Quantexa

Compensation

Full Description

Do you ever have the urge to do things better than the last time? We do. And it’s this urge that drives us every day. Our environment of discovery and innovation means we’re able to create deep and valuable relationships with our clients to create real change for them and their industries. It’s what got us here – and it’s what will make our future. At Quantexa, you’ll experience autonomy and support in equal measures allowing you to form a career that matches your ambitions. 41% of our colleagues come from an ethnic or religious minority background. We speak over 20+ languages across our 50+ nationalities, creating a sense of belonging for all. Opportunity This role combines deep technical security engineering with operational assurance and platform enablement. The position is responsible for shaping and sustaining secure development practices, strengthening cloud and SaaS controls, and improving detection and response maturity across Quantexa. You will work closely with engineering, platform, and operational teams to build secure delivery patterns and ensure they are consistently adopted. This includes guiding DevOps team approaches, embedding automated security testing, consolidating compliance checks, and influencing design standards that support secure development and deployment. You will provide both assurance and hands on oversight to ensure tooling such as CI/CD, infrastructure as code, identity controls, and container orchestration remain hardened, monitored, and aligned to recognised best practices. On the operational side, you will lead the improvement of security controls and monitoring capabilities across cloud platforms, SaaS services, and enterprise toolsets. You will integrate threat intelligence, refine detection rules, enhance incident readiness, and drive remediation activities based on security posture findings. You will work with stakeholders to review architectural risk, conduct threat modelling, and support operational response to emerging issues. Success in this role requires an ability to translate complex risks into actionable change, influence adoption of secure practices, and build trust with engineering and senior technical stakeholders. You will balance preventative engineering activities with investigative skills and operational discipline, creating a feedback loop that strengthens resilience over time. The ideal candidate brings strong experience across cloud security, DevOps enablement, identity and access controls, SaaS security, threat detection platforms, and incident response. You will be a self-starter who can navigate ambiguity, challenging stakeholders, collaborate across varied teams, and drive holistic improvements that enhance Quantexa’s overall security posture. Security Architecture & Engineering Embed security within CI/CD pipelines, delivery workflows, and infrastructure automation through testing, scanning, and policy enforcement. Architect and maintain technical security guardrails for cloud native platforms and infrastructure as code deployments to ensure consistent hardening, resilience, and alignment to reference security standards. Provide assurance oversight and configuration governance for SaaS platforms, with emphasis on identity and privilege management, access control enforcement, and data confidentiality protection. Perform threat modelling and security design reviews to influence architectural decisions, support secure engineering principles, and shape remediation priorities Advance monitoring, detection, and response maturity across cloud and SaaS environments using platforms including Wiz, Zscaler, Sentinel, and complementary detection tooling. Engineer, tune, and maintain detection logic and security policy frameworks to improve telemetry quality, situational awareness, and incident readiness Conduct cloud security posture assessments and lead remediation of weaknesses identified through vulnerability scanning, configuration assessments, and security testing. Support operational incident response through investigation of security issues, risk containment activities, root cause analysis, and development of durable corrective actions. Promote DevSecOps methods by coaching engineering teams, developing reusable secure patterns, and enabling the adoption of automated control enforcement. Partner with the chief architecture, platform, and product functions to embed security within design processes and ensure alignment with strategic, regulatory, and business requirements. Compliance, Audit & Governance Ensure compliance with cloud and SaaS-specific frameworks and maintain continuous audit readiness for SaaS and CI/CD environments. Ensure compliance with NIST SP 800-53, NIST SP 800-171, SOC 2, ISO/IEC 27001:2022, and client-specific requirements. Prepare for and participate in internal and external audits and providing technical input into client responses if needed. Lead technical responses to audit findings and maintain continuous audit readiness. Coordinate penetration testing across cloud, network, and application layers Security Operations & Incident Response Develop, tune, and maintain detection logic and automated response playbooks across Wiz, Zscaler, and related platforms in accordance with threat intelligence and adversary techniques such as the Mitre Attack Framework. Conduct proactive threat hunting, triage security alerts, and support incident investigations in collaboration with managed service providers. Author, refine, and validate analytic queries and behavioural detection rules to improve accuracy, reduce false positives, and enhance contextual awareness. Lead automation initiatives to streamline operational processes, increase response efficiency, and minimise manual intervention. Perform advanced security investigations leveraging SIEM telemetry, endpoint data, identity logs, and API intelligence sources. Apply threat intelligence sources and indicators to enrich investigations, support correlation activities, and provide insight into adversary activity. Manage advanced email security operations including analysis of phishing attempts, business email compromise, malware-based attacks, and related risk scenarios. Lead incident investigations impacting cloud infrastructure, SaaS services, and CI/CD toolchains, working closely with engineering and operations stakeholders. Conduct post incident reviews and root cause analysis to support organisational learning, capability uplift, and enduring remediation outcomes. Perform forensic examination of operating system artefacts and metadata across endpoints, servers, and cloud workloads to support investigative findings. Demonstrate strong proficiency in query languages and detection rule development across SIEM, EDR, and XDR platforms including Sentinel, CrowdStrike, and similar toolsets. Mandatory Proficiency in the Following Platforms Practical experience with enterprise security technologies including GitGuardian for secret detection, Cyberhaven for insider risk monitoring, Wiz Advanced and Defend for cloud posture and workload protection, Zscaler for secure access and traffic inspection, Sublime for automation and orchestration support, DevOps CI/CD tooling for pipeline security enforcement, and Terraform for infrastructure as code deployment. Demonstrated capability in applying native cloud provider security services, including Azure Security Centre and GCP, to support posture management, threat detection, compliance validation, and secure configuration. Stakeholder Engagement & Leadership Provide expert guidance to internal and external stakeholders on cloud and SaaS security, including secure CI CD design and compliance expectations Deliver tailored training and awareness sessions to strengthen understanding of secure cloud, DevSecOps, and operational security practices Act as a trusted technical adviser on Zero Trust, cloud security, and related domains, supporting informed decision-making across programmes Translate complex security risks into clear and actionable language for both technical and non-technical audiences, influencing senior leaders and cross functional teams Champion a security first mindset, mentor colleagues, and contribute to the continual growth and capability of the wider security function. Expectations and Mindset Proactiveness: Take initiative, seek out information, do not sit back and wait, drive your own knowledge alongside that of other guidance provided by the team, and always ask questions. Communication: Keep stakeholders informed, ask questions, and ensure clarity in all interactions. Forward thinking: Anticipate challenges and issues, try to think one step ahead, think strategically, and look for opportunities for improvement. Team Communication: Follow up with the team and make sure you are seen and known, be heard and build strong relationships and establish your presence. Education & Certifications Minimum of 12 years of professional experience in cybersecurity, with at least 7 years in senior or lead security roles. Master’s degree in information security, Computer Science, or related discipline. Preferred Industry Certifications (Evidence required): GIAC certifications such as GCIA, GCED, GCIH, GDAT, GDSA or GMON Microsoft Cloud-specific security certifications, such as AZ 500, AZ 305, SC 300 Our perks and quirks. What makes you Q will help you to realize your full potential, flourish and enjoy what you do, while being recognized and rewarded with our broad range of benefits. We offer: Competitive base salary of $130-170k Company bonus 100% 401K match up to 5% Comprehensive benefits coverage, including mental health support, fitness reimbursements, and financial well-being Tax-advantageous benefits, such as commuter benefits, healthcare, and dependent care Competitive annual leave, parental leave, PTO, and observed holidays 🌴 Well-being benefits, such as the Calm App and Wellbeing 1/2 days off 🧘‍♀️ Continuous Training and Development, including access to Udemy Business Work from Anywhere Scheme: Spend up to 2 months working outside of your country of employment over a rolling 12-month period Employee Referral Program Team Social Budget & Company-wide Socials Our mission. We have one mission. To help businesses grow. To make data easier. And to make the world a better place. We’re not a start-up. Not anymore. But we’ve not been around that long either. What we are is a collection of bright, passionate minds harnessing complexities and helping our clients and their communities. One culture, made of many. Heading in one direction – the future. It’s all about you. It’s important to us that you feel welcome, valued and respected. After all, it’s your individuality and passion for what you do that will make you Q. We see that – which is why we’re proud to be an Equal Opportunity Employer. We’ve created and will continue to improve our inclusive and diverse work environment. Regardless of your race, beliefs, color, national origin, gender, sexual orientation, age, marital status, neurodiversity or ableness – whoever you are – if you are a passionate, curious and caring human being who wants to push the boundaries of what’s possible, then we want to hear from you. start. don’t stop – Apply