Home
Jobs
Duel Tech
Information Security Engineer

Information Security Engineer

Hybrid

Bristol, United Kingdom

Full Time

02-04-2025

Share this job:

Score my CV

Job Specifications

Hybrid: Remote/Bristol

Reporting to: Joe Mathews - VP of Technology

Salary: £45,000 - £50,000

About Us

Duel is a SaaS company on a mission to make Brand Advocacy the industry standard playbook for building brilliant retail brands. It was founded by world record breaking adventurer and former brand ambassador Paul Archer, alongside viral games developer Naio Tsarouchis, and we exist to show there’s a better way to build businesses, to build a better future, proving that caring for people builds brand, which builds long term and exponential profit returns.

The Duel Brand Advocacy Platform allows enterprise brands to do just that, scaling how they manage their relationships with thousands of advocates, customers, creators and brand ambassadors. We’re proud today that brands such as Abercrombie & Fitch, Charlotte Tilbury, Spanx, Victoria’s Secret and Elemis (to name a few, but not to name some household names that we can’t talk about yet) are doing just that. The Duel team comprises psychologists, brand experts and community builders, combining cutting edge brand expertise, with seasoned SaaS experience.

The Role

We’re hiring an Information Security Engineer to join our growing engineering team.

As a company, we are ISO 27001-certified and need to maintain this certification while preparing for SOC 2 compliance. Security responsibilities currently sit across different teams, but as compliance requirements increase, a dedicated security engineer is needed to support ongoing security initiatives, manage compliance tasks, and improve Duels overall security posture.

The focus of this role is to help maintain our compliance responsibilities through Secureframe, support ISO 27001 and SOC 2 audits, manage security vulnerabilities, and work within engineering to introduce security best practices into development, infrastructure, and operations.

We’re Looking For Someone Who Will…

Assist in managing ISO 27001 renewals by maintaining compliance documentation and ensuring key security practices are followed.
Help support the company’s transition towards SOC 2 certification by tracking requirements and implementing necessary security measures.
Work within Secureframe to maintain compliance records, ensuring a structured and organised approach to security audits.
Ownership of the external security audits and penetration testing cycles, addressing findings and assisting in remediation.
Assist in identifying and tracking security vulnerabilities across the platform, working with engineering teams to ensure proper mitigation.
Support the handling of Common Vulnerabilities and Exposures (CVEs), ensuring patches and fixes are applied in a timely manner.
Learn and implement security monitoring and automation solutions to detect and respond to threats.
Help manage security tooling, including SIEM, IDS/IPS, and vulnerability scanning solutions.
Work closely with engineers to support secure coding practices and help embed security considerations early in the development process.
Assist in securing infrastructure and cloud environments, ensuring security best practices are followed.
Help analyse penetration testing reports and support the implementation of fixes and improvements.
Learn and apply security principles in IAM, least privilege access controls, and role-based access management.
Maintain up-to-date documentation of security policies, controls, and best practices.
Clearly communicate security requirements and improvements to engineering teams.
Help build awareness around security risks and compliance needs across the company.

We’d love to hear from you if you..

3 years of experience in a security-related role, such as security engineering, security operations, or compliance-focused security work
Exposure to security compliance frameworks such as ISO 27001 or SOC 2, even if not previously responsible for certification processes
Experience working within security risk management, vulnerability tracking, or operational security efforts
Prior experience working with engineering teams on security topics is beneficial, particularly around secure development practices
Ability to clearly communicate security requirements and risks to internal teams
A proactive mindset, eager to learn and improve security processes
Ability to work across teams, collaborating with engineering and compliance efforts
CISSP, CISM certifications are desirable

Technical Skills

Experience with ISO 27001, SOC 2, or other security compliance frameworks
Familiarity with compliance automation tools such as Secureframe, Drata, or Vanta
Experience working with pen testing and bug bounties a plus
Basic understanding of security tools such as SIEM, IDS/IPS, and vulnerability management solutions
Experience or knowledge of cloud security (AWS, GCP, or Azure)
Awareness of security best practices in application and infrastructure security
Some exposure to IAM, role-based access control, and identity management principles
Some experience working with penetration testing findings and basic security audits

In-person and remote working balance ...

We have small HQ’s in Bristol & London (Holborn) with a growing team of people on the ground in our NYC office also.
Although our approach to hybrid working is flexible (we don’t mandate specific days in office), priority for this role will be given to candidates who are available to travel to the Bristol office and keen to spend some days each month in a shared space partnering with the VP of Technology and wider engineering team on shared projects.

Why Duel

We want to build a remarkable company with remarkable people and a remarkable culture that you will want to shout from the rooftops about. In a relaxed, flexible, and fun environment, the team is driven to making the business a success while enjoying what we do and who we do it with.

We have a growing benefits package, including;

Flexible working hours - if you need to fit around childcare or need to work around your life, we understand.
Around 32 days of Annual Leave (28 excluding bank holidays and an extended break between Christmas and New Year, when we close the office). On-going training where required.
Options scheme for all full-time employees - it’s important to us that everybody owns a part of the company and shares in the benefits of what we build.
Company MacBook to work from
£350 WFH Set-Up
Headspace Contributions
Personal Development budget and support
2 additional days leave for volunteering

About the Company

The Duel Brand Advocacy Platform enables brands to mobilize and manage entire communities of social affiliates, content creators and micro-influencers to acquire customers and drive revenue at scale. It also measures the true ROI of advocacy and its impact on Social Commerce, in comparison to ads. Committed to working with brands that put people and the planet over profit, Duel is Bcorp Certified and breaks a brand’s reliance on digital advertising through its Social Affiliate and Brand Ambassador programs. Founded by worl... Know more

Related Jobs

Company Name: RAND Europe
Job Title: Research Leader - Crime and Justice - Defence, Security and Justice
Job Description: RAND is a not-for-profit research institute with over 30 years of experience in conducting policy research for governments, international organisations, research councils, charitable foundations, and other organisations. We believe that good research helps shape sound answers to pressing societal challenges, ultimately making communities safer and more secure, healthier and more prosperous in the future. RAND Europe has offices in Cambridge, Brussels and The Hague and employs approximately 180 staff. The Defence, Security and Justice Research Group undertakes contract research and analysis in a range of public policy areas. At present in in the UK, we are looking for a Research Leader in our Crime, Drug Policy and Justice work stream. This includes topics such as policing, prisons, youth offending, drug use, supply and regulation, vulnerable offenders, cybercrime and online hate, and serious organised crime and corruption. Our recent work in the UK includes studies for the Ministry of Justice, the Home Office, The Department of Health and Social Care and various charitable foundations. Our projects are diverse in nature, including evaluations of criminal justice policies and programmes (randomised controlled trials and quasi-experimental impact evaluations, process evaluations and economic evaluations), evidence syntheses and international comparisons. We encourage applications from those with training and expertise in one of several of these methods and approaches. You will have the opportunity to work alongside renowned experts on projects with national and international reach and conduct cutting-edge research using a variety of methods. You will be able to drive positive change by translating research into clear, actionable policy recommendations. The successful candidate will thrive on teamwork and collaboration with colleagues and research funders, take an active role in project management, and be keen to grow a body of work through active business development and proposal writing. The role is ideally suited to an individual who is committed to applying a mixed methods approach to drive impact in policy and decision-making. Demonstrable experience of working on multiple projects in parallel and communicating with decision-makers in government, industry, academia, and wider policy communities is highly desirable. Key Responsibilities Your primary role will be to design, manage, and lead research and analysis on complex policy questions on behalf of our clients. You will work as part of our wider research team to ensure that projects are delivered on time, on budget and to the highest quality standards. Specifically, The Research Leader Role Will Involve Identifying business development opportunities and acting on them. Leading projects to deliver high quality work within available time and resources. Research design, selection of appropriate analytical approaches, undertaking qualitative and quantitative data collection and reporting findings. Maintaining regular communication with collaborators, clients, and funders to ensure project success. Preparing clear and concise presentations and research briefs for policymakers and other audiences. Identifying opportunities to disseminate research findings through publications, conferences, etc. Supporting strategic corporate initiatives aligned with RAND Europe's mission. Ad hoc duties as required. Requirements Essential experience Management Experience in managing research projects in professional services or public sector domains. Experience in managing project teams, developing junior researchers and coordinating project resources. Experience in managing limited portfolio of projects within subject matter expertise. Track record of undertaking research for policy and/or practitioner audiences. Commercial awareness Experience drafting and leading proposals that secure research funding in competitive environments. Experience of effectively managing small to medium-sized project budgets. Personal Skills And Experience Excellent problem-solving skills. Ability to multi-task and prioritise work. Ability to work flexibly and to deadlines. Ability to effectively process large amounts of information, translate and presenting complex research findings to policy, practice, and lay audiences. Strong team player who enjoys working with others and collaborating across research areas and with partners. Thematic expertise Expertise in at least one of the following thematic areas: organised crime, illicit markets, criminal justice, policing, prisons, vulnerable offenders Agility to work across other topic areas within the portfolio of the Defence, Security and Justice research group. Fluency in English Eligible for UK security clearance IT skills Intermediate Word, Excel, and PowerPoint. Desirable Experience Familiarity and experience of working with UK government and other clients in the crime and justice space. Familiarity and experience with international research funders, including the EU Proficiency in other languages Expert use of statistical software packages (e.g., STATA, R, SAS) and relevant programming languages (e.g., Python). Experience with (quasi-)experimental evaluation designs Benefits Pension - 8% Employer contribution; 33 days holiday allowance, including the Bank Holidays; Annual salary review; BUPA medical insurance; Generous company sick pay; Enhanced family friendly policies; Group income protection scheme; Group life assurance; Compassionate leave; Flexible working arrangements; Learning and development opportunities; Employee wellbeing training and support; Fresh fruit every day; Free on-site parking; Cycle to work scheme; Access to company bikes; Service awards. How to Apply If you believe you are suited to the above role, please submit an application comprising of a CV and covering letter. The closing date for applications is 13th April 2025. If you have not been contacted within 30 days of application deadline, please assume your application has not been successful.

Cambridge, United Kingdom

On site

Full Time

13-04-2025

Company Name: Women in Tech UK
Job Title: Software Engineer (DV Security Clearance)
Job Description: Position Description CGI's Space, Defence, and Intelligence business unit is dedicated to delivering cutting-edge technical solutions that address the most complex challenges faced by government agencies. Our mission-critical systems are custom-built to ensure security, reliability, and innovation, helping our clients protect the nation and its people, This role offers an exciting opportunity to engage with groundbreaking technologies in a dynamic and rewarding environment. At CGI, we are deeply committed to the growth and development of our team members, offering extensive learning opportunities to help you stay at the forefront of an ever-evolving technology landscape. Our culture values innovation, collaboration, and ownership, making it an ideal environment for self-motivated individuals to thrive. Please note, due to the highly secure nature of the project, this role is open only to UK Nationals who hold or are eligible for High-Level Clearance (HLC). While there is some flexibility for remote or hybrid work, onsite attendance at the specified location(s) will be required for secure system access. Your future duties and responsibilities As a Software Engineer in our Secure Innovation & Advisory division, you will play a key role in delivering innovative solutions to help safeguard our country. You will work closely with clients to exploit new and bespoke technologies, providing them with a competitive advantage. The systems you develop will be built for performance, security, reliability, and scalability, leveraging modern CI/CD tooling and practices. Required Qualifications To Be Successful In This Role Collaborating with clients to understand and meet their technology needs. Design, develop, and deliver secure software solutions using the latest technologies. Work within an Agile environment to meet tight project deadlines while maintaining high-quality output. Contribute to system architecture, design, and technical documentation, including LLDs, user guides, and release notes. Requirements We are heavily committed to developing our members and will provide excellent learning and development opportunities to ensure that your knowledge and skills keep pace with the evolving technology landscape. We engender a culture of innovation, collaboration and ownership; highly motivated self-starters thrive within our organisation. Although we would like candidates to have all the mandatory requirements, we would consider high quality individuals who meet most of the criteria: Containerisation/Container Security Microservice Architectures API Development, REST, Swagger, OpenAPI, gRPC Cloud platforms and technologies, AWS, (e.g. Lambda, API Gateway, EKS), Azure, Google Cloud Platform (GCP) Cloud native Apps, Kubernetes, OpenShift, MicroK8s Infrastructure as Code (IaC), automation & configuration management Ansible (plus Puppet, Saltstack), Terraform, CloudFormation NodeJS, REACT/MaterialUI (plus Angular), Python, JavaScript Big data processing and analysis, e.g. Apache Hadoop (CDH), Apache Spark RedHat Enterprise Linux, CentOS, Debian or Ubuntu. Java 8, Spring framework (preferably Spring boot), AMQP - RabbitMQ, Open source technologies Experience of Agile software development (SAFe, Scrum, Kanban, etc) Experience writing technical documentation such as LLDs, user guides, release notes etc Requirements analysis. Software technology knowledge. Together, as owners, let's turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because... You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction. Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team-one of the largest IT and business consulting services firms in the world.

London, United Kingdom

On site

Full Time

14-04-2025

Company Name: Rapid7
Job Title: Cybersecurity Advisor
Job Description: Rapid7 Cybersecurity Advisors partner with our customers above and beyond the tactical aspects of vulnerability management, application security, and threat detection and incident response. You will work with your customers to increase their resilience against threats through tailored mitigation recommendations, proactive threat awareness reporting, and regular touch-points to discuss IT security initiatives and associated best practices. About The Team Rapid7’s Managed Services deliver world class, 24/7/365 threat detection, incident response, vulnerability management, and application security services for our customers. As a member of Rapid7’s Cybersecurity Advisor team, you are on the front-lines helping clients defend against and respond to today’s biggest threats. Our analysts and scanning operation teams keep a constant watch on our customers and provide guidance and strategies to help identify and remediate significant risks. Rapid7 Cybersecurity Advisors are fanatical about security and customer satisfaction, and are just as comfortable working in the weeds with engineers as we are briefing a CISO on a recent breach and security strategy. About The Role As a Cybersecurity Advisor, you will be the key trusted advocate to our customers. Your valuable experience and in-depth understanding of the security landscape will be pivotal in shaping the customer perception of Managed Services and its exceptional service. Our Cybersecurity Advisors are responsible for leveraging their technical knowledge to guide customers in the successful usage of security product features and enhancements, and for positively impacting the overall success and maturity of customers’ security programs. In This Role, You Will Ensure that Rapid7 Platform technology is functional, and coordinate with Rapid7's Managed Services and Rapid7's Support team when needed Work closely with Analysts and Scan Operators to convey recommendations to Rapid7 customers Review and generate high-quality accurate and contextual customer deliverables for complex technical accounts Provide subject matter expertise and advisement to clients for industry attack trends and defenses Demonstrates an expert understanding of the value-drivers of our products and the ability to help customers navigate and optimize their usage Develop and maintain strong, long-lasting advisory relationships with key stakeholders, including technical teams, project managers, and C-level executives on complex accounts Guide clients through findings and providing subject matter expertise for response activities Provide expertise in technology deployment and client onboarding processes Gather client input and requirements across the Managed Services client base to influence Managed Services service roadmap Assist Managed Services Leadership with effective scaling strategies to face the challenge of an ever-expanding customer base Independently identify potential risks and challenges in customer relationships and work proactively to address them before they escalate The Skills You’ll Bring Include Associates Degree in information Technology, or two or more years of related experience 3-4 years of experience in Information Security or related discipline Industry-related certifications i.e. A+, Network+, Sec+, Cloud+, CCSP, etc. Excellent written and verbal skills Excellent interpersonal and communication skills Information Security consulting experience Prior technology deployment and configuration experience Experience with security frameworks and concepts Strong project management and prioritization abilities Prior experience in managed or enterprise information security services, vulnerability management, incident response, forensics, malware analysis, penetration testing, or network defense Strong understanding of technical concepts and experience advising customers on how to best use and adopt the platform for faster Return on Investment (ROI) Problem-solving mentality with the ability to navigate complex situations We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today. About Rapid7 At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact. Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 11,000+ global customers ahead of whatever’s next. Join us and bring your unique experiences and perspectives to tackle some of the world’s biggest security challenges.

Belfast, United Kingdom

Hybrid

Full Time

11-04-2025

Company Name: Google
Job Title: Staff Product Manager, Subsea Cable Network
Job Description: Note: By applying to this position you will have an opportunity to share your preferred working location from the following: London, UK; Dublin, Ireland.Minimum qualifications: Bachelor's degree or equivalent practical experience. 8 years of experience in product management, consulting, co-founder or related technical role. 3 years of experience building and shipping technical products. Preferred qualifications: 5 years of experience working cross-functionally with engineering, UX/UI, sales finance, and other stakeholders. Experience in running large-scale operations and excellent knowledge of financial models and can make build, buy, and partner decisions. Experience with Release and product launches. Experience in optical technology and subsea cable systems. Experience in product management, pricing, financial modeling, software and hardware engineering, distributed systems, optical network design, operations, deployment, and computer sciences for success in this role. About The Job At Google, we put our users first. The world is always changing, so we need Product Managers who are continuously adapting and excited to work on products that affect millions of people every day. In this role, you will work cross-functionally to guide products from conception to launch by connecting the technical and business worlds. You can break down complex problems into steps that drive product development. One of the many reasons Google consistently brings innovative, world-changing products to market is because of the collaborative work we do in Product Management. Our team works closely with creative engineers, designers, marketers, etc. to help design and develop technologies that improve access to the world's information. We're responsible for guiding products throughout the execution cycle, focusing specifically on analyzing, positioning, packaging, promoting, and tailoring our solutions to our users. The Google Global Networking and Infrastructure team (GGN&I) develops networking technologies that allow Google's global WAN to connect the world through one of the largest scale zero-touch Software Defined Networking (SDN) infrastructure. Google Global Network delivers connectivity to Google Cloud customers, Google products (Search, Ads, Workspace, etc.) serving across the planet, and operates Content Delivery Network (CDN) infrastructure that fuels YouTube. Google's network is build on the extensive global submarine cable systems. GGN&I Product Management mission is to deliver networking products that enable our customers’ business objectives and deliver best product experience. GGN&I strives to be an organization where Googlers of every background grow. Google Cloud accelerates every organization’s ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems. Responsibilities Build on the goal and strategy for Google Global Network (GGN) subsea cable network offerings. Represent GGN&I and collaborate with partner teams to build cross-functional alignment and roadmaps supporting business needs of GGN and our customers. Define the roadmap and features supporting Google subsea cable systems services. Work with customers to define the global connectivity journeys and requirements. Collaborate with engineering and partner teams to drive the highest level of product execution that delivers user needs. Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google's EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form .

London, United Kingdom

On site

Full Time

12-04-2025