministrator managing physical security systems and multimedia solutions. Administration, support, and project involvement in multimedia and surveillance technologies in Roding.
About the role
- As a Staff Security Engineer, build hx's security function while integrating security into engineering workflows. Collaborate across teams to ensure secure architecture and compliance.
Responsibilities
- Build hx's security programme from the ground up, setting direction for security architecture, compliance, and incident response as we scale globally.
- Design and implement security controls across AWS cloud infrastructure, Kubernetes workloads, and our multi-product platform, ensuring systems are secure by design.
- Integrate security into engineering workflows by embedding automated security testing, vulnerability management, and threat detection into CI/CD pipelines without slowing teams down.
- Lead or contribute to compliance initiatives (SOC2, ISO27001) by implementing technical controls and working cross-functionally with legal, engineering, and business teams to enable enterprise sales.
- Build security automation and tooling by writing code and scripts that scale security practices, detect vulnerabilities, and enforce policies efficiently.
- Partner with Engineering Managers, Principal Engineers, and Product Managers to embed security thinking early in design and architecture decisions.
- Act as a trusted voice in critical moments: responding to incidents, unblocking teams on security questions, and keeping high-stakes initiatives secure and on track.
- Assess and secure AI-powered systems across hx's platform, implementing controls that enable safe adoption of AI while mitigating risks like prompt injection, data leakage, and model vulnerabilities.
Requirements
- Built or significantly contributed to security programmes from the ground up, establishing foundational security controls, compliance readiness, and incident response capabilities.
- Designed and implemented security architecture for cloud-based distributed systems (AWS or equivalent), including multi-account strategies, identity and access management, network security, and data protection.
- Driven technical security improvements by writing code, building tools, and implementing controls that scaled with company growth.
- Integrated security into development workflows through DevSecOps practices including automated testing, secrets management, container security, and infrastructure-as-code security.
- Led or supported compliance initiatives (SOC2, ISO27001, GDPR, or similar), mapping technical controls to compliance requirements and guiding teams through audit cycles.
- Built trust with engineering teams by contributing technically and making security collaborative and frictionless.
- Balanced security rigor with business goals, making risk-based trade-offs that enabled growth while protecting customers and the business.
- Evaluated security implications of AI/ML systems, including understanding AI-specific risks and implementing controls to secure them.
Benefits
- £5,000 training and conference budget for individual and group development.
- 25 days of holiday plus 8 bank holidays (33 days total).
- Company pension scheme via Penfold.
- Mental health support and therapy via Spectrum.life.
- Individual wellbeing allowance via Juno.
- Private healthcare insurance through AXA.
- Income protection and Life Insurance.
- Cycle to Work Scheme
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Security Officer performing patrols, emergency response, and customer service at Climax Molybdenum. Managing site security and assisting with emergency situations at various locations.
Security Officer leading safety inspections and facility patrols at Crown Equipment Corporation. Assigning duties and responding to security incidents efficiently.
Security Officer overseeing safety inspections and personnel training for Crown Equipment Corporation. Responsible for monitoring facilities and responding to security incidents.
Manager of Security Risk at Grainger overseeing Information Security Risk team and managing security risk programs. Focused on regulatory compliance, leadership, and risk assessment integration.
SAP Security GRC Consultant involved in designing and implementing security architectures for Swiss clients. Collaborating with project teams on compliance and security solutions.
Senior Consultant with Wavestone providing SAP Security and IAM solutions in Switzerland. Collaborating on security architectures and supporting clients on SAP security transformations.
Network Security Engineer ensuring secure, highly available enterprise network systems with a focus on collaboration and technical excellence. Involves designing and implementing networking solutions.
Security Manager at Leonardo focusing on cyber compliance and risk management across OT and IT frameworks. Supporting clients in strategic initiatives and infrastructure assessments.
Senior Analyst leading cybersecurity governance initiatives at Elsevier. Developing and maturing governance programs for data protection and risk management across the organization.