Senior Security Engineer -

Senior Security Engineer
We are seeking an experienced Senior Security Engineer to play a critical role in both technical security and compliance as we scale our technology department. You will be responsible for ensuring our security posture is robust, compliant, and continuously improving, owning the implementation of security best practices, frameworks, and compliance initiatives such as ISO 27001 and SOC 2.

A few things about ORFIUM

Orfium is the global technology leader solving the entertainment industry’s biggest challenges around digital music and broadcast rights management, cue sheets, data, and reporting.

We’re transforming the entertainment ecosystem with industry-leading software and music reporting solutions so that whenever music is played in the world, Orfium is working behind the scenes to support its customers to track it, deliver the data, and help creators, rights holders, and media companies report and monetize the usage.

Orfium works with some of the largest music and entertainment companies in the world including Warner Music Group, Sony Music Entertainment, Sony Music Publishing, Warner Chappell Music Publishing, Universal Music Publishing Group, Ingrooves, Red Bull, and many more! Our team of 700+ operates from locations including LA, London, Dublin, Sofia, Tokyo, Sri Lanka and Athens.

We’re music lovers, developers, data scientists and designers - all working together to improve the entertainment industry for everyone. Our people are passionate, dedicated and constantly innovating. We’re committed to creating a fair and transparent working environment where everyone can thrive and be themselves.

We are looking for talented people to join our team who are passionate about making a difference!

Requirements

What you will be doing!

• Own and drive security compliance efforts across the organization, ensuring alignment with ISO 27001 & SOC 2 requirements.
• Define, implement, and maintain security policies, procedures, and automated controls to improve security posture.
• Lead the incident response process, including defining playbooks, running tabletop exercises, and ensuring timely resolution
• Work closely with our Legal and IT teams to ensure we meet contractual security obligations and regulatory requirements.
• Conduct and oversee security audits, third-party penetration testing, and risk assessments to identify and mitigate vulnerabilities.
• Deliver security awareness training to employees, ensuring security best practices are embedded in our culture.
• Collaborate with engineering teams to implement security best practices across infrastructure, applications, and cloud environments.
• Monitor emerging threats and industry trends to proactively improve security controls.
  

What you need to succeed in the role!

• 5+ years of experience in security engineering, with a strong focus on security best practices and compliance.
• Hands-on experience implementing ISO 27001 & SOC 2 compliance frameworks.
• Strong understanding of network security, cloud security (AWS, GCP, or Azure), and identity/access management.
• Experience with security audits, risk assessments, and incident response planning.
• Ability to work autonomously and take ownership of security initiatives.
• Strong problem-solving, communication, and stakeholder management skills.
• Fluent in English (written & verbal).
  

Benefits

🚀 You'll get to work into one of the up-and-coming tech companies in the Music Industry.

🏠 Hybrid work model

💰 Competitive salary & Stock Options plan.

🏥 Private Health & Life Insurance.

🌴 Extra Days Off.

💻 Latest tech equipment.

ORFIUM is proud to be an equal opportunity workplace. We are committed to equal employment opportunities without unlawful regard to race, color, ancestry, religion, gender, national origin, sexual orientation, age, citizenship, marital status, disability, veteran status, or any other local legally protected characteristic.