Compliance & Audit Leadership: Support the maintenance of our compliance frameworks, specifically ISO 27001 and SOC2 Type II. You will need to be comfortable being a primary point of contact for external auditors.
Client Assurance: Own the end-to-end process for Client Audits and Security RFIs, translating our complex technical controls into clear, professional, and digestible responses for stakeholders.
Cloud Governance: Apply a GRC lens to our cloud environment, ensuring that our AWS infrastructure aligns with best practices (CIS benchmarks) and triage alerts in line with our internal risk appetite.
Incident Management & Triage: Monitor security tools and act as a first-to-second responder for alert triage. You’ll manage the lifecycle of security incidents, from discovery to post-mortem.
Third-Party Risk Management: Conduct thorough due diligence on suppliers, integrations , ensuring our supply chain meets our rigorous security standards.
Risk-Based Decision Making: Conduct risk assessments across the business, providing actionable advice that balances security requirements with operational efficiency.
Security Automation: Identify opportunities to automate manual GRC and SecOps tasks to increase the team's velocity.

Requirements

3-5 years experience in Information Security, with a proven track record in a ‘full stack’ security or GRC role
Experience triaging alerts (CSPM/SIEM/EDR), incident management and a foundational understanding of cloud native security tools
You enjoy creating processes where none exist and can move from "problem identified" to "solution implemented" independently.
You’ve led SOC2 or ISO27001 audits and know how to manage evidence collection, auditor expectations and communicate to stakeholders effectively.
Relevant certifications are a plus (CISA, CISSP), but we value functional experience and the ability to apply security principles to real-world business problems above all else.

Benefits

Share Options
20 days of PTO per year + public holidays
3 volunteer days to use for any charitable/voluntary cause you would like.
A top-tier private health insurance package.
401k contribution plan
Work from home stipends
A personal learning and development budget through Learnerbly. You’ll be supported in your quest for knowledge, whatever that looks like to you.
globally consistent parental leave approach
Employee Referral Scheme.
multiple Cutover mental health initiatives, from fully subsidized therapy sessions to subscriptions to leading wellbeing platforms.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Information SecurityGRCIncident ManagementRisk AssessmentsSecurity AutomationCloud Native Security ToolsAlert TriageISO 27001SOC2 Type IICIS Benchmarks

Soft Skills

LeadershipCommunicationProblem SolvingProcess CreationStakeholder ManagementRisk-Based Decision MakingIndependenceAttention to DetailAnalytical ThinkingCollaboration

Certifications

CISACISSP