Role Responsibilities

Compliance & Governance (ISO 27001, SOC 2)

• Support the implementation and maintenance of ISO 27001 and SOC 2 controls
• Manage audits including evidence collection, and documentation
• Maintain security policies, procedures, and control frameworks
• Track and support remediation of audit findings and control gaps

Security Operations & Monitoring

• Monitor security alerts and respond to incidents across systems, endpoints, and SaaS tools
• Investigate and triage potential security threats, vulnerabilities, and suspicious activity
• Support incident response processes, including documentation, containment, and remediation
• Maintain and improve security tooling (e.g. EDR, SIEM, email security)
• Ensure consistent documentation of the companies security posture and apply continuous improvement principles to improving it.

Endpoint & Device Security

• Working closely with the Global IT Manager and Engineer to ensure that the appropriate endpoint protection tools and strategies (e.g. antivirus, EDR, MDM) are in place, deployed and maintained
• Working with the Global IT Manager to ensure enforcement of device compliance policies (patching, encryption, access controls)
• Support secure onboarding and offboarding of employees from a device/security perspective

SaaS & Systems Security

• Support secure configuration and management of SaaS platforms (e.g. identity providers, collaboration tools)
• Manage access controls, permissions, and identity lifecycle (joiners/movers/leavers)
• Conduct regular access reviews and ensure least-privilege principles are applied
• Identify and remediate misconfigurations across systems

Risk & Vulnerability Management

• Ensure that the appropriate penetration tests and vulnerability scans are in place and track remediation efforts
• Support risk assessments across systems, vendors, and processes
• Maintain risk registers and support prioritisation of security initiatives
• Partner with engineering and IT to remediate identified risks

Pre-Sales & Customer Security Assurance

• Support completion of customer security questionnaires, RFPs, and due diligence requests
• Act as a subject matter expert on the company’s security posture during the sales process
• Collaborate with Sales, Customer Success, and Legal teams to respond to security-related queries
• Maintain and continuously improve a library of standard security responses and documentation
• Provide supporting materials (e.g. policies, certifications, architecture overviews) to customers
• Participate in customer calls where deeper security assurance or technical validation is required
• Ensure consistency and accuracy of security messaging across all customer-facing materials

Security Awareness & Training

• Support delivery of security awareness training programmes
• Promote best practices for security across the organisation
• Assist with phishing simulations and user education initiatives

What we’re looking for

• Experience with endpoint security tools (EDR, MDM, antivirus)
• Familiarity with SaaS environments and identity/access management (IAM)
• Understanding of security frameworks such as ISO 27001 and SOC 2
• Knowledge of vulnerability management and risk assessment practices
• Ability to translate technical security controls into clear, customer-friendly language
• Experience supporting RFPs, security questionnaires, or customer due diligence processes
• Strong written communication skills for structured and accurate responses
• Ability to engage confidently with customer stakeholders when required
• Strong analytical and problem-solving skills
• Attention to detail and ability to document processes clearly
• Proactive and collaborative approach across technical and commercial teams

What we offer

• 26 days holiday plus flexible bank holidays (increasing by one holiday for each year of service, up to a maximum of 30 days)
• Healthcare cash plan with Simply Health
• Access to several health care services, including free Virtual GP service, available 24 hours a day, 7 days a week
• Cycle to Work and Tech Scheme
• Access to discounts on things like travel, electronics, fashion, fitness and more
• Rich learning and development opportunities supported through Udemy Business
• City centre offices with fantastic perks, fully stocked fridge providing soft drinks and complimentary breakfast
• Work from anywhere after one year of employment
• Employee share option scheme
• Regular social activities and events
• Opportunity to be a part of one of Manchester’s hottest tech scale ups