Information Security Engineer

About us 

We’re a culture-first organisation and put our people at the forefront of everything we do. We believe that a great working environment leads to a happy and productive team which is why we offer our staff the flexibility to work remotely or from our beautiful office in Fitzrovia, Central London. 

Xiatech is the pioneer of Xfuze, the world’s first AI-powered composable Integration, Data Management, Analytics and Orchestration Platform that innovatively connects systems, creates a single view of data and delivers actionable insights in one cloud-native, SaaS solution. Business, technology and data teams use Xfuze to shorten time-to-insights, accelerate digital transformation, and extend the value of their legacy technology investments.

The Role 

We are looking for a proactive Information Security Engineer to join our Engineering organisation, reporting directly to the CTO/CISO and working closely on a day to day basis with our DevOps team. As an Information Security Engineer at Xiatech, you will be responsible for driving our security framework and take ownership of implementing best-in-class security practices, strengthening compliance programs, and embedding a culture of security across both our engineering and business teams.

This is an exciting opportunity to have a direct impact on security at Xiatech. We’re scaling fast, and this is your opportunity to directly shape the security posture of a company that’s pushing boundaries in technology and innovation.

This role will be pivotal in strengthening Xiatech’s information security framework, driving governance, and ensuring compliance across systems, third parties, and staff awareness initiatives.

Key Responsibilities

• Monitoring & Incident Response: Detect, investigate, and respond to security alerts, including malware, phishing, and unauthorized access.
• Vulnerability Management: Run scans, analyse results, and work with IT to remediate system and application vulnerabilities.
• Security Tools: Manage and optimise firewalls, endpoint protection, and intrusion detection/prevention systems.
• Access Control: Oversee user provisioning, reviews, and enforcement of least-privilege principles.
• Cloud & DevOps Security: Embed security into CI/CD pipelines and cloud-based SaaS environments.
• Device Management: Ensure endpoint compliance using company tools (ManageEngine, SentinelOne) and manage device lifecycle.
• Audit & Evidence: Maintain records of audits, incidents, and vulnerability reports for compliance and certification requirements.
• Control Implementation: Support the rollout and monitoring of ISO 27001 controls.
• Policies & Awareness: Help refine security policies and deliver staff training and awareness initiatives.
• Stakeholder Collaboration: Work with Sales, Legal, and IT teams to provide accurate, security-related input and documentation, participate in RFPs, security questionnaires, etc.

Your Knowledge & Experience

Must have

• 4+ years in a security role, or have recently moved to a security role after experience in support, devops or a similar role.
• Hands-on experience in information security, ideally within a SaaS or product-led environment, working closely with the engineering teams.
• Proven success leading or supporting ISO 27001 and/or SOC 2 Type I/II compliance programs.
• Strong knowledge of information security principles, best practices, and standards (e.g., ISO 27001, NIST).
• Strong practical knowledge of cloud security, access management, secrets handling, and incident response.
• Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
• Professional certifications such as CISA, CISM, CISSP or similar credentials are preferred (not mandatory – training will be offered if needed).
• Thrives both as a self-starter who can take ownership and as a collaborative partner driving success with our team

Desirable

• Worked with DevOps, Support and Engineering teams to embed security best practices into CI/CD pipelines
• Automation and scripting – python, javascript or similar
• Monitoring and alerting – ideally Grafana, Halo ITSM
• Any of the following tools and platforms: SonarCloud, Appcheck, OneTrust/Tugboat, Github, Chronicle

Your Personality

• Energetic & driven
• Innovative
• Resilient
• Insightful
• Creative
• Problem solver
• Sound judgement
• Analytical
• Capacity to learn

If you would like the opportunity to join a disruptive UK-based Software as a Service organisation who believe in using the latest leading-edge technology to drive business growth and customer differentiation and success, please enquire now by emailing abbi@xiatech.co.uk.

If you receive an offer of employment, this will be conditional upon satisfactory completion of a right to work and identity check, a reference check and a basic criminal record check for any unspent convictions.

Xiatech is proud to be an equal opportunity employer and prohibits discrimination and harassment of any kind.

Apply for this job