Lead Cybersecurity Engineer

Ardanis

full-time

Posted on: 9/21/2025

Origin: • 🇵🇹 Portugal

✨ AI Apply

Senior

AWSAzureCloudGoogle Cloud PlatformKubernetesMicroservicesTerraform

About the role

Define and implement enterprise-wide security strategies and frameworks aligned with ISO 27001, SOC 2, NIST CSF, PCI DSS, GDPR, and CIS Controls.
Lead ISO 27001 and other regulatory compliance projects end-to-end, including audits, gap analysis, and remediation.
Conduct threat modeling (STRIDE, DREAD) and risk assessments for systems, processes, and cloud environments.
Oversee incident response, vulnerability management, penetration testing, and red/blue/purple team exercises.
Design and implement security architecture for multi-cloud and hybrid environments (AWS, Azure, GCP).
Integrate security into CI/CD pipelines, including SAST/DAST, IaC hardening, container and Kubernetes security.
Implement automated compliance and security testing at scale.
Develop and maintain information assurance policies, standards, and control frameworks.
Mentor and guide security teams and cross-functional stakeholders, fostering a proactive security culture.
Advise on adoption of emerging technologies and secure operational practices.
Communicate complex security concepts to technical and executive audiences.
Hands-on leadership role accountable for driving ISO 27001 and equivalent compliance programs and ensuring resilience against advanced threats.
Lead complex security initiatives across engineering, DevOps, and product teams; provide technical guidance, threat intelligence, and strategic advice.

Extensive experience leading enterprise security programs, including ISO 27001, SOC 2, GDPR, PCI DSS, or equivalent frameworks.
Proven track record in planning, executing, and delivering compliance projects end-to-end.
Expertise in cloud security architecture and operations (AWS, Azure, GCP) including IAM, network security, encryption, and monitoring.
Deep knowledge of threat modeling, risk assessment, vulnerability management, penetration testing, and incident response.
Hands-on experience with DevSecOps practices: CI/CD security integration, automated testing, IaC hardening (Terraform, CloudFormation), container and Kubernetes security.
Familiarity with SIEM, SOAR, CSPM, CWPP, and advanced security monitoring tools.
Strong leadership, mentoring, and stakeholder management capabilities.
Excellent communication skills, able to translate complex security topics for technical and non-technical audiences.
Willingness to travel to the UK ~1x per quarter, with expenses covered.
Commitment to continuous learning and staying ahead of emerging threats.
Nice to have: Experience with red/blue/purple team exercises and adversary simulation frameworks.
Nice to have: Exposure to serverless and microservices security best practices.
Nice to have: Prior experience in financial services or SaaS environments.
Nice to have: Certifications such as CISSP, CISM, CISA, or cloud security certifications (AWS, Azure, GCP).