Work for a scale up business, which has several global products as a Lead Security/Infrastructure Engineer (approx 70% security, 30% Infrastructure). Due to the growth of the business, it's looking for a candidate to come in and evolve their technology infrastructure and information security functions. The role is pivotal in strengthening their security posture, guiding the business through an ISO27001 certification and optimizing infrastructure for scalability and performance. You'll work closely with Software Engineers, QA's, Support Engineers, Head of Product, Vendors etc.

The ideal candidate will lead the development and implementation of security strategies, manage existing IT infrastructure, and identify opportunities to improve automation, reliability, and efficiency. You will initially be in the office 5 days per week for the first 6-8 weeks whilst you get up to speed. After that, the position will transition into a hybrid working style (3 days per week in their CBD office).

Responsibilities:

Security and Compliance

• Define and implement an overarching information security strategy aligned with business goals.
• Lead initiatives toward ISO 27001 certification, including gap analysis, documentation, and audit readiness.
• Continuously assess and improve the security posture of the organization across systems, networks, and endpoints.
• Develop and enforce security policies, standards, and procedures.

Infrastructure Management

• Manage and maintain the company's existing infrastructure (cloud, on-prem, hybrid) to ensure performance, reliability, and scalability.
• Ensure high availability of key business systems and services through proactive monitoring and maintenance.
• Establish disaster recovery and business continuity plans.

Operational Efficiency

• Identify and implement improvements in CI/CD pipelines, infrastructure as code (IaC), and automated monitoring.
• Lead the strategic direction, implementation, and continuous improvement of the organization's DevOps framework, ensuring it aligns with business goals, security standards, and infrastructure scalability

Team Collaboration and Reporting

• Promote a culture of collaboration by effectively communicating security policies and infrastructure strategies to all levels of the organization.

Requirements:

• Minimum of 2-3 years Security experience. A candidate that has transitioned from Networking/Infrastructure into Security.
• Proven experience in IT infrastructure management, cybersecurity, and DevOps practices in an SMB or high-growth environment.
• Experience leading or playing a major role in a business obtaining an ISO 27001 certification.
• Strong Unix/Linux skills and comfortable working in Windows
• Strong knowledge of modern cloud platforms (AWS, Azure, GCP), containerization (Docker, Kubernetes), and infrastructure automation tools (Terraform, Ansible, etc.).
• Familiarity with Atlassian toolset (JIRA, Confluence)
• Familiarity with identity and access management, vulnerability scanning, endpoint security, and SIEM/SOC tools.
• Happy to work in Infrastructure 30% of the time