Senior Information Security Officer

LearnUpon is looking for a Senior Information Security Officer to join our team in Dublin. This is a hybrid role, working 3 days per week from LearnUpon's Dublin office.

LearnUpon LMS helps organizations train their employees, partners, and customers. Businesses can manage, track, and achieve their unique learning goals — all through a single, powerful solution.

With offices in Dublin (our HQ), Belgrade, Philadelphia, Salt Lake City and Sydney, we are a global team with lots of diverse cultures, backgrounds, and experiences that puts our customers' experience at the heart of everything we do. Our culture fosters an open, collaborative and supportive environment where our accomplishments are celebrated and encouraged. We're always striving for the best solution (not the easy one). We’re proud of our success and we’re humble and hungry to achieve more. 

The Security team is responsible for the overall security and privacy posture at LearnUpon. You will be part of a vibrant and growing team that engages with all parts of LearnUpon (including our customers), maintains our strong security culture and works on new and exciting initiatives. We deliver security improvements that not only protect LearnUpon and our customers but also enable our business to ensure that we can continue to grow at scale.. Our mission is to safeguard LearnUpon, Luppers, our services, and our customers' data — providing a competitive advantage that enables us to meet our business objectives.

What will I be doing?

• Managing and enhancing our Cloud SIEM, including pipeline configuration, alerting, and sensitive data scanning, maintain and improve security dashboards, explore AI-powered alerting and automation within security tooling and maintenance of essential operational documentation
• Support our Cloud security posture management  and collaborate with SRE on infrastructure security improvements
• Participate in incident response activities and adhoc security events, including containment and investigation.
• Ensuring compliance with relevant laws, regulations, and industry standards related to information security (including GDPR, ISO 27001, ISO 27701 and SOC2) including maintenance of associated policies, procedures, and guidelines.
• Identifying, assessing, and managing information security risks within the organization and developing risk mitigation strategies to address same
• Working with prospects and customers to provide assurance as to how we protect their data and assisting in the completion of prospective customer RFPs, RFIs and due diligence documentation
• Working closely with our internal Legal team to ensure that customer contractual obligations can be met.
• Performing third-party security risk assessments and providing guidance on how to securely implement new solutions
• Working with stakeholders across the organisation to ensure that security requirements are incorporated into new initiatives
• Act as a security champion and support other teams in their delivery of strong security and privacy practices

What skills do I need?                                                                                  

• 5+ years professional experience in a relevant information security role (with at least 2 of these in a governance, risk and/or compliance related role)
• Strong understanding of security frameworks and compliance standards such as SOC 2, ISO 27001 and GDPR.
• Hands-on experience with SIEM platforms (Datadog cloud SIEM, splunk, etc.)
• Familiarity with cloud security (AWS preferred) - SecurityHub, IAM, S3 security, VPC etc
• Proven experience completing / automating customer security questionnaires, RFPs, and RFIs at volume
• A strong understanding of technical security concepts and the application of these in real-world environments.
• Experience working in a security incident management, vulnerability management and/or threat intelligence role.
• Excellent written and verbal communication skills 
• Ability to work independently and collaborate cross-functionally and effectively manage stakeholders

Don’t worry if you don’t tick every box in order to apply, we’re always happy to review applications and take all experience into consideration. We do our best to provide feedback where we can!

Not required but considered a big plus

• A Bachelor's Degree in a relevant discipline (e.g. computer science, information technology, etc.)
• Experience with security automation - scripting, workflow automation, or building security bots/agents
• Experience with data privacy and subprocessor management (GDPR, DPA reviews)
• Experience designing and implementing security controls in cloud environments, e.g. AWS
• Relevant certifications: CISSP, CISM, CompTIA Security+, or equivalent
• Understanding of AWS cloud security and SaaS security best practices
• Experience in the design and implementation of cross-functional security measures

Why work with us?

• Competitive salary and company ESOP.
• Comprehensive private health insurance scheme and Company pension scheme.
• 25 days annual leave + 1 annual company wellness day off. 
• Work in a fun and supportive environment with regular team events.
• Excellent career progression - take LearnUpon where you think it can go.

What is the Hiring Process?

Our typical process generally works as follows:

• Qualified applicants will be invited to schedule a screening call.
• Successful candidates will then be invited to a series of practical interviews.
• Finally, candidates will have a short interview with our COO.
• The successful candidate will be contacted with an offer to join our team.

LearnUpon is an Equal Opportunities Employer. 

We do not discriminate on the basis of gender, marital status, family status, age disability, sexual orientation, race, religion, membership of the Traveller community, or any other legally protected status.

By applying for this job, you agree to LearnUpon's Privacy Policy. Find out more about our privacy policy hereVisit our Careers site to find out more about working for LearnUpon, and check us out on Instagram.