Role Description We are hiring for an Information Security Manager to manage our internal IT function reporting to the CFO, or such other person as the Company may appoint from time to time. Security Strategy & Compliance - Set up and drive the overall information security strategy. - Own the ISMS standards and their adoption, ensuring compliance with company and external requirements including SOC 2 and ISO 27001. - Organise and manage ISMS-related scheduled activities and drive continuous improvement of the ISMS. - Contribute to security architecture and design decisions. - Oversee security tooling such as EDR, SIEM, MFA, password managers, device management, and access review processes. Incident & Escalation Management - Act as the primary escalation point, during and outside business hours, for all major security-related incidents and events. - Coordinate and manage corrective actions and responses to security incidents. Governance, Risk & Audit - Own security documentation, including policies, standards, exceptions, risk registers, and control evidence. - Oversee the internal risk-assessment and audit programme, supporting internal and external audits, remediating findings, and tracking control improvements to closure. - Support vendor and supplier risk management, including due diligence, sub-processor oversight, and security assessments. - Own the access control process, validate and audit access across divisions and functions. - Provide management reporting on risk posture, incidents, audit status, metrics, service trends, and improvement plans. - Work with engineering, DevOps, HR, and customer-facing teams to embed controls into everyday processes. - Drive ongoing security governance improvements. Data Privacy - Address data privacy and data protection concerns, and manage responses to customer data privacy requests. - Act as Data Protection Officer (DPO) for the organisation if and as required. Policy, Awareness & Customer Assurance - Help enforce security policies, building adoption, embedding them in the company culture, and introducing regular checks on departmental compliance. - Own and deliver security awareness training and campaigns to strengthen the security culture. - Complete security-related sections of RFPs and customer questionnaires, build and maintain a security knowledge base, and provide assurance of the integrity, confidentiality, and availability of information owned, controlled, and processed by the organisation. - Attend meetings with customers and prospects to provide insights into how HICX implements security across the organization. Internal IT & Operations - Manage a small team of IT support admins providing internal IT support to HICX employees and contractors. - Act as the escalation point for complex IT issues, incidents, and problems requiring cross-team coordination. - Ensure IT support activities align with security controls, access management, and acceptable use requirements. - Oversee onboarding, offboarding, account lifecycle management, and device provisioning/deprovisioning. - Own and maintain standard operating procedures and the operations platform. - Help balance usability, cost, and security when selecting or renewing SaaS and IT tools. - Carry out other reasonable duties as required by the Company. Qualifications - Excellent track record of leading security audits; ISO 27001, SOC 2, Cyber Essentials Plus. - Proven experience in a senior information security leadership role (Head of Security, Information Security Manager, or similar), ideally within a SaaS or technology business. - Demonstrable experience building, operating, and maturing an ISMS, including achieving and maintaining SOC 2 and ISO 27001 certification. - Strong, hands-on knowledge of security tooling and controls; EDR, SIEM, MFA, identity and access management, device/endpoint management, and vulnerability management. - Solid understanding of cloud security (AWS, Azure, and Microsoft 365 admin suite). - Experience leading end-to-end security incident response, including out-of-hours management of major incidents. - Knowledge of UK GDPR/GDPR and global data protection laws, with experience acting as, or working closely with, a Data Protection Officer. - Experience of third-party, vendor, and supplier risk management, including due diligence and sub-processor oversight. - Experience completing customer security questionnaires and RFPs, maintaining a security knowledge base, and presenting security posture to customers and prospects. - Excellent communication skills, with the ability to translate technical risk into clear business language for technical and non-technical audiences, including executives and customers. - Strong leadership and people-management skills, with a track record of developing and motivating a small team. - Pragmatic, risk-based mindset that balances security with business enablement, usability, and cost. - Highly organised, self-motivated, and comfortable working autonomously within a fully remote, international team. - Collaborative and influential, able to embed a strong security culture across the whole organisation. - Relevant professional certification is desirable (e.g. CISSP, CISM, CISA, or ISO 27001 Lead Implementer/Auditor). - Experience managing internal IT operations and a small IT support team, onboarding/offboarding, account lifecycle, device provisioning, and SaaS administration is desirable. Benefits - Work from anywhere within the UK - we are a fully remote company. - Private health insurance. - Flexible PTO - We offer 25 days of paid holiday per year + England Bank Holidays. - We celebrate special occasions with you - like your birthday! Additional PTO for all employees during their birthdays. - Receive Competitive Pay - Our team makes sure to provide a highly competitive rate based on your skills and location. - Work with a diverse, international team.

• As a Sales Specialist for NG Identity Security, you'll be the face for prospective customers • Working alongside our sales team, you'll take ownership of the technical relationship through the sales cycle • You'll also maintain that relationship with the customer as they discover what NG Identity Security can do for them, expand their use, and provide feedback to our Product Management team • You'll become a trusted advisor by providing technical value in your interactions with prospective customers, answering technical questions, demonstrating capabilities, and laying out a technical vision of SSPM • You'll be working closely with the teams in sales, leadership, marketing, support, customer success, and engineering • Providing feedback on deal progress, uncovering the wants and needs of prospects, and translating that to tangible value from the Adaptive Shield platform • Your success in this role will have a significant impact on the expansion of NG Identity Security worldwide as a part of our team of specialists.

• Own and optimize endpoint security platforms. • Leads endpoint detection engineering, automation, and platform tuning. • Lead detection engineering. • Develop automation scripts. • Perform advanced threat investigations. • Define endpoint hardening baselines. • Mentor junior staff. • Participate in architecture reviews. • Support incident leadership. • Evaluate endpoint security vendors.

• Design and optimize network security controls. • Owns firewall architecture, segmentation, and perimeter optimization. • Design and own firewall, VPN, and perimeter architectures. • Optimize segmentation and connectivity. • Lead complex security changes. • Perform network threat analysis. • Mentor junior engineers. • Support vendor evaluations. • Participate in Zero Trust roadmaps. • Assist with network incident response.