We’re looking for aCyber Security Lead to play a pivotal role in shaping Yoto's security posture from the ground up.
About Yoto
Yoto is a screen-free interactive audio platform for kids. We make carefully connected audio players that kids control, with no microphones, cameras or ads. We have a catalogue of audio that inspires creative play and learning with 1,000+ titles in our card store from top creators, publishers and labels - think Disney, Marvel, Roald Dahl and Universal Music. We also create Yoto Originals likethis one.
Voted the 14th fastest-growing private software technology company in Britain, in The Sunday Times 100 Tech 2025.
Featured in Bloomberg’s 25 UK startups to watch in 2023.
Ranked 9th in Fast Company's Most Innovative Companies in 2024; and featured in the Sifted 100 fastest-growing startups across the UK&I by revenue growth.
Second fastest growing tech company in the UK, in the Deloitte Fast50 2023.
Named one of TIME Magazine’s Top 100 Inventions of 2020.
We’re 170+ employees spread across the UK, US and France.. and growing!
We’re on a mission to be the soundtrack of childhood, and help families on their own unique adventures. By creating products that inspire independent play, we help families discover and grow with an inspiring world of audio - and we would like you to help us achieve it!
As Cyber Security Lead at Yoto, you will be responsible for protecting our cloud-based infrastructure, services, products and IT assets from cyber threats. This a new position and you will have a pivotal role in strengthening and advancing our security posture, ensuring we adopt best industry practices. You will work closely with cross-functional teams to implement robust security measures, monitor for breaches, and respond to incidents. Your role is crucial in maintaining the safety, integrity, and availability of our data and systems.
What you'll do
Develop, implement, and lead a comprehensive cyber security strategy to safe guard company data, technology assets, applications and systems.
Conduct regular security assessments (e.g., audits, penetration tests, vulnerability scans, threat modelling) to identify and mitigate potential risks across products and infrastructure.
Oversee and manage security incidents end to end, from investigation and remediation to thorough post-event analyses.
Implement and supervise security services and tools to monitor and protect cloud based environments (AWS, GCP)
Be responsible for compliance with security related regulations and standards (e.g., ISO 27001, GDPR, NIST) and relevant documentation, audits/controls
Collaborate with engineering, product, operations, and other teams to integrate security measures, business continuity and fraud prevention practices across the organization.
Continuously evaluate and manage the organization’s risk posture by defining and refining security processes, vulnerability management, and IT lifecycle management.
Triage and investigate vulnerabilities reported via Yoto's Responsible Disclosure policy and ensure adequate resolution is implemented
Lead and empower team members to champion a robust security culture through comprehensive training, ongoing education, and continuous improvement.
Stay up to date on the latest cybersecurity threats, trends, and solutions.
What you'll need
At least 5+ years of experience in cyber security, preferably with a focus on IoT, connected devices, or a D2C environment.
Overarching understanding of cyber security threats, mitigations, and best practices across broad areas (from staff training to cloud services and client applications).
Proficiency in security tools (SIEM, vulnerability scanners, etc) and secure networking on cloud platforms (AWS, GCP).
Excellent analytical, problem-solving, and communication skills, with proven ability to work cross-functionally.
Relevant certifications such as CISSP, CISM, or CEH are highly desirable.
Experience working in primarily remote cloud based workplace
What you can expect from Yoto:
Flexibility:Hybrid working with a choice based approach - we would love you to come into the office as much as possible, with a minimum of once or twice a month. Take advantage of our ‘work from anywhere’ policy to work from a different location for up to 6 weeks every year. Summer Hours policy to use between the months of June and August.
Financial:Generous share option programme so you’ll be invested in Yoto’s success. Receive Income Protection, covering long term sickness for up to 2 years and company sick pay that increases with length of service. Life Assurance cover from day one of your service. Workplace Pension offering up to to 3% employer contributions, following probation. Generous employee referral bonus scheme.
Health & Wellness:Private Medical Insurance via Aviva, or a Wellbeing Allowance to be used for memberships, subscriptions, treatment or therapy. Access to 24/7 Employee Assistance Programme (EAP) through WeCare and unlimited access to Dental advice and guidance via Toothfairy. Bike to work scheme to promote healthier lifestyles.
Time Off:25 days of holiday per year, plus bank holidays. On top of this, you also receive your birthday off, plus 1 extra day of holiday for every year worked after you hit your 2 year anniversary, up to 5 extra days. After 4 years of service, you are also eligible for our sabbatical policy offering up to 3 months' of unpaid sabbatical.
Helping Families:Variety of family-friendly leave, including enhanced maternity, paternity, adoption, fertility, pregnancy loss and carers leave. Unlock savings with our workplace nursery scheme, designed to support parents of preschool-aged children.
People & Planet:Up to 2 volunteer days per year. A Book Allowance of up to £50 a year to contribute to your professional development.
Fun Perks:You receive your very own Yoto player and starter pack of cards! Regular company socials and celebrations, including our annual YotoFest!
Equity and Diversity
At Yoto, we love creating a world where childhood is rich with discovery and joy. We’re also passionate about building a workplace where everyone can thrive - both professionally and personally. We value flexibility and give our team the freedom to balance life and work in ways that suit them.
We're committed to fostering a safe, diverse, and inclusive environment where all individuals, regardless of their background, feel valued and supported. Our Diversity, Equity and Inclusion group holds bi-monthly forums to elevate diverse voices and perspectives, ensuring everyone at Yoto feels heard, respected, and appreciated.
We don’t just embrace differences - we celebrate them. We share audio content from a vibrant and diverse community of creators (check out our DEI selection), and we are building a team that reflects that same diversity. We invite candidates from all walks of life to explore opportunities with us and join a company that champions flexibility, equity, and inclusion.Take a look at our website for more information on our approach to People and Planet.
The latest news, articles, and resources, sent to your inbox weekly.
We’re looking for aCyber Security Lead to play a pivotal role in shaping Yoto's security posture from the ground up.About YotoYoto is a screen-free interactive audio platform for kids. We make carefully connected audio players that kids control, with no microphones, cameras or ads. We have a catalogue of audio...
Yoto London
Enterprise New Business Account Executive“Joining Mimecast now means being part of a forward-thinking, fun team that's driving the future of cyber resilience, offering tremendous opportunities to make a meaningful impact in the cybersecurity space.” -James Morgan, SVP Sales EMEA At Mimecast, we're redefining cybersecurity and leading the charge in human...
Mimecast London
Mid-Market New Business Account Executive“Joining Mimecast now means being part of a forward-thinking, fun team that's driving the future of cyber resilience, offering tremendous opportunities to make a meaningful impact in the cybersecurity space.” -James Morgan, SVP Sales EMEA At Mimecast, we're redefining cybersecurity and leading the charge in human...
Mimecast London
XM Cyber is a cyber security company which continuously and safely helps the world’s most secure organizations understand how adversaries can compromise critical business assets by simulating all known attack techniques, and providing the insights to determine the right options to prioritize and mitigate the risks.The Senior Cyber Security Instructorwill...
XM Cyber London
Business Process Manager – 3 Month ContractLocation:Cardiff – 4 days per week onsite initiallyRate:£350-£450 per dayIR35 Status:To be confirmedA leading client of ours is seeking an experiencedBusiness Process Managerto join their team on a 3-month interim basis. This role is perfect for a professional with a proven track record in...
IntaPeople Cardiff
About BridewellOne of the most exciting prospects in the UK cyber security sector today, Bridewell is a leading cyber security services company specialising in protecting and transforming critical business functions for some of the world's most trusted organisations. We are the trusted partner for operators of essential services and provide...
Bridewell Consulting London
