Isomorphic Labs - InfoSec Engineer

• Essential • Essential • Cloud Engineering Proficiency: Deep technical knowledge of cloud platform security (GCP preferred) including Network and VPC design, IAM policy construction, Cloud resources hardening and Cloud native security services. • Cloud Engineering Proficiency: • Analytical Risk Management and Problem Solving: Proficiency in assessing multi-faceted risks and decomposing complex security issues into manageable tasks and providing data-driven recommendations to stakeholders. • Analytical Risk Management and Problem Solving: • Coding Skills: Ability to write small production-grade code (e.g. in Python) and to automate security tasks, build custom tooling, etc. • DevSecOps Tooling: Hands-on experience with Infrastructure as Code (Terraform) and version control systems (GitHub) to manage security configurations. • DevSecOps Tooling: • Container Security: Proven ability to secure containerized workloads (Kubernetes/Docker), focusing on image signing, runtime protection, and orchestration security. • Container Security: • Network Security Fundamentals: Solid understanding of modern networking, including zero-trust architecture, encryption in transit (TLS/mTLS), and API gateway security. • Network Security Fundamentals: • Identities and Access Management: Proficiency in implementing a state of the art IAM strategy both from an organisational and technical standpoints in a multi-tenant cloud environment. • Identities and Access Management: • Collaborative Security Culture: Strong ability to support researchers in AI and Drug Discovery, leveraging excellent listening skills, to provide pragmatic advice that balances high-security requirements with business agility. • Collaborative Security Culture: • Adaptability & Communication: Excellent soft skills with the ability to navigate an ambiguous, high-growth environment and explain technical risks to non-security audiences. • Adaptability & Communication: • Offensive Mindset: Strong understanding of the MITRE ATT&CK framework and the ability to think like an adversary to identify "blind spots" in our defense. • Offensive Mindset: • AI/ML Security Interest: Familiarity with the unique security challenges of an AI first company and other common AI solutions such as LLMs. • AI/ML Security Interest: • Regulated Industry Experience: Prior experience working in BioTech, Pharma where data integrity and regulatory compliance are paramount. • Advanced Security Certifications: Holding industry-recognized credentials such as GSE, OSCP, CISSP or professional-level Cloud Security Engineer certifications. • Advanced Security Certifications: • Application Security (AppSec): Experience with SAST/DAST/SCA tools and a strong understanding of the OWASP Top 10 vulnerabilities. • Application Security (AppSec): • Zero Trust Implementation: Past success in transitioning an organization away from traditional perimeter-based security toward a mature Zero Trust model. • Zero Trust Implementation: • SecOps Maturity: Experience building or scaling a Security Operations Center (SOC) or a Modern Detection and Response (MDR) function. • SecOps Maturity: • Collaboration Tool Mastery: Advanced experience securing and automating SaaS. In particular, Google Workspace, the Atlassian stack (Jira/Confluence), Slack. • Collaboration Tool Mastery: • Bio-Pharma Experience: Prior exposure to GxP validation, clinical trial data protections, or the nuances of Lab-IT security. • Culture and values • Culture and values • We are guided by our shared values. It's not about finding people who think and act in the same way. These values help to guide our work and will continue to strengthen it. • ThoughtfulThoughtful at Iso is about curiosity, creativity and care. It is about good people doing good, rigorous and future-making science every single day. • Thoughtful • BraveBrave at Iso is about fearlessness, but it’s also about initiative and integrity. The scale of the challenge demands nothing less. • Brave • DeterminedDetermined at Iso is the way we pursue our goal. It’s a confidence in our hypothesis, as well as the urgency and agility needed to deliver on it. Because disease won’t wait, so neither should we. • Determined • TogetherTogether at Iso is about connection, collaboration across fields and catalytic relationships. It’s knowing that transformation is a group project, and remembering that what we’re doing will have a real impact on real people everywhere. • Together • Creating an extraordinary company • We believe that to be successful we need a team with a range of skills and talents. We're building an environment where collaboration is fundamental, learning is shared and every employee feels supported and able to thrive. We value unique experiences, knowledge, backgrounds, and perspectives, and harness these qualities to create extraordinary impact. • We are committed to equal employment opportunities regardless of sex, race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, pregnancy or related condition (including breastfeeding) or any other basis protected by applicable law. If you have a disability or additional need that requires accommodation, please do not hesitate to let us know. • Hybrid working • Hybrid working • It’s hugely important for us to share knowledge and build strong relationships with each other, and we find it easier to do this if we spend time together in person. This is why we follow a hybrid model, and would require you to be able to come into the office 3 days a week (currently Tuesday, Wednesday, and one other day depending on which team you’re in). If you have additional needs that would prevent you from following this hybrid approach, we’d be happy to talk through these if you’re selected for an initial screening call. • would require you to be able to come into the office 3 days a week • Please note that when you submit an application, your data will be processed in line with our privacy policy. • >> Click to view other open roles at Isomorphic Labs