We’re on a mission to create a diverse group of future leaders. We do that through professional apprenticeships because we believe learning on-the-job creates a more equitable and successful path to careers. We find, train and support talented individuals, wherever they are in their career journey, and equip them with the in-demand tech, software engineering, and data skills to transform their careers and deliver a better route to growth for their employers.
We’ve had some big achievements. We hit 10,000 apprentices in our community - and counting. We launched one of the largest data apprenticeship programs in the UK with Jaguar Land Rover, and we’ve partnered with companies like Mars, Verizon and CitiBank. Not to forget becoming a mission-driven EdTech unicorn after our $220m Series D.
But we aren’t stopping here. Join Multiverse and build the future of learning at work.
As an Information Security Manager at Multiverse, you will support our Infosec Director and Privacy team to help us secure our modern cloud native platforms. You will help by securing work delivered by dev ops engineers, IT operations (end user computing), suppliers, and support client security requirements.
Specifically, you will:
Help to build and scale out a secure engineering culture, working with teams to embed secure engineering practices & secure–by–design principles
Review the security posture of our cloud platforms and identify cloud security risks and issues and work with our platform and product teams to improve our platforms.
Deliver clear recommendations for building security capabilities to deliver security policy and compliance objectives.
Lead internal learning sessions, giving our security champions help and support to improve their security knowledge
Conduct maturity assessments of application security practices
Improve security culture and awareness program for Engineering / IT Operations / Business Teams
Support our sales teams / clients with timely completion of Self Assurance Questionnaires (SAQ) accurately at pace.
Review client contracts for security/privacy requirements, assessing compliance posture and suggesting mitigations if required.
Manage delivery of security tooling.
Produce Documentation - documenting standard operating procedures (SOPs), Policy reviews and updates.
Secure critical business products/services to internal requirements in line with good practise and to meet client expectations.
Experience leading security engineering teams Secure By Design / Privacy By Design
You will have lived experience of running/being part of security operations such as running security operation centres, responding to security incidents/breaches, overseeing patching/vulnerabilities or hardening systems.
Comfortable working at pace to deliver systems and security designs, patterns and decisions.
Experience managing team ways of working and ownership of work items.
From a leadership perspective you will understand the power of diverse thought, kindness, humanity, creating the conditions for success, learning from failure.
Experience working with senior stakeholders, working between multiple teams, building complex services in code and working in a culture of continuous release.
Prepared to respond to security incidents to minimise the impact on the business,
Experience supporting Governance, Risk and Compliance across the business, enforcing compliance with key data and security policies.
Supplier Assurance – supply chain security, completing client Self Assurance Questionnaires (SAQ).
Expertise in planning and delivering roadmaps, contributing to our cloud security strategy
Good understanding of security risk management in a cloud security context, and of cloud security principles
Knowledge of multiple regulatory requirements e.g UK GDPR, CCPA
Expertise in security and compliance frameworks and standards, e.g. CE+, NIST SP 800-207
Bonus points if you have or are willing to learn:
Knowledge of Infrastructure as Code
Knowledge of Azure, Google, AWS, and Kubernetes cloud–native services
Securing GitOps and Continuous Deployment
Identity and Access Management, including securing privileged access
Relevant certifications such as SABSA, CISSP, CCSK, AZ–500, GIAC, CISM, ISO Lead Auditor/ Implementer, CISLA, CISMP, Security +, AWS Certified Security, MSc Information Security
Time off - 27 days holiday, plus 7 additional days off: 1 life event day, 2 volunteer days and 4 company-wide wellbeing days
Health & Wellness- private medical Insurance with Bupa, a medical cashback scheme, life insurance, gym membership & wellness resources through Gympass and access to Spill - all in one mental health support
Hybrid & remote work offering - with weekly or monthly visits to the London office and the opportunity to work abroad 45 days a year
Team fun - weekly socials, company wide events and office snacks!
Our commitment to Diversity, Equity and Inclusion
We’re an equal opportunities employer. And proud of it. Every applicant and employee is afforded the same opportunities regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. This will never change.
All posts in Multiverse involve some degree of responsibility for safeguarding. Successful applicants are required to complete a Disclosure Form from the Disclosure and Barring Service ("DBS") for the position. Failure to declare any convictions (that are not subject to DBS filtering) may disqualify a candidate for appointment or result in summary dismissal if the discrepancy comes to light subsequently.
We asked employees of Multiverse how satisfied they were with flexible working, and this is what they told us
Working at Multiverse
Gender diversity (male:female)
London, New York & Remote