Security & Resilience Lead
Indexed description
This role exists because we're growing fast, working towards ISO certification, and taking on bigger, more regulated customers. All of which means the security practices we handle today need to be documented and independently owned. We're now looking for a Security & Resilience Lead - who'll ensure Street Group's security function operates effectively and continually improves.
You'll work with the Head Of Security to decide what tools, processes and controls should be used, and lead with the ongoing configuration and maintenance of those tools to shape how security is embedded across the business - from development through to customer onboarding and off boarding. There's no team to inherit and no existing playbook to follow: just the opportunity to build one.
Here's what you can expect to be working on as our Security & Resilience Lead
- Working with technical teams review the security impact of technology changes and ensure security controls are met before production releases.
- Make sure environments are configured securely, verify controls and oversee technical change so access and data are handled appropriately.
- Monitor threat intelligence for company exposure, review emerging threats, and share relevant intelligence with stakeholders.
- Lead the response to security incidents, coordinating investigations and root cause analysis, and producing clear and accurate reports for internal and external stakeholders.
- Own our security monitoring capability, ensuring effective logging across key platforms and improving detection while preventing alert storms and false positives.
- Own the penetration testing and vulnerability management programme - not just detecting vulnerabilities, but risk-assessing them, deciding what needs fixing and working with the tech teams on solutions to close them down.
- Promote secure development practices, working closely with developers to embed security into how they build rather than simply dictating standards from a distance.
- Test security alerts, validate backup integrity, and coordinate business continuity and disaster recovery testing to build organisational resilience.
- You're just as comfortable running a penetration testing and vulnerability management programme as you are talking to developers or leading an incident response.
- You have a strong knowledge of logging, monitoring and threat detection, and enjoy tuning and configuring security tooling.
- You can communicate risk with non technical stakeholders, and communicate confidently with stakeholders at every level.
- You don't have hands-on experience with vulnerability management, penetration testing, logging, monitoring or threat detection - these are the two must-have areas for this role.
- You need close oversight day-to-day; for now, you should be capable of being a security SME in the business alongside the Head Of Security and providing support to technical stakeholders.
- You want a purely strategic seat with no hands-on delivery - at this stage, it's very much both.
- A strong track record leading cyber security, ideally built in a scale-up or startup with software experience (SaaS or otherwise) rather than a large, established enterprise - B2B or B2C doesn't matter to us.
- Hands-on experience owning a vulnerability management and penetration testing programme - not just finding vulnerabilities, but risk-assessing them and deciding how those can be integrated into a technical roadmap.
- Strong knowledge of performing the continual configuration of existing toolsets as well as assessing potential new tooling and running effective logging, monitoring and threat detection capability.
- Pragmatic and commercially aware, calm under pressure, highly organised and decisive, collaborative, curious, and focused on continuous improvement - with a high level of integrity.
๐ Guilt-Free R&R - ยฃ1000 towards a holiday after your first year with the team (we'll even cover the tax!)
๐ช Joining a culture that supports your development and encourages growth
๐ ยฃ500 yearly L&D budget for your career development
๐ Your birthday on us - we pay, you stay away
๐ 'Give something back' - 2 paid days volunteering on us
๐ถ Enhanced maternity, paternity & adoption pay
๐ง Mental health & well-being support via Health Assured
๐ง Regular well-being initiatives
๐ Flexible working hours
๐ Public transport season ticket loans
๐ท Paid menopause leave
๐ Holiday buying scheme
๐ Joining a new team in an exciting business with huge ambition
๐ฅ Be a part of something bigger - everyone in our team is passionate about improving the entire property industry! It's a huge goal, but it motivates us to do better every single day
๐ป A chance to work on cutting-edge technology
๐ถ Comfortable, relaxed office space - office dogs welcome!
๐ป Fully stocked fridge and beers (or an alternative) on us every Friday afternoon
๐ Company and team off-sites, events and happy hours
๐ด Cycle to work scheme
๐ Electric car salary sacrifice scheme
๐ Feel good about sustainability - we're a climate-positive company!
Salary
ยฃ50k-ยฃ70k, negotiable depending on your experience and scope. Please apply and let's have the conversation.
We care deeply about helping the tech industry become a more inclusive and diverse place and we work hard to lead by example. We are committed to Equal Employment Opportunity through attracting and retaining a complementary team of employees and building an inclusive environment for all. Candidates must be eligible to live and work in the UK and be able to perform the work specified.
Interview Process
2 stages = An introductory call with our Talent team > Technical and culture fit Interview inc. presentation task with our Head of Security.
We want to make our interviews as inclusive as possible, so if you need any adjustments made or if there's anything you think we should be aware of during the interview process, please do let us know.
A note on using AI in your job application
As a fast-moving and rapidly evolving tech company, we embrace the advantages of AI and encourage its use throughout our application process. However, our goal is to get to know and hire the authentic you - your skills, experience, and values. We don't want to hire an AI-generated version of you. We consider AI to be a valuable tool, not something that should overshadow you as an individual.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search