Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Head of International Security (Cybersecurity): Own and unify Scale’s security strategy across non-US markets, translating GDPR/ISO/NIS2/EU AI Act and sovereignty requirements into concrete engineering controls. Focus on building secure-by-default identity, detection/response, and multi-tenant protections for international enterprise and public-sector customers, with an accent on cross-border data flows, insider risk, and AI/agentic threat surfaces.
Company
Scale AI develops reliable AI systems and provides data and full-stack technologies for enterprises and governments.
What you will do
- Execute the multi-year secure-by-default security roadmap across non-US markets and feed regional needs into global architecture decisions.
- Translate GDPR, ISO 27001/27017/27018, SOC 2, UK Cyber Essentials Plus, EU AI Act, NIS2, and data residency/sovereignty rules into engineering controls.
- Lead regional security engineering for IAM/Zero Trust, RBAC, secrets management, CI/CD hardening, encryption, logging/monitoring, and infrastructure protection.
- Secure customer data, proprietary datasets, and AI assets across regional deployments, including multi-tenant isolation, privilege lifecycle management, and customer-managed keys.
- Address AI/agentic attack surfaces (prompt injection, tool abuse, data exfiltration, model/data integrity) and enforce secure SDLC, threat modeling, and code review standards.
- Serve as the lead security partner for international enterprise and public-sector engagements, including customer security reviews and regulator interactions.
Requirements
- Right to work in the UK; comfortable traveling regularly and willing to be vetted for country-specific clearances when required.
- 8+ years in cybersecurity (security engineering/product security/detection-response/cloud security), with at least 4 years leading or formally mentoring engineers in high-growth or enterprise environments.
- Proven experience building and scaling security programs that materially improved risk posture.
- Strong technical depth in cloud-native security (AWS/GCP/Azure), IAM/Zero Trust, infrastructure security, logging/monitoring, and secure SDLC.
- Hands-on familiarity with GDPR, ISO 27001, SOC 2, UK Cyber Essentials Plus, NIS2, and the EU AI Act.
- Experience managing insider risk and securing environments with significant third-party/contractor/marketplace-style user populations.
Culture & Benefits
- Inclusive, equal opportunity workplace.
- Reasonable accommodations available during the application/recruiting process.
- Security is treated as a product feature (secure-by-default approach).
- Work spans enterprise SaaS and government/national security environments.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →