Lead IT Security Engineer

Zoe Immersive, Inc.
united kingdom
1 month ago
Applications closed

Related Jobs

View all jobs

Lead IT Security Engineer (Zscaler)

Lead Software Security Engineer

Cyber Security Engineer

Head of Cyber Security and Infrastructure, Part remote

Cybersecurity Engineer

Lead Security Engineer - Chase UK

We Are Redefining How People Approach Their Health

ZOEis the science and nutrition company leading a movement to transform the health of millions.

We exist because the food we eat is making us sick. Most of what we are taught about food is wrong.

ZOE runs the world’s largest nutrition science study to find scientifically proven solutions.

Our randomized controlled trial of ZOE proves that if you eat the right food for your body, you can feel healthier in weeks and be on track for more healthy years.

ZOE can change the way you eat, feel, and live. We host world-leading scientists on our podcast and bring proven science to your plate with Daily30+, our 30+ plant supplement.

Over 100,000 people rely on ZOE Membership, our personalized nutrition program, to make smarter food choices. ZOE Membership turns complex science into clear step-by-step actions, helping you improve your health with every meal.

ZOE meanslife— and you can change your life with food.

Visit ourcareer pageand become a ZOEntist.

About the team

The IT function at ZOE is currently led by ourHead of IT, supported by anIT Support Engineer. Together, they ensure the smooth operation of our internal systems and infrastructure. As we scale,security is a top priority, and this role will be instrumental inshaping and implementing our IT security strategy, working closely with teams across ZOE to build a robust security framework. You will partner with the Head of IT for strategic guidance but serve asthe hands-on leadfor security initiatives.

About the role

We are looking for aLead IT Security Engineertoownandoperationaliseour security roadmap, ensuring the protection of our SaaS-based environment, devices, and data. This is abusiness-critical roleand the first dedicated IT security position at ZOE, giving you the opportunity toshape our policies and practices from the ground up. You will collaborate closely with our Engineering, Legal, and IT teams tomitigate key risks(e.g., endpoint security, BYOD, privileged access) andembed a culture of securityacross the organisation.

What you’ll do…

  • Shape and implement a comprehensive IT security roadmapthat aligns with ZOE’s business goals, covering everything fromendpoint securityandidentity/access managementtoDLP(Data Loss Prevention) andlogging/monitoring.
  • Drive security programsaroundOS and application patch management,disk encryption, andlocal admin privilege management, ensuring corporate devices and contractor/BYOD setups meet compliance and security standards.
  • Assess, mitigate, and manage security risksacross ourSaaSecosystem (over 100 apps), corporate IT systems, and infrastructure. Lead projects such asdomain registration migrations,centralised logging/SIEMsetup, andendpoint protectionrollouts.
  • Develop and enforce security policies and frameworks, covering identity and access management,incident response, vendor security reviews, and data handling.
  • Drive automation and adopt Infrastructure-as-Code (IaC) patternsto ensure security controls and configurations are repeatable, consistent, and easily deployed across our endpoints and cloud resources.
  • Lead security compliance effortsin partnership with the Legal team, and provide technical guidance to the organisation on data privacy regulations (GDPR, DPA, CCPA etc.)
  • Monitor, investigate, and respond to security incidents, performing root cause analysis, implementing proactive measures andtaking lead on responding to IT security incidents.
  • Cultivate a security-first cultureby delivering ongoing training (e.g., phishing simulations, secure practices) and collaborating with teams onsecure SaaS configuration.
  • Evaluate, select, and deploy security tools and technologies(e.g., EDR, MDM solutions), balancing strong security posture with user experience.
  • Own privileged access reviewsand work with stakeholders toenforce least privilegeacross critical applications and data.
  • Stay ahead of evolving security threats and trends, continuously improving our security capabilities and processes.

What We’re looking for…

  • Extensive experience in corporate IT security, cybersecurity, or information security, ideally in afast-paced, SaaS-based and cloud-based environment.
  • Proven ability todesign, implement, and own security strategiesindependently.
  • Strong understanding of network security, and device management (Mac, Chromebook, or other).
  • Awareness of cloud security practices(AWS, GCP, or Azure).
  • Hands-on expertiseinincident response,vulnerability management,endpoint protection(e.g., EDR), andsecurity operations(logging, SIEM).
  • Deep knowledge of security industry best practicesanddata privacy regulations(GDPR, DPA, CCPA).
  • Experience embedding security culture: phishing training, running security awareness programs (KnowBe4 or similar), and guiding stakeholders on best practices.
  • Ability to communicate security risks and concepts effectivelyto both technical and non-technical stakeholders, and work autonomously on big initiatives.
  • A proactive, problem-solving mindset: comfortable tackling complex issues like domain migrations, privileged access reviews, and DLP rollout in a single role.
  • Experience working in aremote, international teamis a plus.

The experience, skills, and attributes listed above reflect what we believe will contribute to success in this role. If you're passionate about ZOE and the opportunity, but don't meet 100% of the criteria, we still encourage you to apply. We are committed to supporting growth and are happy to offer upskilling opportunities where possible.

Compensation Philosophy

At ZOE, we are committed to offering competitive and equitable compensation that reflects the value of each role and aligns with regional labor market standards. Our approach to compensation goes beyond just base salary — we offer a comprehensive package that includes base pay and stock options, ensuring that every team member is rewarded for their contributions to the company’s growth and success.

We believe that building a thriving team requires not only providing fair and competitive compensation but also fostering an environment where success is shared collectively. Our total compensation package is designed to support the well-being of our employees, recognise their individual contributions, and empower them to grow alongside ZOE.

Benefits & Perks

At ZOE we understand the significant role our benefits play in motivating, inspiring and safeguarding our employees' well-being. Our benefits strategy is thoughtfully designed to echo our mission and values, recognising the diverse needs arising from different life stages of our ZOEntists.

Our approach to benefits takes an inclusive and flexible view of both personal and professional growth. From competitive health insurance and wellness packages to inclusive parental policies, building connection, and tailored professional development programs, we've got you covered.

At ZOE, we continue to build a benefits package that invests in our team members’ long-term personal and professional growth and wellbeing, adding to this list as it evolves.

Equal opportunities

We are committed to fostering a diverse and inclusive team where every individual can bring their authentic self to work. We believe that this is key to our success and are dedicated to positively impacting the tech industry. As part of our commitment to equal opportunities, we encourage candidates from underrepresented backgrounds to apply. We ensure a respectful and inclusive environment for all and do not discriminate on the basis of race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, marital status, disability, or age. If you require any accommodations during the interview process, please feel free to inform us, and we will make every effort to support your needs.

#J-18808-Ljbffr

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Portfolio Projects That Get You Hired for Cyber Security Jobs (With Real GitHub Examples)

With rising cyber threats and increasingly sophisticated attacks, cyber security has become a critical priority for organisations worldwide. From penetration testers (pentesters) and SOC analysts to cloud security engineers and threat intelligence specialists, the demand for skilled cyber security professionals continues to surge. But how do you stand out in a growing field? Alongside your CV, an impressive cyber security portfolio can be the distinguishing factor that convinces employers you’re the right fit. In this comprehensive guide, you’ll discover: Why a cyber security portfolio is essential for job seekers in this domain. How to align portfolio projects with different cyber security career paths. Real GitHub examples that demonstrate best practices in security-focused projects. Actionable project ideas you can start today, from penetration testing labs to blue-team detection pipelines. Best practices for organising your repos and presenting your work so hiring managers can instantly see your impact. When you’re ready to pursue your next opportunity, remember to upload your CV on CyberSecurityJobs.tech. Our specialised platform connects talented security professionals with employers who need your expertise—exactly what your portfolio will showcase.

Jobs Careers

Cyber Security Job Interview Warm‑Up: 30 Real Coding & System‑Design Questions

The need for skilled cyber security professionals has never been greater. As organisations rapidly digitise their operations and store increasing amounts of sensitive data online, cyber threats loom large—ranging from sophisticated ransomware attacks to insider threats and state‑sponsored espionage. Against this backdrop, cyber security jobs remain some of the most in‑demand and mission‑critical roles on the market. If you’re preparing for a cyber security interview, expect to be tested on a broad spectrum of topics—from secure coding and incident response to network security architecture and compliance standards. In many cases, companies also include problem‑solving exercises and system design scenarios to gauge how well you can apply theoretical knowledge to real‑world threats. To help you ace these assessments, we’ve compiled 30 real coding & system‑design questions you might encounter. Each reflects a key area of cyber security—whether it’s encryption and key management, threat modelling, or designing a zero‑trust network. Along the way, we’ll offer insights and best practices so you can stand out from the crowd. If you’re on the lookout for exciting cyber security roles in the UK, head to www.cybersecurityjobs.tech. There, you’ll discover a range of positions—covering everything from penetration testing and threat intelligence to compliance management and security operations. Let’s dive into the essentials of interview readiness.

Jobs

Negotiating Your Cybersecurity Job Offer: Equity, Bonuses & Perks Explained

How to Secure Compensation That Reflects Your Value in the UK’s High-Stakes Cybersecurity Sector Introduction As cyber threats grow more sophisticated and frequent, cybersecurity professionals have never been more in demand. From thwarting ransomware attacks to architecting secure cloud infrastructures, mid‑senior cybersecurity experts play a critical role in safeguarding a company’s data and reputation. Thanks to this growing reliance on cybersecurity, employers in the UK are going above and beyond simple salary offers to attract the top echelon of talent. Although base salary remains a key component of any job offer, the broader package—encompassing equity, bonuses, and perks—can often surpass what you’d gain from a small bump in monthly pay. For cybersecurity specialists working in areas such as threat intelligence, incident response, penetration testing, or compliance, the complexity and risk mitigation you bring to the table is massive. Knowing how to negotiate the entire package ensures you are duly rewarded for keeping an organisation’s data, assets, and operations safe. In this guide, we’ll delve into every aspect of negotiating a cybersecurity job offer. Whether you’re pivoting to a mid‑senior role or cementing your expertise at an established security consultancy, understanding the full range of compensation elements will help you secure an offer that acknowledges the criticality of what you do. Let’s explore equity options, performance bonuses, and the perks that matter most, so you can come out of your next job negotiation confident that you’re getting more than just a salary.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.