Security Engineer – InfoSec
Location: Edinburgh (Hybrid – Approx. 8 Days/Month in Office)
Competitive Salary + Benefits
Are you an Information Security Engineer looking to make an impact in a fast-paced, cloud-native environment? We’re seeking a GRC-focused Security Engineer to help scale risk management, security governance, and compliance processes, ensuring a strong security posture across the organisation. This role is crucial in minimising security risks, automating compliance processes, and maintaining industry standards, helping protect a platform used by over 110 million users worldwide.
What You’ll Be Doing
* Support and scale security governance frameworks to align with NIST CSF, ISO 27001, GDPR, and SOC 2.
* Monitor, assess, and enhance risk management by maintaining the enterprise risk register and collaborating with leadership on risk appetite.
* Conduct third-party risk assessments, ensuring vendors meet security compliance requirements.
* Automate security compliance processes, streamlining risk reporting and monitoring.
* Help develop and deliver security awareness programs, embedding security best practices across teams.
* Work cross-functionally with engineering, legal, and operations teams to ensure security is integrated into workflows.
* Continuously improve security policies and procedures, ensuring scalability and alignment with business needs.
What We’re Looking For
* Min 3 years of experience in information security, governance, or risk management.
* Knowledge of security frameworks like ISO 27001, NIST CSF, GDPR, and SOC 2.
* Experience with GRC tools (e.g., RiskSmart, OneTrust) and governance automation.
* Familiarity with cloud security principles, particularly in AWS environments.
* Strong problem-solving skills with a proactive and detail-oriented approach.
* Excellent communication skills to convey security concepts to technical and non-technical stakeholders.
Why Join?
* Work on security at scale, helping protect a major global platform.
* Be part of a security team that values innovation, collaboration, and learning.
If this sounds like you, please submit your CV below or contact Mathew Dunn for more information or with any questions.
At Iconic Resourcing, we understand that not all candidates will meet every desired qualification or skill listed for the job positions posted on behalf of our clients. However, if you believe you can add value to the role despite having a slightly different experience from what we've identified, we would be thrilled to learn more about you.
Iconic Resourcing is committed to partnering with clients who share our values of inclusivity and diversity. We work with many businesses that recognise the importance of creating a welcoming and respectful workplace for all employees. As an equal opportunities employer, we treat all applications fairly and equally.
Seniority level: Mid-Senior level
Employment type: Full-time
Job function: Information Technology
Industries: IT Services and IT Consulting and Computer and Network Security
#J-18808-Ljbffr