We are seeking a proactive and detail-oriented Information Security Engineer to own and operate our information security program. This is a critical hybrid role responsible for maintaining our security and compliance posture across multiple frameworks (ISO 27001, ISO 27017, SOC 2) while also managing and implementing the technical security controls that protect our business and customers.
You will be the central point of contact for all things security, working closely with stakeholders across Engineering, Product, and Operations to ensure our systems are secure, our controls are effective, and we are always prepared for audits.
Key Responsibilities
-
Compliance & Governance:
-
Own, maintain, and continually improve our Information Security Management System (ISMS) to ensure compliance with ISO 27001, ISO 27017, and SOC 2 standards.
-
Manage the annual audit cycle, liaising with external auditors and internal teams to ensure a smooth and successful outcome.
-
Maintain key security artefacts, including the risk register, asset inventory, and access control records, by collaborating with stakeholders across the business.
-
Respond to customer and prospect security questionnaires (RFIs/RFPs), effectively communicating our security posture.
-
Security Operations & Engineering:
-
Implement, configure, and manage key security systems, including email filtering, Microsoft 365 Defender, endpoint protection, and vulnerability scanning tools.
-
Coordinate and manage third-party penetration testing, and track remediation of identified vulnerabilities with the engineering teams.
-
Assess and drive the implementation of technical security controls and best practices (e.g., DKIM/DMARC, MFA, secure configuration).
-
Risk & Awareness:
-
Identify, assess, and document new information security risks, and propose effective mitigation strategies.
-
Promote a culture of security awareness throughout the company by running phishing simulations and managing our security training program via our Learning Management System (LMS).
-
Act as the subject matter expert on information security, providing guidance and support to all employees.
What We're Looking For
Why Join Us?
Build your career at Solidatus:
- Make an impact: Your work directly empowers global organisations by making data flows understandable. See your code make a difference quickly in our agile setup.
- Own and innovate: Tackle challenging data lineage and integration problems with freedom. Explore new tech, make architectural decisions, and shape our product, including working with our evolving AI capabilities and using AI tools. We encourage innovation through R&D time and hackathons.
- Grow your career: We are a rapidly scaling company offering significant development opportunities, mentorship, and leadership roles.
- Vibrant, collaborative culture: Join a passionate, high-impact global team. Your voice is heard, expertise valued, and we regularly share progress and insights.
If you love solving complex data lineage challenges, thrive on technical ownership, and want to make your mark in a growing company understanding data flows, we want to hear from you!
