Information Security Lead

Job Description

Our mission is to make meaningful learning a part of your everyday 🧠. The shelf life of our skills is now less than 5 years. So, if you stopped learning today, your skills would soon be irrelevant. Think that’s a big problem? You’d be right.

Enter HowNow. Founded in 2019, our Learning and Skills Platform is disrupting the way people learn and upskill through technology. Whether it's finding a quick answer, learning skills or tapping into shared knowledge, we make it easy for people to learn what they need, when they need it.

Already used by fast-growing scale-ups and global enterprises, such as the UK Government, Investec, and Trainline we’re pushing the boundaries of how people learn.

Hi I'm Kuvera, the COO at HowNow 👋🏾 I’m looking for an Information Security Lead to join us. As our first hire, you’ll be responsible for identifying, assessing, and mitigating risks for our fast-growing Learning Tech SaaS platform. We're open to this role on part-time basis too, so let us know your preferences.

You’ll act as a subject matter expert, guiding the business where required at the product development stage, as-well as answering any queries and questions related to our products' security from our customers and prospects.

Alongside the opportunities to develop and grow your career, we're a fun and friendly bunch. Have a watch of the video below to get an understanding of what it's like to work here.

Day-to-day tasks will include 📩

• You’ll identify and evaluate security risks across all areas of the business, including our app, SaaS platform, and all company laptops and devices
• You’ll develop and implement strategies to mitigate identified risks, and report back to our Co-Founder on the effectiveness of your strategies
• You'll be the point-of-contact for any security related questions from our customers, joining them on calls to answer any queries relating to the security of our product
• You’ll conduct regular security audits and vulnerability assessments
• You’ll ensure alignment with ISO governance and other relevant cybersecurity standards.
• You’ll develop and maintain security policies, procedures and documentation, and ensure relevant training is delivered to those who require it.
• You’ll prepare for and manage external security audits and assessments, such as PEN tests.
• You’ll partner with consultants to ensure comprehensive security coverage.

The key things that we will be looking for in applicants 🔑

• You have proven experience as a Cloud Security Engineer or a similar role, with knowledge of AWS and Azure cloud services, architecture, and security controls
• You have hands-on experience with security assessment tools and techniques, and penetration testing frameworks.
• Strong knowledge of ISO governance and compliance requirements.
• Experience with security tools and technologies, including vulnerability management and endpoint security
• Excellent problem-solving skills and attention to detail
• Strong communication skills, with the ability to explain complex security concepts to non-technical stakeholders and customers

What you’ll get:

💰 Our salaries are calculated using a SaaS benchmarking tool called (Figures). Happy to disclose upon application. You’ll also receive a performance based bonus on top.

🏆 We are open to this role being performed on a part time (3-4 day) basis. Please let us know you preferences upon applying

🏡 Hybrid working (in our offices 2x a week Tues/Thursday)

💆 Wind-down Fridays. No meetings from 2pm onwards on Fridays, for you to wind down for the weekend. Our HowNow’ers use this time to exercise, study, or spend some time with their family and friends, which you can read about here

👼🏼 Enhanced maternity and paternity policies which you can read about here

🌴 25 days holiday, plus bank holidays and your birthday day off

📚 An annual £200 learning and development budget

🐶 Dog friendly offices - we love our pets! 🐾

🤩 Monthly socials and team dinners which have included Bounce, Mystery Rooms, ITC Maratha, JW Marriot and many more

💡 Access to the very best learning platform out there (HowNow+) to keep you at the top of your game

What's next? 🤔

Once you've applied, we'll get back in touch with you. This is usually within the next 5 working days. Sometimes it can take slightly longer, but we will get back to you regardless of what the outcome of your application is.

1. You'll be invited to a 45-minute video call with Dom, our Senior Talent Partner.
2. A 45 minute interview with Kuvera (COO & Co-Founder) so you can understand the role in more depth, and get to know each other better.
3. You'll deliver a short-task back, detailing how you'd tackle a risk assessment and mitigation plan, compliance and governance, and penetration testing. This will be presented to Kuvera, Ashish, and an external consultant.