Role overview
- You'll own the day-to-day security operations of our corporate and cloud environments: hands-on, execution-focused work securing the tools, endpoints and infrastructure our teams rely on.
- You'll implement and maintain our security posture across our productivity suite, device fleet, VPN and identity stack and cloud environment.
- This is a build-and-harden role for someone who likes getting into the weeds. As you grow into it, there's a clear path toward owning the security function more broadly.
What you'll do
Corporate & endpoint security
- Administer and harden our identity and access stack, including password management and VPN/network-access tooling.
- Configure and enforce device policies through mobile device management - disk encryption, screen-lock, patching baselines, app control and compliance rules across the fleet.
- Manage endpoint protection and keep patching and vulnerability remediation on a predictable cadence.
- Harden our productivity and collaboration suite: access controls, 2FA/MFA enforcement, admin roles and data-sharing/DLP settings.
- Own onboarding/offboarding from a security angle - provisioning, de-provisioning and access reviews.
Cloud security
- Harden our AWS environment: IAM policies and least-privilege access, account and organisation guardrails, security groups and network segmentation.
- Implement and monitor logging and detection
- Manage secrets, key management and encryption at rest and in transit.
- Review infrastructure changes for security impact and work with engineering to close gaps.
Testing & assurance
- Run internal and continuous security testing: vulnerability scanning, configuration audits and attack-surface reviews.
- Conduct hands-on internal penetration testing against our own systems where appropriate.
- Scope, coordinate and manage external penetration-test vendors for formal independent assessments, then track and drive remediation of findings.
- Maintain security documentation, run tabletop exercises and support our compliance and audit obligations.
What we're looking for
- Proven hands-on experience in security operations, IT security or cloud security engineering - someone who has actually configured MDM, hardened AWS, and administered identity tooling, not just written policy about it.
- Solid working knowledge of Cloud security services and cloud hardening.
- Comfortable across at least one MDM platform, a VPN/ZTNA solution and a password-management tool.
- Practical familiarity with vulnerability scanning and penetration-testing tools and methodologies.
- Scripting ability (Python, Bash or similar) for automation.
- A methodical, ownership-driven mindset - you close loops and document as you go.
What we offer
-
- Semi remote-friendly setup with flexibility built around outcomes and business priorities.
- Strong ownership culture: you’ll ship meaningful systems and keep improving them after launch - no “throw it over the wall.”
- Education budget for courses, certifications, conferences, and learning resources.
- Team lunch once per week (on us).
- Monthly gym allowance.
- Private health insurance.
- Collaborative environment: you’ll work closely with technical and non-technical stakeholders and with clear communication.
Contact us to apply
If you are a proactive and motivated individual who thrives in a fast-paced environment, we invite you to apply