Thought Machine - Security Control Engineer
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• Essential: • Technical experience with designing and applying security controls and capabilities to cloud-based infrastructure (e.g. AWS, GCP) and applications in creative ways that bring efficiency to operations. • Experience in working directly with software engineering teams in designing new capabilities, controls, and procedures that results in collaborative designs that are effective and highly efficient. • Strong technical background, with experience in distributed systems, cloud security, and related technologies, and a passion for finding creative solutions to difficult problems. • Knowledge of threat modelling for the purposes of understanding threat probabilities and frequency. • Excellent communication skills with an ability to translate technical and security jargon into business-relevant insights. • Ability to liaise effectively with other departments and external stakeholders. • Desirable: • Experience in a fast-paced tech environment or fintech sector. • Knowledge of container security, Kubernetes, Kafka, and other emergent technologies. • Experience with control automation via code (e.g. Python, Go) • Hands-on experience with obtaining and maintaining a security certification such as SOC 2, ISO 27001, PCI-DSS. • Proficiency in leading security risk assessments, preferably with knowledge of the FAIR framework.
Responsibilities
• Control Architecture & Design: Actively participate in the technical and operational design of capabilities, tools, and procedures to mitigate security and business continuity risks to acceptable levels. Provide domain expertise in Thought Machine’s approach to its product and cloud security. • Certifications Management: Assist the process of obtaining, renewing, and maintaining Thought Machine's certifications, including ISO27001, ISO22301, PCI-DSS, and SOC 2 Type 2. This also includes the design of capabilities, tools, and procedures that satisfy the requirements of these regimens. • Security Risk Assessments: Spearhead security risk assessments with a focus on risk quantification and FAIR, ensuring that potential threats are identified, quantified, and addressed promptly. • Policy, Standards, and Procedures: Oversee the creation, maintenance, and updating of all security-related policies and documentation, ensuring that they are current and reflect industry best practices. • Client Relations Support: Assist the Commercial team by providing expert insights and answers to security-related queries from clients and prospects, instilling confidence in our security posture.
Benefits
• Voluntary Pension Plan (match up to 5%) • Private Healthcare Insurance • Comprehensive Life Insurance • 25 days holiday plus public holidays • Two charity days a year • Daily Meal Allowance • Access to outstanding learning materials and courses • Sports and hobby clubs, subsidised by Thought Machine • All the latest tech you need • Huge range of healthy (and not-so-healthy) snacks, smoothies and drinks • A talented and experienced team as your colleagues • An environment where we encourage learning and progress • We actively hire candidates who demonstrate technical excellence in their field and welcome people of all ages and backgrounds, providing everyone with equal access to professional development. You are encouraged to apply even if your experience doesn't accurately match the job description. We also encourage applications from those with different abilities, including candidates with ADHD, autism, dyslexia or dyspraxia.
No credit card. Takes 10 seconds.