Principal Security Operations Engineer

At Commify, we are proud to be one of Europe's leading suppliers of business messaging services, operating across 9 countries and empowering over 60,000 businesses around the world with our innovative communication solutions. Our comprehensive product portfolio includes SMS, email, WhatsApp, and other services, enabling organisations to communicate brilliantly and effectively.

As we enhance our focus on security in an increasingly complex digital environment, we are on the lookout for a Principal Security Operations Engineer to join our Technical Operations team. In this pivotal role, you will spearhead security operations initiatives and ensure that our platforms are resilient against cyber threats while maintaining compliance with industry standards.

Requirements

In your role as Principal Security Operations Engineer, you will:

• Act as a primary point of contact for security incidents, leading investigations, and ensuring effective resolution
• Design, implement, and manage security measures for our applications and infrastructure to protect against security breaches
• Develop a rigorous incident response plan and lead post-incident reviews to improve our security posture
• Collaborate closely with development and infrastructure teams to integrate security practices into the DevOps pipeline
• Oversee the deployment and management of security monitoring tools to ensure real-time visibility and response capabilities
• Conduct threat assessments and vulnerability assessments, and implement appropriate mitigation strategies
• Upskill and mentor the security team on best practices, emerging threats, and innovative security solutions
• Stay current on the latest cybersecurity trends, technologies, and threats, and proactively recommend enhancements to our security programs

Desirable:

• Implementing proven security testing frameworks into high throughput environments
• Infrastructure security best practices within IaC, ideally Terraform
• Experience with external security audits and certification procedures
• Experience with implementing tooling and static code analysis to detect and flag vulnerabilities as part of our CI process
• Experienced using GitHub with a firm understanding of various branching/merging strategies

Key Qualifications:

• Extensive experience in security operations roles, preferably in cloud and on-premise environments
• Proficiency in security monitoring tools (such as SIEM, IDS/IPS) and incident response processes
• Strong knowledge of security frameworks, standards, and best practices (e.g., NIST, ISO 27001, CIS)
• Experience with scripting and automation tools for enhancing security processes
• Excellent communication skills and ability to articulate complex security concepts to various stakeholders
• Strong analytical and problem-solving skills with a focus on continuous improvement

Benefits

• Competitive Salary (£60 - 67,500)
• Company bonus scheme
• Comprehensive healthcare cash plan
• A generous 27 days of annual leave in addition to Bank Holidays
• 2 Wellbeing leave days and 2 days dedicated to giving back to your community
• Enjoy your birthday off!
• Employer pension contribution at 5%
• Death in service benefit (4 times your salary)
• Annual award recognition
• Fun monthly and quarterly social events
• Opportunities for training and professional development
• Flexible hybrid working arrangements