Security Lead

As Security Lead you will work with our Infrastructure division to develop a stronger security culture within the company. You will take ownership of existing security programmes and roll out new ones to enhance our security posture and minimise our attack surface. You will work directly with security monitoring tools to monitor systems, respond to incidents, and continually improve our systems. You will also manage internal audits, write reports, and brief management as to potential risks and impact.

In this role you will:

• Develop and implement security policies, protocols and procedures
• Own our employee security training programme
• Be responsible for the management of our ISMS
• Lead security audits and incident responses
• Work towards ISO 27001 (or comparable) certification
• Monitor our SIEM, IDS, and other security systems
• Analyse customer/partner security requirements
• Ensure we follow best practices and guidelines

Please Note: Due to COVID-19 we are following the Scottish Government Roadmap and, although we are operating normally, the office is closed and we are all working from home.

The successful candidate should be able to work from home for the duration of the office closure. The position is permanent and is based at our head office in central Edinburgh. The successful candidate must be able to demonstrate the right to work in the UK. Due to related hardware being located in the Edinburgh office this role will ordinarily require being office-based. However we will consider and evaluate requests for flexible working post COVID provided the candidate is located within daily travelling distance of Edinburgh.

Starting salary: Competitive & Negotiable.

What We Offer

Codeplay is internationally recognized as being at the forefront of software development technology. Working at Codeplay offers unique opportunities and challenges to learn new technologies and to get involved in shaping the software industry. Codeplay's projects range from: creating tools and tool sets (optimizing compilers, debuggers, profilers, programming models & APIs, test systems/suites, etc.) for brand-new unannounced next-generation hardware; developing and optimizing current machine learning (TensorFlow™) and computer vision applications; research and development into lowering the power consumption of mobile devices; and contributing to new programming models and software standards (e.g. C++, SYCL™, OpenCL™, Vulkan® and SPIR™-V).

Codeplay Software is a world pioneer in enabling acceleration technologies used in AI, HPC and automotive. Codeplay was established in 2002 in Edinburgh, Scotland and developed some of the first tools enabling complex software to be accelerated using graphics processors. Today, most AI software is developed using graphics processors designed for video games, and more recently specialised AI and computer vision accelerators. Codeplay continues to work with global technology leaders to make the latest complex AI systems programmable using open-standards based programming languages and allows application developers to quickly bring software to the market.  Codeplay is also deeply involved with the definition of open standards, especially OpenCL™, SPIR™, SYCL™, and Vulkan™ through The Khronos Group, and MISRA C++ for automotive.

• A friendly and relaxed working environment where colleagues respect and support each other.
• Learn from experienced colleagues: our staff frequently give company-wide knowledge-sharing presentations on new software and technology trends, personal projects and other relevant subjects.
• Great career prospects within a growing company
  • We develop our staff to progress quickly in their roles, and to take ownership of business functions, become experts, and/or lead teams. We provide training in skills such as project and people management, networking and delivering effective presentations.
  • Newstart mentoring scheme
  • Opportunities to attend major worldwide industry conferences and events representing the company

• Flexible working hours
• EMI Stock Option Scheme 
• Full pay for Maternity/Partner/Shared Parental Leave
• Pension scheme offering 7% employer contributions
• Private healthcare insurance 
• Free confidential counselling service
• Frequent company social events (social nights, pot luck lunches, gaming, karting, outdoor adventures, and more) (Post-COVID!)
• For applicants residing in the UK we can also offer in addition to the above benefits:
  • Childcare Voucher Scheme (for existing members only)
  • Bike2Work Scheme
  • Season Ticket loans

Required Skills

The ideal candidate is a self-motivated individual who can work through a problem from start to finish, meet deadlines as required to support software projects, and has the ability to work under pressure. You will be working on technology that is seldom announced to the public and could be several years away from public release, so confidentiality is critical. You should be able to work both independently and collaboratively within teams of varying skill sets and expertise. You should be welcoming towards, and able to adapt to, the introduction of new technologies, responsibilities and projects, as Codeplay works with cutting-edge technology and takes on a diverse range of projects.

• Experience in a senior Information Security position
• Excellent communication skills both spoken and written
• Demonstrable experience with security analysis and/or research
• Experience with security issues related to Linux and Windows operating systems
• Experience with endpoint protection solutions
• Experience running security audits and compiling associated reports
• Experience with physical networking
• Understanding of CVEs
• Hands-on experience with Kali and/or other security analysis distributions
• Understanding of digital forensics

Beneficial Skills

Knowledge and/or experience of any of the following would be useful for the role, but are not essential. You must be able to learn new skills, but will be given support from Codeplay's team to get you up to speed.

• Experience with ISO27001 / SOCII / NIST ISF / etc
• Experience with pfSense / OPNsense
• Experience with AWS
• Knowledge of AWS security best practices
• Experience with security training
• Version control tools (preferably git)
• Technical writing skills
• Experience reporting to senior management
• Knowledge of identity management solutions (e.g. AD, LDAP, FreeIPA, Okta etc)
• Experience with bug bounties and / or security "war-games" (capture the flag, etc)

Application Guidance

Any application which results in a job offer is conditional upon the candidate already having or successfully applying for the right to work in the UK. Codeplay is proud to be an Equal Opportunities employer. We celebrate and value diversity. We are committed to creating an inclusive environment for all employees, regardless of race, colour, gender, religion, national origin, ancestry, citizenship, disability, age, sexual orientation or any other characteristic protected by law. All employment is decided on the basis of qualifications, merit and business need and we strongly encourage applicants from all backgrounds and walks of life. We are committed to providing flexible working options such as part-time/compressed hours/timeshifting/remote. If you have a disability or additional need that requires accommodation, just let us know.

The Cover Note/Letter is just as important as your CV/Resume, so please include one, stating why you believe you are a good fit for the position. If you have examples of relevant work or projects, we would love to see them, so please include links to them in your application.

Closing date for applications for the 20th April 2022.