Information Security Officer

Edinburgh or London
Engineering /
Hybrid
Apply for this job
Continuum Industries is on a mission to help the world accelerate the transition to a more sustainable future using Artificial Intelligence. We have developed Optioneer, an AI-powered tool that helps plan new infrastructure projects much faster, more sustainably and with lower risk. Since launch, we have supported over 40,000 km of new linear infrastructure; underground and subsea power cables, overhead transmission lines, hydrogen, and water pipelines. Optioneer is already used by enterprise infrastructure organisations such as; National Grid, BP, RWE, SSEN Transmission, Iberdrola and National Gas Transmission in the US, UK and Europe.

We're looking for an InfoSec & Compliance Analyst to join our Engineering Team (currently ~20 people) comprised of a mix of front end, back end, full stack and DevOps expertise. Based in either our Edinburgh or London office this role will be our first dedicated GRC/InfoSec person at Continuum, presenting a great opportunity to come in and take ownership of a key area of our operations and report directly to our CTO. 

In this position, you will divide your time across 3 core areas. First, you will be responsible for maintaining and enhancing our information security management system, ensuring documentation is always current and improving it to better reflect our practices and enhance security. Secondly, you will lead the initiative to achieve our SOC II certification. Finally, you will engage with our customers and prospective customers, showcasing our security practices and ensuring customer security reviews do not impede sales velocity. To achieve this, you’ll work closely with the company's CTO and senior leadership to understand and improve our systems and practices.

Key Responsibilities:

    • Security Compliance & Standards Mastery: Ensure adherence and up-to-date implementation of ISO27001, SOC II, ISO9001, ISO45001, and ISO13001 compliance frameworks within all project stages.
    • Risk Assessment & Mitigation: Conduct thorough risk analyses, identify potential security threats and implement robust countermeasures.
    • Information Security Management: Develop, implement, and monitor processes & measures to protect sensitive data across all systems, most immediately, by setting up and securing SOC II.
    • Cross-Functional Collaboration: Reporting directly to the CTO and working alongside internal/external stakeholders to integrate security practices into daily operations & project planning, ensuring seamless alignment with broader product goals.
    • Customer Liaison and Advocacy: Interface with customers regarding their Information Security needs; promoting the philosophy that InfoSec should not be the factor that slows sales velocity. You’ll also work closely with our Sales Director & C-Suite to identify and address potential InfoSec blockers within our sales process.
    • Continuous Education & Improvement: Keep up to date with developments within security and compliance, sharing knowledge and implementing enhancements where possible.
    • Hardware & Device Management: Ensure compliance with relevant standards for all hardware, devices and systems within Continuum.

You'll bring:

    • Technical Expertise: Proficient in information security frameworks and standards such as ISO27001, ISO9001, ISO45001, and SOC II.
    • Proven Experience: Demonstrable experience conducting risk assessments, compliance audits, and implementing security measures within technology-driven environments.
    • Analytical Skills: Detail-oriented and adept at identifying vulnerabilities and formulating mitigation approaches.
    • Collaborative Spirit: A natural team player who thrives in a collaborative environment, willing to share knowledge and learn from peers.
    • Pragmatic Approach: The ability to balance between seeking perfection and practical implementation.
    • Effective Communication: Excellent communication skills, capable of articulating complex security/compliance concepts to non-technical stakeholders.

Bonus points for:

    • Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar.
    • Implementation: Experience with end-to-end certification of ISO/SOC.
    • Operations: Experience of ITOps such as MDM and system/network management.
    • Customer Interaction: Experience collaborating directly with customers.

What you'll get:

    • 💸 £40,000 - £50,000 base salary + equity
    • 🌎 Ownership: You’ll own a piece of our company through our share option scheme.
    • 🤸‍♂️ Flexible working environment & hours. We're outcome-focused.
    • 🏖 Annual vacation entitlement: 34 days including local holidays.
    • 💻 Technology: A brand new Macbook (and work-from-home budget).
    • 🎓 Extensive upskilling opportunities (one dedicated learning day each month + learning budget).
    • 🌲 An opportunity to help us accelerate the world’s transition to net zero, and rewire the world with cleaner, green energy.

Our interview process:

    • 30min conversation with our Talent Acquisition team to get to know you better and vice versa.
    • 60 min Technical Interview with the Hiring Manager
    • Final interviews involving technical and cultural sessions + executive interview
    • Decision 🤝


Apply for this job
Jobs powered by Lever logo