About Dashlane

Dashlane's mission is to make security simple for millions of organizations and their people. We empower businesses of every size to protect company and employee data while helping everyone easily log in to the accounts they need—anytime, anywhere. 

Our global team with offices in Paris, New York, and Lisbon is united by a strong sense of community and passion for improving the digital experience. Over 15 million users and 20,000 businesses in 180 countries use Dashlane for a faster, simpler, and more secure internet.

About the role:

Dashlane is looking for our first CSM based in our Lisbon office to help us continue to support our growing EU customer base. You will lead a "dual-motion" portfolio: providing high-impact, reactive management for our Scale Segment while directly managing a portfolio of dedicated accounts. You will own the relationship and success of these accounts with a core focus on Onboarding/Deployment, Retention, and Expansion. 

We’re looking for a self-motivated, hungry to learn individual who thrives in a fast-changing environment. This isn't a traditional "maintenance" role. You are here to drive velocity. You will be a critical member of a growing team, collaborating across Sales, Product, and Engineering to ensure our customers thrive and expand with us. 

At Dashlane you will:

• Architect Success at Scale: Manage a high-volume "Pool" of accounts using a "one-to-many" approach, utilizing automated health checks and AI-driven insights to intervene proactively.
• Drive EU-based Accounts: Fully own a diverse list of high-value EU customers, acting as their trusted advisor and subject matter expert.
• Lead Onboarding & Renewals: Direct the entire customer journey from the initial deployment, lifecycle, complex pricing negotiations and annual renewals.
• Leverage AI for Efficiency: Utilize modern AI tools to streamline communication, analyze customer sentiment, and optimize your bandwidth for high-value strategic work.
• Collaborate Globally: Work independently but stay deeply connected to our global teams in NYC and Paris, sharing feedback with internal development teams to shape the future of our product.
• Meet and exceed quarterly quotas to ensure Dashlane successfully retains and grows our existing account base revenue.
• Become an expert in Dashlane’s product, offerings and overall value to drive success with your customer base
• Proactively find opportunities for growth, both within your book of business and within our team’s processes and procedures

Requirements:

• 2+ years of Customer Success or Account Management experience, ideally within a fast-paced B2B SaaS or Tech environment.
• Business level fluency in English required
• Proven experience managing renewals and leading pricing/contract negotiations.
• You are comfortable using AI tools (i.e. Gemini, ChatGPT) 
• Exceptional organizational and prioritization skills, as well as a high degree of Operational Rigor
• As our first Lisbon hire, you must be resourceful and comfortable operating with minimal in-person supervision.

What we're also looking for:

• Business level fluency in French is a major competitive advantage
• A proven track record of consistently exceeding expansion or NRR quotas.
• Domain knowledge in Identity and Access Management (IAM) or cybersecurity.
• Experience with deployment strategies for technical IT audiences.
• High degree of perseverance and passion for our product and mission. 
• Tech-savvy, personable with natural problem-solving abilities and demonstrated discretion and ability to work with confidential information. 
• Ability to think critically, troubleshoot and solve complex problems in a fast-paced, data-driven, metrics-oriented environment

Location-Specific Information:

You will be based in Lisbon, with English as your working language. At Dashlane, we embrace a hybrid culture that combines the best of both worlds: the creativity and energy of in-person collaboration with the flexibility of remote work. Our model is designed to strengthen team connections while supporting individual productivity and work-life balance. To maximize collaboration, we come together in the office on Mondays, Tuesdays, and Thursdays, while Wednesdays and Fridays offer more flexibility for focused work.

What Dashlane offers you:

• Flex Benefits - allocate a monthly amount to a pool of benefits
• Health insurance covered by Dashlane
• 5 extra vacation days each year, plus your birthday off
• Company wide well-being days (one per quarter)
• Equal Parental leave - up to 20 weeks fully paid leave, within the first year of birth or adoption
• Donation matching program -  Dashlane will match your donations to organizations driving positive impact in historically marginalized communities
• Access mental health services through Spring Health, available for you and your family members
• Team building & social events - weekly lunch in the office and monthly happy hour
• and much more

Role Overview

The Information Security Analyst will support a wide range of information security, vendor management, procurement, audit, and technical security activities across the business. The role involves working closely with teams such as Legal, Procurement, IT, and Engineering to ensure security best practices are embedded in company processes and supplier relationships.

This position would suit someone with experience in roles such as IT Helpdesk, IT Operations, Risk & Compliance, Internal Audit, or Security Operations who is looking to develop a career in Information Security.

Key Responsibilities:

Commercial Support

• Assist with RFP responses and client security questionnaires.
• Support client annual security audits and due diligence requests.
• Respond to internal and external queries relating to information security controls.
• Review and interpret security-related contractual clauses, including data protection, data retention, and audit requirements.

Procurement & Supplier Due Diligence

• Support the supplier security due diligence process for new vendors.
• Participate in procurement and supplier onboarding discussions.
• Collaborate with teams to ensure suppliers meet company security standards.

Vendor Risk Management

• Maintain annual vendor due diligence reviews and documentation.
• Track supplier inventories and criticality ratings.
• Monitor performance and risk indicators for key suppliers (SLA breaches, downtime, incidents, and news).
• Support projects such as fourth-party risk assessments and information gathering.
• Monitor scope changes in vendor products and services as they become available.
• Work closely with Legal, IT, and Security teams on emerging topics such as AI usage and third-party tools.

IT & Technical Security

• Work with IT and Security teams to research new technologies and integrations.
• Support technical security initiatives and projects.
• Conduct data flow mapping and architecture documentation.
• Assist in evaluating system integrations (for example applications connected to CRM platforms).
  
  

Audit & Compliance

• Support ongoing security and compliance programmes including ISO/IEC 27001 and SOC 2.
• Assist with internal audit activities and control checks.
• Help maintain documentation and evidence required for audits and certifications.

Required Skills:

• Experience working with similar roles, ideally in IT support, security operations, compliance, or internal audit.
• Good understanding of core IT and security concepts such as:
  
  
• Endpoint management
• Identity and access management
• APIs and integrations
  
  
• Ability to work across multiple teams and communicate effectively with both technical and non-technical stakeholders.
• Strong organisational skills and ability to manage projects and documentation.
• Comfortable handling both operational tasks and more complex security projects.
• Ability to build strong internal relationships and collaborate across departments.
• Pragmatic and solution-oriented approach to information security.
• Experience working with or evaluating AI tools and products

Candidates should ideally have:

• A relevant qualification in Information Security, IT, Cybersecurity, or Computer Science, or
• Relevant professional certifications (or working toward them), such as:
• ISO 27001 Lead Implementer / Lead Auditor
• CISA or similar
• Equivalent hands-on experience in IT, security, or audit roles will also be considered.

Nice to Have:

• Experience with security audits or compliance frameworks such as ISO 27001, SOC 2, FedRAMP & ISO 42001
• Familiarity with ticketing or workflow tools such as Jira.
• Exposure to vendor risk management or supplier due diligence.

Benefits:

• Equity as we want you to have a part of what we are building 
• Unlimited Time Off Policy- A work-life balance and focus on our well-being are critical 
• Budget to set up your home office upon joining
• Annual learning budget to drive your performance and career development
• Comprehensive Private Health Insurance through Advancecare
• Work from anywhere policy up to 90 days during the year
• Team events across the year, from board games in the office to a team building in a different location

Spektrum supports apex purchasers (NATO, UN, EU, and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

Who we are supporting 

The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO's member countries and its partners. The agency was established in 2012 and is headquartered in Brussels, Belgium.

The NCIA provides a wide range of services, including:

• Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO's communication networks and information systems against cyber threats.
• Command and Control Systems: The NCIA develops and maintains the systems used by NATO's military commanders to plan and execute operations.
• Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
• Electronic Warfare: The NCIA provides electronic warfare services to support NATO's mission to detect, deny, and defeat threats to its communication networks.
• Information Management: The NCIA manages NATO's information technology infrastructure, including its databases, applications, and servers.

Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities.

The program

Assistance and Advisory Service (AAS)

The NATO Communications and Information Agency (NCI Agency) is NATO’s principal C3 capability deliverer and CIS service provider. It provides, maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV, and, when required, stand together in the face of attack under Article V.

To provide these critical services, in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance-engaged workforce. The NCI Agency workforce strategically consists of three major categorise's: NATO International Civilians (NIC)'s, Military (Mil), and Interim Workforce Consultants (IWC)'s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce.

Role ID – 188148

Role Background

• To strengthen the Alliance through connecting its forces, the NATO Communication and Information Agency (NCIA) delivers secure, coherent, cost effective and interoperable communications and information systems in support of consultation, command & control and enabling intelligence, surveillance and reconnaissance capabilities, for NATO, where and when required. It includes IT support to the Alliances’ business processes (to include provision of IT shared services) to the NATO HQ, the Command Structure and NATO Agencies.
• The Ballistic Missile Defence Programme Office (BMD PO), as part of the NCIA, ensures the harmonised planning, implementation, deployment, evolution and support of the BMD capability, in a way that satisfies the operational requirements and minimizes the military risk, taking into account the NATO political, economic and schedule requirements and using the most suitable industrial and technological solutions. The Programme Office is the procurement and implementation body of the NCIA, charged with the effective planning, execution, delivery into service, evolution and through-life logistic support of NATO’s and assigned national and BMD systems.
  • To support the development of the NATO BMD curriculum, the BMD PO requires the provision of expert training deliverables produced by a qualified team of NATO BMD subject matter experts.
• Strong operational expertise in Ballistic Missile Defence (BMD) and Theatre Ballistic Missile Defence (TBMD) missions for each team member is an essential requirement for the successful completion of the deliverables. In-depth operational knowledge and prior experience with NATO’s BMD organisation, as well as familiarity with NATO BMD user applications—specifically Battle Management Command, Control, Communications, and Intelligence (BMC3I) systems—are required to ensure the proper development of NATO BMD curriculum products.
• The team of contractors will develop such products for the NCIA project team that executes the Allied Command for Transformation (ACT) Programme of Work (PoW) 2026 for BMD.

Role Duties and Responsibilities

• The team of contractors will apply their expert knowledge in NATO BMD curriculum development while performing following tasks and activities:
  • Reviewing current NATO BMD related standards, directives, policies and standard operating procedures; providing analysis results to the BMD curriculum development.
  • Collaborating with BMD operational users to collect information for BMD Curriculum and suggest content to the NCIA project team.
  • Conducting Training Needs Analysis (TNA) and develop course materials for the systems in the BMD Programme in cooperation the relevant stakeholders (operators, project teams, academy staff)
  • Supporting NCIA with expert opinions at BMD Curriculum related venues such as IAMD Annual Discipline Conference.
  • Aligning and adapting BMD courses with the BMD CONEMP by creating links or adding references to the CONEMP from within course materials.
  • Providing BMD subject matter knowledge to the NCIA project team.
• The team of resources will hold Principal NATO BMD Curriculum Subject Matter Expert skill set.
• The size of the team is determined by the supplier.
• The Agency Point of Contact for the daily execution of the contract is the NCIA Project Manager

Deliverables base period:

• D1- The team of contractors will provide the final version of Individual Training Views (ITV) and Logical Individual Training Viewpoints (LITV) for the NATO BMD curriculum 2026. Deliverables will be maintained in the project collaboration portal.
• D2- The team of contractors will provide the final version of BMD technical course training products for the NATO BMD curriculum 2026. Deliverables will be maintained in the project collaboration portal.

Deliverables option period:

• D1- The team of contractors will provide the initial version of Individual Training Views (ITV) and Logical Individual Training Viewpoints (LITV) for the NATO BMD curriculum 2027. Deliverables will be maintained in the project collaboration portal.
• D2- The team of contractors will provide the final version of Individual Training Views (ITV) and Logical Individual Training Viewpoints (LITV) for the NATO BMD curriculum 2027. Deliverables will be maintained in the project collaboration portal.
• D3- The team of contractors will provide the initial version of BMD Planners course training products for the NATO BMD curriculum 2027. Deliverables will be maintained in the project collaboration portal.
• D4- The team of contractors will provide the final version of BMD Planners course training products for the NATO BMD curriculum 2027. Deliverables will be maintained in the project collaboration portal.

Essential Skills, Experience and Certifications

• Extensive knowledge, involvement and service in NATO BMD mission and strong network in the NATO BMD community. Must have been previously involved in BMD Operational User Group (OUG) activities, either as an active member or a chairman.
• Demonstrable experience with developing BMD curriculum for NATO. Must have previously developed for BMD programme following artefacts:
  • Individual Training Views (ITV),
  • Logical Individual Training Viewpoints (LITV),
  • Training Needs Analysis,
  • Course Control Documentation I, II and III.
  • Course material for earlier versions of BMD Planners Course.
• Experience with developing training curricula and/or training programs, including course materials for technical training in the BMD domain.
• Experience with development of technical documentation, training materials and instructional aids, specifically for the BMD domain.
• Extensive experience working with NCIA, NCI Academy, ACT, SHAPE and other NCS HQs in relation with NATO BMD Programme.
• Extensive knowledge of and practical user experience with NATO BMD BMC3I systems (ACCS, AirC2IS, TOPFAS, NCOP, Intel FS, JEMM), air defence weapon systems, sensors and communications, and current NATO C4ISR systems like NATO ICC.
• Extensive experience with capturing BMD system requirements and business/operational workflows.
• Candidate must have the nationality of one of the NATO nations.
• Excellent command of spoken and written English.
• Must hold a valid NATO Secret Security Clearance.

Desired Skills, Experience and Certifications

• Experience with producing Capability Packages for (Theatre) Missile Defence Capabilities,
• Prior experience of working in an international environment comprising both military and civilian elements.
• Knowledge of NATO responsibilities and organization, including ACO and ACT.

Spektrum supports apex purchasers (NATO, UN, EU, and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

Who we are supporting 

The NATO Communication and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO's member countries and its partners. The agency was established in 2012 and is headquartered in Brussels, Belgium.

The NCIA provides a wide range of services, including:

• Cyber Security: The NCIA provides advanced cybersecurity solutions to protect NATO's communication networks and information systems against cyber threats.
• Command and Control Systems: The NCIA develops and maintains the systems used by NATO's military commanders to plan and execute operations.
• Satellite Communications: The NCIA provides satellite communications services to enable secure and reliable communications between NATO forces.
• Electronic Warfare: The NCIA provides electronic warfare services to support NATO's mission to detect, deny, and defeat threats to its communication networks.
• Information Management: The NCIA manages NATO's information technology infrastructure, including its databases, applications, and servers.

Overall, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities.

The program

Assistance and Advisory Service (AAS)

The NATO Communications and Information Agency (NCI Agency) is NATO’s principal C3 capability deliverer and CIS service provider. It provides, maintains and defends the NATO enterprise-wide information technology infrastructure to enable Allies to consult together under Article IV, and, when required, stand together in the face of attack under Article V.

To provide these critical services, in the modern evolving dynamic environment the NCI Agency needs to build and maintain high performance-engaged workforce. The NCI Agency workforce strategically consists of three major categorise's: NATO International Civilians (NIC)'s, Military (Mil), and Interim Workforce Consultants (IWC)'s. The IWCs are a critical part of the overall NCI Agency workforce and make up approximately 15 percent of the total workforce.

Role ID – 2026-0060

Role Background

The NATO Communications and Information Academy (NCI Academy) located in Oeiras, Portugal currently delivers NATO technical and operational training on a variety of hardware and software systems. In the light of these activities, the NCI Academy is looking to outsource the delivery of name of the course training, as well as the development and updates of the training materials, the management of course iterations and to provide SME support to NATO and National HQ as required. The contractor shall make available personnel capable of providing the services specified in this Statement of Work (SoW). The intent is to obtain the services of appropriate subject matter experts who can deliver training and update training materials.

The work shall involve JTS/FAST training delivery to customers from the NATO Command Structure, NATO Force Structure, NATO member MODs, and Partners-for- Peace units and shall be conducted at the NCI Academy in Oeiras, and optionally at any of the NATO or National locations.

Role Duties and Responsibilities

• Instructor Preparation: The Contractor must prepare in advance for the iteration, including reviewing and updating the available training material, preparing the lesson, and testing the practical exercises to ensure smooth training delivery.
• Iteration Preparation: The Contractor is responsible for ensuring, the training environment is prepared and all training materials are available and up to date for the students, aligned with Coordination and Support Branch, AIRC2 Section Head and Quality Assurance.
• Course Delivery and Assessment: Successfully deliver the course iteration and complete all student assessments according to the supporting Course Control Documents (CCDs), lesson schedule, and lesson plan.
• Continuous Improvement Plan: Develop an end-of-course iteration continuous improvement plan within 5 working days of each iteration completion.
• Bug Reports and Lessons Identified: Provide bug reports and Lessons Identified within 5 working days of iteration completion.
• Align with additional instructions or Direction and Guidance (D&G) from the AIRC2 Section Head.

Essential Skills, Experience and Certifications

• Demonstrated ability to deliver training within the Academy learning environment, in accordance with SOPs (07.01.10, 07.01.24, and 07.01.28), and in line with the expected quality
• Understands with whom to coordinate and from whom they will receive direction and guidance related to course delivery and course updates - Classroom environment is fully prepared when students arrive and there shall be no delay in starting the training iteration
• The course iteration shall complete on the scheduled date and time of completion (according to the lesson plan)
• All of the learning and performance objectives shall be covered
• At least 95% of students have achieved all course objectives (summative assessment)
• Over 80% of the students are confident in their ability to apply the training provided as determined by student satisfaction surveys administered anonymously by the NCI Academy
• An average score of at least 4 out of 5 for customer satisfaction of training delivery
• Value added recommendations for continuous improvement of the course 3.8.3 Course iteration as an MTT:
• Classroom environment is fully functional when students arrive and there shall be no delay in starting the training iteration - The course iteration shall complete on the scheduled date and time of completion (according to the lesson plan)
• All of the learning and performance objectives shall be covered
• At least 95% of students have achieved all course objectives (summative assessment)
• Over 80% of the students are confident in their ability to apply the training provided as determined by student satisfaction surveys administered anonymously by the NCI Academy
• An average score of at least 4 out of 5 for customer satisfaction of training delivery
• A positive report from the host organisation about the course iteration and the conduct of the course
• Value added recommendations for continuous improvement of the course

Working Location

• Oeiras, Portugal

Working Policy

• Onsite

Travel

• Some travel to other NATO sites may be required

Security Clearance

• Valid National or NATO Secret personal security clearance

About the role

We are seeking a motivated and technically proficient Associate Systems Engineer with a strong focus on security technologies to support and enhance our enterprise security posture. This role will work closely with senior engineers and security analysts to implement, maintain, and troubleshoot key security infrastructure components including Data Loss Prevention (DLP), email security platforms, firewalls, VPN solutions, and Cloud Access Security Broker (CASB) tools

Responsabilities

• Assist in the deployment, configuration, and maintenance of DLP solutions to prevent unauthorized data exfiltration across endpoints, email, and cloud platforms.
• Support email security tools (e.g., Proofpoint, Mimecast, Microsoft Defender) to ensure protection against phishing, spam, and malware.
• Monitor and manage firewall policies and rule sets across perimeter and internal firewalls (e.g., Palo Alto, Fortinet, Cisco ASA).
• Maintain and troubleshoot VPN infrastructure (e.g., Cisco AnyConnect, GlobalProtect, OpenVPN) to ensure secure remote access for users.
• Collaborate on the integration and tuning of CASB solutions (e.g., Netskope, McAfee MVISION, Palo Alto, Microsoft Defender for Cloud Apps) to enforce cloud security policies.
• Participate in incident response and troubleshooting efforts related to security infrastructure.
• Document configurations, procedures, and troubleshooting steps for knowledge sharing and compliance.
• Stay current with emerging security threats and technologies relevant to the role.

Qualifications

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience).
• 1–3 years of experience in systems engineering or IT security support.
• Familiarity with DLP platforms (e.g., Symantec, Forcepoint, Microsoft Purview).
• Working knowledge of email security tools and protocols (SMTP, SPF, DKIM, DMARC).
• Basic understanding of firewall technologies, NAT, ACLs, and packet inspection.
• Experience supporting VPN solutions and remote access technologies.
• Exposure to CASB platforms and cloud security concepts.
• Strong troubleshooting and analytical skills.
• Ability to work independently and collaboratively in a fast-paced environment.
• Security certifications such as CompTIA Security+, Cisco CCNA Security, or Fortinet NSE.
• Experience with SIEM tools and log analysis.
• Experience with Information Classisification tools like Microsoft IRM, Purview etc.
• Familiarity with scripting (PowerShell, Python) for automation and reporting.
• Hands-on experience with enterprise-grade security tools and technologies. Support for professional development and certifications.

Employees in this role will work fully remote. Every department has different needs, and some positions will be designated in-office jobs, based on their function.

Benefits

iCapital offers a comprehensive benefits package that includes a total compensation program consisting of competitive salary, annual performance bonus, and equity for all full-time employees; healthcare with 100% employer-paid health and dental insurance; and generous paid time off (PTO).

For additional information on iCapital Network, please visit https://www.icapitalnetwork.com/about-us  Twitter: @icapitalnetwork | LinkedIn: https://www.linkedin.com/company/icapital-network-inc

Scopely is looking for a Principal Security Engineer to join our Information Security team in Spain/Portugal on a hybrid basis.

Our security team is dedicated to ensuring the security of our top games. This involves collaborating closely with game studios to develop and implement comprehensive security strategies throughout the game design and development lifecycle.

In addition, this role will drive the application of AI to transform how security is delivered across Product Security, Security Operations, and Security Engineering, improving efficiency, scalability, and impact.

What You Will Do

Game & Product Security Leadership

• Partner with game studios to develop comprehensive security strategies for game design and development
• Conduct threat modeling, vulnerability assessments, and security audits across all phases of game development
• Design and implement security controls and countermeasures to mitigate risks and ensure compliance with company policies, standards, and industry norms
• Collaborate with game teams to advocate for secure coding practices and integrate security at every level of the software development lifecycle
• Coordinate and participate in penetration tests and game feature security assessments
• Provide expert-level technical guidance to game teams to assist in securing games and backend infrastructure
• Translate business priorities, technical constraints, and threat intelligence into actionable security roadmaps

AI-Driven Security Transformation & Automation

• Identify and implement opportunities to apply AI to:
• Vulnerability triage, prioritization, and remediation
• Security operations workflows (alert analysis, investigation, response)
• Product security processes (code analysis, findings analysis, pentesting support)
• Build AI-driven workflows, tools, and agents to reduce manual effort and improve speed and accuracy
• Use AI to improve vulnerability management through triage support, risk classification, remediation guidance, and findings analysis
• Partner with Security Operations to improve detection, triage,investigation and response through automation and AI-assisted analysis
• Integrate AI capabilities into existing security platforms (e.g., Wiz, SIEM, Jira, IAM systems)
• Develop reusable AI-enabled components that scale across teams and studios
• Establish practical guardrails for the safe and effective use of AI in security, including data handling, quality control, and human review
• Define success metrics for AI-enabled workflows, including productivity gains, response times, remediation throughput, and signal quality

Security Engineering & Platform Enablement

• Design and implement scalable security solutions across cloud and backend systems
• Work closely with information security domain owners to ensure games adhere to all relevant security policies, standards, and regulatory requirements
• Develop and maintain comprehensive documentation on security architectures, processes, and decisions for technical and non-technical stakeholders
• Improve security engineering efficiency through automation and tooling
• Stay updated with the latest security technologies, trends, threats, and AI capabilities, continuously improving security practices

Stakeholder Engagement & Leadership

• Frequently interact with game studio leaders to understand their roadmaps, risk posture, and how information security can enable them to execute their vision securely
• Develop security-related roadmaps in partnership with game teams
• Regularly report to Information Security and Studio management on the threat landscape and security posture of games
• Act as a thought leader using both qualitative and quantitative risk assessment frameworks
• Lead and/or assist in security incidents and investigations

What We're Looking For

• 8+ years of experience in Product Security, software development, or cybersecurity
• Proven track record in securing large-scale software applications and systems
• Strong experience building automation and security tooling
• Hands-on experience applying AI/LLMs to operational workflows, including designing, evaluating, and safely deploying AI-assisted systems is highly desirable
• Ability to effectively communicate business risk and technical information clearly to both technical and non-technical audiences

Technical Expertise

• Expertise in modern programming languages such as Python and C#
• Strong understanding of:
• Application and product security
• Vulnerability management and pentesting methodologies
• API and backend security
• Experience with mobile application penetration testing, including traffic interception, runtime analysis and API security.
• Experience with modern development ecosystems, CI/CD pipelines, APIs, and developer platforms.
• Strong, hands-on experience with cloud computing environments including:
• AWS shared responsibility model
• IAM and access control
• Network security in the cloud
• Strong understanding of securing cloud workloads including configuration, deployment, and auditing
• Deep knowledge of Linux security practices

Additional Strengths

• Demonstrated ability to think like both an attacker and defender
• Experience architecting for and managing high-scale, high-velocity workloads in AWS preferred
• Familiarity with security frameworks (e.g., OWASP, NIST Cybersecurity Framework) and compliance regulations (e.g., GDPR, CCPA, ISO 27001)
• Excellent analytical, problem-solving, and decision-making skills
• Exceptional communication and leadership skills, with the ability to influence across teams

Bonus Points

• Experience applying AI to security, automation, or developer workflows
• Previous experience at a game company
• Familiarity with:
• RAG architectures
• Vector databases (e.g., pgvector)
• AI-assisted code analysis or pentesting

Please ensure that the résumé/CV you attach is written in English.

About Insight Assurance
Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, we deliver next-generation audit services across SOC 2, ISO 27001, PCI DSS (QSA), HITRUST, CMMC (C3PAO), and FedRAMP (3PAO) frameworks.

We’re not your traditional audit firm — we’re tech-enabled, leveraging compliance automation and advanced collaboration tools to make audits faster, smarter, and more impactful for our clients.

Recognized on the Inc. 5000 and Fast 50 lists, Insight Assurance is one of the fastest-growing global audit firms, with 170+ professionals supporting nearly 2,000 clients across the Americas, EMEA, and APAC.

POSITION SUMMARY

The ISO Analyst supports the audit and assurance teams in performing ISO 27001 certification assessments and related information security audits. Working under the supervision of an Auditor, Lead Auditor, or Manager, the ISO Analyst assists in audit planning, evidence review, report preparation, and overall quality assurance.

This role requires strong attention to detail, effective communication skills, and a foundational understanding of management systems and information security principles.

KEY RESPONSIBILITIES

General Audit Support

• Ensure that all internal processes are followed correctly and consistently.

• Assist in the creation of audit programs and plans for clients and upcoming audits.

• Support evidence classification, review, and sampling activities.

• Take detailed notes during audits and assist in preparing high-quality reports.

• Send recap and follow-up communications as required.

• Collect statistics and support KPI reporting.

• Communicate effectively with stakeholders at all organizational levels using professional language and terminology.

• Maintain ethics, fairness, and accuracy in all audit documentation and reporting.

• Protect confidentiality of personally identifiable information (PII) and intellectual property (IP) belonging to both the firm and clients.

• Demonstrate professionalism and responsibility in all interactions.

Administrative & Coordination Tasks

• Handle client ingestion and onboarding activities.

• Perform HubSpot data scrubbing and updates.

• Register new engagements in Asana and coordinate Insight ONE transfers (in or out).

• Create SharePoint folders and upload Evidence Lists (EL).

• Follow up on CUP (Client Upload Portal) submissions.

Audit Planning Support (in collaboration with the ISO Manager)

• Follow up on CUP status and pending uploads.

• Send planning call recaps and assist with scheduling.

• Communicate auditor assignments and update Asana tasks.

• Collect and report metrics on Turnaround Time (TAT) for audit plan delivery.

Audit Execution Support (in collaboration with ISO Auditors)

• Ensure auditors have access to necessary GRC platforms and client systems.

Audit Reporting & Quality Assurance (in collaboration with ISO Manager)

• Collect metrics on TAT for archive submissions.

• Register findings in the Universal Registry of Findings.

• Complete archive QA forms and support non-technical QA reviews, including:

  • Audit Report

  • Audit Plan

  • Audit Program

  • Registry of Findings

Certificate & Registry Management

• Handle certificate registration in the appropriate database.

• Maintain IAF CertSearch registrations and updates.

Knowledge Requirements
• Organizational structures, governance, and workplace practices.
• Information and data systems, documentation systems, and IT fundamentals.
• Audit principles, practices, and techniques in accordance with ISO standards.
• Management system standards and normative documents required for certification.
• Certification Body (CB) processes and procedures.
• Industry terminology, practices, and expectations relevant to the client’s business sector.
• Common products, processes, and operations across industries to understand client context.
• Application of management system requirements to various organizational types.
• ISMS-specific documentation structures and interrelationships.
• Information security management tools, methods, and techniques.
• Information security risk assessment and risk management principles.
• ISMS processes and current information security technologies.
• ISO/IEC 27001 requirements and implementation principles.
• ISO/IEC 27002 controls (and sector-specific standards if applicable), including:
• Information security policies
• Organization of information security
• Human resource security
• Asset management
• Access control and authorization
• Cryptography
• Physical and environmental security
• Operations and IT service security
• Communications and network security
• System acquisition, development, and maintenance
• Supplier relationships and outsourced services
• Information security incident management
• Business continuity and redundancy planning
• Compliance and information security reviews
• Legal and regulatory requirements in information security by geography and jurisdiction.
• Information security risks and technologies relevant to the client’s industry.
• The impact of organization size, structure, and governance on ISMS implementation.
• Legal and regulatory requirements applicable to products or services.

Key Competencies
• Attention to detail and analytical thinking
• Written and verbal communication
• Integrity, confidentiality, and professionalism
• Understanding of ISO/IEC 27001 and 27002 standards
• Organizational and time management skills
• Team collaboration and adaptability
• Continuous learning and improvement mindset

What We Offer
• Opportunity to work with global experts in cybersecurity and ISO assurance.
• Exposure to top-tier clients and diverse industries.
• Professional development and certification support.
• Collaborative and remote-friendly work environment.
• Competitive compensation and growth opportunities.

 Privacy Notice CCPA: 

• Insight Assurance shares your personal data/information with Greenhouse recruiting because this is the tool we use for the recruitment process.
• Insight Assurance does not sell personal data/information under any circumstances.
• You may exercise your rights under personal data protection legislation by reaching out to us via: HR@insightassurance.com or submit a request via mail at 400 N Tampa St. 15th Floor Suite 122, Tampa, FL 33602

Privacy Notice GDPR:

This notice informs you about the categories of Personal Data/ Information and the Purpose and Scope of Processing Activities to be undertaken by Insight Assurance (we, us, our), under its job application and recruitment process.

We resort to Greenhouse.com as the platform that supports our recruitment process, and therefore your Personal Data/ Information will be Processed on this tool (hosted, shared with, cross-referenced, accessed by our team); we have in place contractual terms and the commitment of Greenhouse.com that ensures the Security and Confidentiality plus Purpose limitation with regards to the Processing of your Personal Data.

When you reply to one of your job postings, you voluntarily and freely submit your Personal Data to us; this, allied with the fact that the Processing by us (and over Greenhouse.com) of that Personal Data has the sole Purpose of validating your application and proceeding with the inherent scrutiny and decision, allows us to argue having Legitimate Interest as the applicable Legal Basis to undertake the Processing of your Personal Data under this scope.

We are a U.S. based company, hence some or all Personal Data pertaining to you will be hosted in the U.S.

The categories of Personal Data under Processing consist of:

• Identification
• Contact
• Education and Professional
• Interview performance
• Evaluation

You may exercise several Rights as determined under applicable Personal Data Protection legislation, in short:

• Right of Access – meaning getting information about the Personal Data under Processing by us, except for the information you already know;
• Right of Erasure – you may ask for us to erase all Personal Data pertaining to you under Processing; this may imply you being excluded from the recruitment process, for without information we cannot proceed with it;
• Right of Opposition or Restriction of Processing – you may ask us to stop some Processing or restrict the Processing of some Personal Data, this may imply you being excluded from the recruitment process, at our sole discretion also for without information we cannot proceed with it;
• Rectification – you can rectify your Personal Data at anytime 

We’re seeking a Commercial Account Executive who is eager to drive growth within the SMB and mid-market segments. If you’re excited about connecting with businesses, solving problems, and delivering cutting-edge solutions, we’d love to have you on our team.

What You’ll Do:

• Own the Sales Cycle: Manage the entire sales process for SMB and mid-market accounts, from lead generation to closing, ensuring customers receive real value from our solutions.
• Engage with Decision-Makers: Reach out to key business decision-makers (CEOs, CTOs, IT Directors) to understand their challenges and align our cybersecurity and SaaS offerings to meet their needs.
• Focus on Customer Success: Help SMB and mid-market businesses grow securely by positioning our solutions as critical to their long-term success.
• Manage Shorter Sales Cycles: Navigate faster-paced sales cycles, building relationships and managing multiple opportunities while driving results.
• Data-Driven Approach: Leverage CRM data, sales tools, and metrics to track performance, refine strategies, and optimize outreach.
• Collaborate with the Team: Work closely with your colleagues, sharing tips, strategies, and best practices to drive success across the team.
• Expand Market Reach: Build strong partnerships with local MSSPs, VARs, and other key stakeholders to bring our solutions to more SMB and mid-market organizations.
• Stay Ahead of the Curve: Stay updated on the latest trends in cybersecurity and SaaS, positioning yourself as a valuable resource to customers.

What We’re Looking For:

• Experience: 3-5 years of experience in inside sales within cybersecurity, SaaS, or related industries, with proven success in managing sales cycles and engaging with decision-makers.
• Proven Success: A demonstrated history of consistently meeting or exceeding sales quotas and driving revenue growth.
• Industry Knowledge: Strong understanding of cybersecurity, SaaS, or networking solutions, with awareness of current market trends and competitive positioning.
• Relationship-Driven: Ability to build long-term, trust-based relationships with key stakeholders and decision-makers.
• Collaborative: Experience working with partners, MSSPs, VARs, and other strategic collaborators to drive sales and expand business opportunities.
• Fluency in Portuguese

#LI-JW1

About SecurityScorecard:

SecurityScorecard is the global leader in cybersecurity ratings, with over 12 million companies continuously rated, operating in 64 countries. Founded in 2013 by security and risk experts Dr. Alex Yampolskiy and Sam Kassoumeh and funded by world-class investors, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their digital footprint. 

Headquartered in New York City, our culture has been recognized by Inc Magazine as a "Best Workplace,” by Crain’s NY as a "Best Places to Work in NYC," and as one of the 10 hottest SaaS startups in New York for two years in a row. Most recently, SecurityScorecard was named to Fast Company’s annual list of the World’s Most Innovative Companies for 2023 and to the Achievers 50 Most Engaged Workplaces in 2023 award recognizing “forward-thinking employers for their unwavering commitment to employee engagement.”  SecurityScorecard is proud to be funded by world-class investors including Silver Lake Waterman, Moody’s, Sequoia Capital, GV and Riverwood Capital.

Why join SecurityScorecard’s Customer Success Team?

The SecurityScorecard Customer Success team is empowered by the company to help guide customers to get the most out of our great products and services. We define our Customer Success strategies, priorities and go-to-market techniques. We blaze new trails in cybersecurity thought leadership using our cybersecurity ratings and cybersecurity insights. We are a proactive CSM team that is customer centric, uses a team approach and represents the voice of the customer every day.

About The Role

The Customer Success Manager will play an important role in helping our Enterprise customers transform the way they assess security risk. The SecurityScorecard Customer Success team not only manages relationships and delights customers — they also understand our customers’ organizational goals and unique challenges to help them operationalize our platform and become more secure.

In this role, you'll own and manage customer relationships with customers, ensuring their happiness and communicating the value of our product to drive deeper, more robust engagement. You will apply your understanding of cybersecurity, third-party risk, our products, services, and best practices to proactively provide support and guidance to our customers. 

What You’ll Achieve

• Design success for a portfolio of enterprise and strategic customers throughout their lifecycle. From onboarding/implementation through upsell and renewal, you will guide your customer down the path of success every step of the way to reach their business objectives and operational goals.
• Lead strategic conversations with customers to align our platform as a solution to their business challenges and goals with the intent to renew and expand the partnership.
• Serve as a confident subject matter expert as it relates to the SecurityScorecard platform and the cybersecurity and third-party risk management industries.
• Manage the gross and net retention of your portfolio; including forecasting, collaborating with regional account teams and efficient execution.
• Work with CS and Sales VPs to continuously improve the customer journey and develop the tools and templates to ensure the CSM team employs best practices. Support fellow CSMs in solving new challenges across customers.
• Model world class customer care and be an advocate for the voice of the customer in product and services design and deployment.

What We Need you to have

• Bachelor's degree
• 3+ years of experience supporting B2B customers in a SaaS organization as a customer success manager, technical account manager or similar customer-facing role.
• Knowledge of the tenets of Third Party Risk Management programs and cybersecurity domain experience
• Experience working with C-level Executives that includes meetings, high level presentations, and collaborative discussions.

What We’d Like you to have

• Experience navigating large enterprise organizations
• Demonstrated success developing strong customer relationships
• Proven success in new customer kickoffs, ensuring renewals, and expanding annual recurring revenue (ARR) through up-selling, and cross-selling current clients

Key Traits

• Deep customer empathy
• Strong abilities in program and project management, balancing critical delivery tasks
• Technical aptitude, judgment and critical decision making
• Consultative; ability and desire to drive value for customers based on unique needs
• Collaborative; partners across functions
• Proactive; ability to anticipate customer needs and have solutions ready when they are
• Intellectually curious; driven to expand cybersecurity domain and professional expertise
• Responsive and adaptive to changing situations
• Metrics driven; ability to translate customer needs into achievable goals and operate well in a data driven environment

Benefits:

Specific to each country, we offer a competitive salary, stock options, Health benefits, and unlimited PTO, parental leave, tuition reimbursements, and much more!

The estimated total compensation range for this position is €40,000 - 70,000 (base plus bonus). Actual compensation for the position is based on a variety of factors, including, but not limited to affordability, skills, qualifications and experience, and may vary from the range. In addition to base salary, employees may also be eligible for annual performance-based incentive compensation awards and equity, among other company benefits. 

SecurityScorecard is committed to Equal Employment Opportunity and embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skill sets, ideas, and perspectives. We make hiring decisions based on merit and do not discriminate based on race, color, religion, national origin, sex or gender (including pregnancy) gender identity or expression (including transgender status), sexual orientation, age, marital, veteran, disability status or any other protected category in accordance with applicable law. 

We also consider qualified applicants regardless of criminal histories, in accordance with applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or accommodation due to a disability, please contact talentacquisitionoperations@securityscorecard.io.

Any information you submit to SecurityScorecard as part of your application will be processed in accordance with the Company’s privacy policy and applicable law. 

SecurityScorecard does not accept unsolicited resumes from employment agencies.  Please note that we do not provide immigration sponsorship for this position.   #LI-DNI

About SecurityScorecard:

SecurityScorecard is the global leader in cybersecurity ratings, with over 12 million companies continuously rated, operating in 64 countries. Founded in 2013 by security and risk experts Dr. Alex Yampolskiy and Sam Kassoumeh and funded by world-class investors, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their digital footprint. 

Headquartered in New York City, our culture has been recognized by Inc Magazine as a "Best Workplace,” by Crain’s NY as a "Best Places to Work in NYC," and as one of the 10 hottest SaaS startups in New York for two years in a row. Most recently, SecurityScorecard was named to Fast Company’s annual list of the World’s Most Innovative Companies for 2023 and to the Achievers 50 Most Engaged Workplaces in 2023 award recognizing “forward-thinking employers for their unwavering commitment to employee engagement.”  SecurityScorecard is proud to be funded by world-class investors including Silver Lake Waterman, Moody’s, Sequoia Capital, GV and Riverwood Capital.

Why join SecurityScorecard’s Customer Success Team?

The SecurityScorecard Customer Success team is empowered by the company to help guide customers to get the most out of our great products and services. We define our Customer Success strategies, priorities and go-to-market techniques. We blaze new trails in cybersecurity thought leadership using our cybersecurity ratings and cybersecurity insights. We are a proactive CSM team that is customer centric, uses a team approach and represents the voice of the customer every day.

About The Role

The Customer Success Manager will play an important role in helping our Enterprise customers transform the way they assess security risk. The SecurityScorecard Customer Success team not only manages relationships and delights customers — they also understand our customers’ organizational goals and unique challenges to help them operationalize our platform and become more secure.

In this role, you'll own and manage customer relationships with customers, ensuring their happiness and communicating the value of our product to drive deeper, more robust engagement. You will apply your understanding of cybersecurity, third-party risk, our products, services, and best practices to proactively provide support and guidance to our customers. 

What You’ll Achieve

• Design success for a portfolio of enterprise and strategic customers throughout their lifecycle. From onboarding/implementation through upsell and renewal, you will guide your customer down the path of success every step of the way to reach their business objectives and operational goals.
• Lead strategic conversations with customers to align our platform as a solution to their business challenges and goals with the intent to renew and expand the partnership.
• Serve as a confident subject matter expert as it relates to the SecurityScorecard platform and the cybersecurity and third-party risk management industries.
• Manage the gross and net retention of your portfolio; including forecasting, collaborating with regional account teams and efficient execution.
• Work with CS and Sales VPs to continuously improve the customer journey and develop the tools and templates to ensure the CSM team employs best practices. Support fellow CSMs in solving new challenges across customers.
• Model world class customer care and be an advocate for the voice of the customer in product and services design and deployment.

What We Need you to have

• Bachelor's degree
• 3+ years of experience supporting B2B customers in a SaaS organization as a customer success manager, technical account manager or similar customer-facing role.
• Knowledge of the tenets of Third Party Risk Management programs and cybersecurity domain experience
• Experience working with C-level Executives that includes meetings, high level presentations, and collaborative discussions.

What We’d Like you to have

• Experience navigating large enterprise organizations
• Demonstrated success developing strong customer relationships
• Proven success in new customer kickoffs, ensuring renewals, and expanding annual recurring revenue (ARR) through up-selling, and cross-selling current clients

Key Traits

• Deep customer empathy
• Strong abilities in program and project management, balancing critical delivery tasks
• Technical aptitude, judgment and critical decision making
• Consultative; ability and desire to drive value for customers based on unique needs
• Collaborative; partners across functions
• Proactive; ability to anticipate customer needs and have solutions ready when they are
• Intellectually curious; driven to expand cybersecurity domain and professional expertise
• Responsive and adaptive to changing situations
• Metrics driven; ability to translate customer needs into achievable goals and operate well in a data driven environment

Benefits:

Specific to each country, we offer a competitive salary, stock options, Health benefits, and unlimited PTO, parental leave, tuition reimbursements, and much more!

The estimated total compensation range for this position is €40,000 - 70,000 (base plus bonus). Actual compensation for the position is based on a variety of factors, including, but not limited to affordability, skills, qualifications and experience, and may vary from the range. In addition to base salary, employees may also be eligible for annual performance-based incentive compensation awards and equity, among other company benefits. 

SecurityScorecard is committed to Equal Employment Opportunity and embraces diversity. We believe that our team is strengthened through hiring and retaining employees with diverse backgrounds, skill sets, ideas, and perspectives. We make hiring decisions based on merit and do not discriminate based on race, color, religion, national origin, sex or gender (including pregnancy) gender identity or expression (including transgender status), sexual orientation, age, marital, veteran, disability status or any other protected category in accordance with applicable law. 

We also consider qualified applicants regardless of criminal histories, in accordance with applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or accommodation due to a disability, please contact talentacquisitionoperations@securityscorecard.io.

Any information you submit to SecurityScorecard as part of your application will be processed in accordance with the Company’s privacy policy and applicable law. 

SecurityScorecard does not accept unsolicited resumes from employment agencies.  Please note that we do not provide immigration sponsorship for this position.   #LI-DNI

❗️ Important – On-Site Role❗️

This is an on-site position for our office in Lisbon, Portugal.

Remote or hybrid arrangements are NOT available. Candidates must already be in the location or be willing to relocate. The relocation support will be provided if needed.

We are looking for an Access Administrator who will be responsible for managing user access to company systems and data, ensuring security and compliance with information security requirements.

✅ Responsibilities:

Access Management:

✔ Manage user accounts, including creating, modifying, and deleting accounts.

✔ Ensure appropriate access levels are granted to employees based on their roles and job responsibilities.

✔ Conduct regular audits of user accounts to identify and eliminate excessive or outdated access rights.

✔ Implement and maintain access control policies to enhance security.

Monitoring and Analysis:

✔ Continuously monitor user access activities to systems and data.

✔ Analyze incidents related to access violations and respond promptly.

✔ Identify and analyze potential threats and vulnerabilities in access management systems.

Incident Response:

✔ Respond to and investigate incidents related to access control violations.

✔ Escalate incidents to other teams as necessary.

✔ Assist in coordinating incident response efforts and provide documentation of incidents.

Reporting, Documentation, and Continuous Improvement:

✔ Maintain accurate and detailed records of access management actions and steps taken.

✔ Prepare reports on incidents and access audits.

✔ Suggest improvements to access management processes.

✔ Participate in post-incident reviews and propose enhancements.

✅ Requirements:

✔ 1-2 years of experience in access management, account administration, or information security roles.

✔ Understanding of access management principles and best practices in information security.

✔ Excellent written and verbal communication skills. Ability to clearly and effectively convey complex security concepts to employees at all levels.

✔ Strong analytical and problem-solving skills.

✔ Experience with identity and access management (IAM) systems and other security technologies.

✔ Skills in working with access monitoring and management tools such as Active Directory, LDAP, and similar systems.

✅ Nice-to-Have:

✔ A Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

✔ Knowledge of regulatory requirements and standards such as ISO27001, ISO27701, PCI DSS, GDPR, and others.

✔ Experience in automating access management tasks and writing scripts to improve processes.

✔ Certifications in access management or information security, such as CISSP, CISM, or similar.

✔ Experience working with the Okta access management platform is a strong plus.

✅ We offer excellent benefits, including but not limited to:

💻 Learning and development opportunities and interesting, challenging tasks.

✈️ Relocation package (tickets, staying in a hotel for up to 2 weeks, and visa relocation support for our employees and their family members).

📚 Opportunity to develop language skills, with partial compensation for the cost of English and Portuguese language classes (for localization purposes).

🎾 Partial compensation for tennis and padel lessons.

🏀 Urban Sport membership benefit (the most diverse sports and wellness offering in Europe, with more than 50+ activities).

🏥 Private medical coverage, including inpatient, outpatient, dental care, annual check-ups, and maternity support.

🏝 Time for proper rest, with 24 non-business days per year and an additional 6 paid sick days.

🚌 Transport compensation - 200 euros net per month.

📈 Competitive remuneration level with annual review.

🤝 Teambuilding activities.

The role

Fraud prevention is an ever-evolving puzzle, making it one of the most rewarding and impactful areas in fintech. At GoCardless, our Fraud Prevention team develops the intelligent systems that protect our platform, our merchants, and their customers.

As a Senior Data Scientist, you will guide the design and delivery of models that operate in real time across our global payment network. You’ll work at the intersection of machine learning, graph-based detection, and behavioural modelling to stay ahead of changing patterns turning research into production systems that make a tangible difference in the fight against financial crime.

You’ll collaborate closely with Engineers, Fraud Analysts, and Product Managers to help shape the technical roadmap as we expand into new markets. Our stack is centred around Google Cloud Platform and Vertex AI, using Python, SQL, and BigQuery to build and support high-performance models at scale.

What you'll do

• Contribute to the full model lifecycle, from initial discovery and feature engineering through to production, experimentation, and continuous monitoring.
• Design and refine real-time ML systems that reduce false positives and ensure a smooth, secure experience for legitimate customers.
• Foster a responsive feedback loop, adapting models as patterns evolve to ensure our defences remain robust and effective.
• Help shape the technical direction of fraud prevention ML at GoCardless, exploring new approaches as we grow globally.
• Support the team’s growth through technical mentorship, knowledge sharing, and a commitment to high-quality code.

What excites you

• Solving complex, dynamic problems: Developing systems that can adapt and respond to changing environments.
• End-to-end ownership: Seeing a project through from a conceptual business need to a live, impactful solution.
• Strategic influence: Contributing to the ML roadmap and helping determine what we build next, rather than just how we build it.
• Holistic Data Science: Engaging in deep-dive analysis, prototyping, and live experimentation.
• Modern Infrastructure: Building production-grade models on GCP and Vertex AI, with the flexibility to explore advanced architectures.

What excites us

• You hold a degree (or PhD) in a STEM discipline, or bring equivalent depth through commercial experience.
• You have hands-on experience with modelling approaches such as deep learning, graph-based methods, or sequence models. While fintech experience is great, we value transferable skills from fields like cybersecurity or risk modelling.
• You have a track record of deploying models in production that create measurable value.
• You can translate complex ML concepts into clear, practical solutions for stakeholders across the business.
• You enjoy writing clean code and helping the team thrive through thoughtful reviews and shared learning.

GoCardless are here to support you and we’re committed to making the hiring process inclusive and accessible for everyone. If you need any extra support or any adjustments made, please reach out to your Talent Partner.

Remember, we don’t expect you to meet every requirement. If you’re excited by this role, we encourage you to apply

Platform Engineering at GoCardless

The Platform Engineering team is a unified, globally distributed team. We are currently located in London and Riga, and we are now expanding to our new hub in Lisbon. 

We work with all other engineering teams to empower them to build, release, run and scale their products.

We operate with a strong focus on both strategic project delivery and operational excellence. 

Our work is a balance of:

• Project Delivery: Building new platform components, from initial design to deployment.
• Operational Support: Ensuring the health and stability of our systems through on-call rotations and incident management.
• Business as Usual (BAU): Continuous maintenance, improvements, and support for audits and compliance.

Tech stack and tools:

• Python, Ruby, Golang;
• Terraform;
• Atlantis 
• AWS, GCP;
• Kubernetes, GKE;
• Github, GitHub Actions, ArgoCD;
• Grafana, Prometheus;
• Elastic

What excites you:

We use a wide range of technologies, and will never expect you to have experience with all of them. We do hope that you are enthusiastic about the infrastructure space and the impact your work can have on others. To enjoy this work you’ll be excited by:

• Building and maintaining automation of new and existing infrastructure;
• Appreciate and believe in building easy-to-understand and maintain tools to solve problems;
• Automating operational tasks to eliminate toil using your software development skills and experience;
• Ensuring that systems are safe and secure against cybersecurity threats;
• Working closely with software engineers and data scientists;
• Being involved in the technical design of architecture and making technical decisions;
• Cloud-first engineering;
• Ongoing opportunities to further develop your skills;
• Care about working with people who share the same values as you and who will continually push you to grow.

What excites us 

• Experience with at least one programming language such as Python, Ruby, Golang etc.;
• Experience with IaC tooling, such as Terraform;
• Previous experience with Terraform automation toolings such as Terragrunt or Atlantis will be considered an advantage;
• Experience with cloud computing providers such as AWS or GCP;
• Experience with containerized applications;
• Previous experience with container orchestration such as Kubernetes and GKE will be considered an advantage;
• Experience with CI/CD tooling such as Github, GitHub Actions, ArgoCD, etc.;
• Experience working with monitoring tooling such as Grafana, Prometheus, Zabbix etc.;
• Experience with relational databases and other datastores, especially around high availability and performance optimisation;
• Awareness of DevOps and Agile principles;
• Fluency in English;
• Excellent teamwork and communication skills.

Base salary range: the expected base salary range for this position is between €64,000 - €96,000.

Base salary ranges are based on role, job level, location, and market data.  Please note that whilst we strive to offer competitive compensation, our approach is to pay between the minimum and the mid-point of the pay range until performance can be assessed in role. Offers will take into account level of experience, interview assessment, budgets and parity between you and fellow employees at GoCardless doing similar work.

The role

As a Product Security Engineer, you will enable development teams to take ownership of the security and privacy of their product by collaborating to set requirements and standards, performing design reviews and vulnerability assessments, and helping build security controls. You will also work closely with the dedicated Security Operations and Security Engineering teams. 

You will be someone who has experience securing a cloud-native environment, and, in particular, in embedding security and privacy standards in engineering functions. You should also be comfortable automating security and privacy engineering and performing various security assessments.

What excites you 

• Developing high-quality code for extensive tasks, showcasing proficiency in leading systems and architecture design independently. 
• Leading the design and documentation processes for complex tasks, breaking them down into manageable segments for team collaboration while also handling the most challenging portions.
• Contributing significantly to the company-wide systems architecture, impacting the organisation's technological landscape.
• Providing guidance to developers and architects on secure coding methodologies, architectural design, and security best practices, fostering a culture of excellence within the team.
• Overseeing the vulnerability management program, conducting routine assessments, prioritising resolutions, and tracking progress towards securing systems.
• Demonstrating advanced proficiency in security testing, ensuring comprehensive evaluations of system, application, and network security postures.
• Creating and maintaining robust security policies, procedures, and guidelines for effective programme management.

What excites us  

• Experience in cloud-based application and infrastructure security - especially, DevSecOps
• Background in threat modelling and security architecture/secure design
• Awareness of or exposure to security and privacy standards, such as ISO27001, SOC1, CyberEssentials, GDPR, or similar
• Nice to have: Cybersecurity certifications, such as CISSP, CEH, Professional Cloud Security Engineer, or similar
• Technical experience in working with cloud computing providers such as GCP or AWS
• Technical leadership qualities -  setting direction alongside the managers and supporting the security team in technical development. 

Base salary range: €40,000 to €60,000 gross annually

Base salary ranges are based on role, job level, location, and market data.  Please note that whilst we strive to offer competitive compensation, our approach is to pay between the minimum and the mid-point of the pay range until performance can be assessed in role. Offers will take into account level of experience, interview assessment, budgets and parity between you and fellow employees at GoCardless doing similar work.

Platform Engineering at GoCardless

The Platform Engineering team is a unified, globally distributed team. We are currently located in London and Riga, and we are now expanding to our new hub in Lisbon. We work with all other engineering teams to empower them to build, release, run and scale their products.

We operate with a strong focus on both strategic project delivery and operational excellence. Our work is a balance of:

• Project Delivery: Building new platform components, from initial design to deployment.
• Operational Support: Ensuring the health and stability of our systems through on-call rotations and incident management.
• Business as Usual (BAU): Continuous maintenance, improvements, and support for audits and compliance.

Our stack includes: Golang, Python, Ruby, Terraform, Atlantis, AWS, GCP, Kubernetes, GKE, Github, GitHub Actions, ArgoCD, Grafana, Prometheus and Elastic.

The role

Foundations group is searching for an engineer with a strong interest in infrastructure management and the site reliability engineering problem space. You will be a member of a distributed team working with all other engineering teams - from product to data - to help build and scale the global platform our payments and open banking products sit on.

If you enjoy hard challenges, value learning and want to create an impact, then this is a place for you.

What excites you 

We use a wide range of technologies, and will never expect you to have experience with all of them. We do hope that you are enthusiastic about the infrastructure space and the impact your work can have on others. To enjoy this work you’ll be excited by:

• Building and maintaining automation of new and existing infrastructure;
• Appreciate and believe in building easy-to-understand and maintain tools to solve problems;
• Automating operational tasks to eliminate toil using your software development skills and experience;
• Ensuring that systems are safe and secure against cybersecurity threats;
• Working closely with software engineers and data scientists;
• Being involved in the technical design of architecture and making technical decisions;
• Cloud-first engineering;
• Ongoing opportunities to further develop your skills;
• Care about working with people who share the same values as you and who will continually push you to grow.

What excites us  

• Experience with at least one programming language such as Python, Ruby, Golang etc.;
• Experience with IaC tooling, such as Terraform;
• Previous experience with Terraform automation toolings such as Terragrunt or Atlantis will be considered an advantage;
• Experience with cloud computing providers such as AWS or GCP;
• Experience with containerized applications;
• Previous experience with container orchestration such as Kubernetes and GKE will be considered an advantage;
• Experience with CI/CD tooling such as Github, GitHub Actions, ArgoCD, etc.;
• Experience working with monitoring tooling such as Grafana, Prometheus, Zabbix etc.;
• Previous experience with centralised log management through Elastic tooling will be considered an advantage;
• Experience with relational databases and other datastores, especially around high availability and performance optimisation;
• Awareness of DevOps and Agile principles;
• Fluency in English;
• Excellent teamwork and communication skills.

Salary range: the expected base salary range for this position is between €42,400 - €63,600 (gross).

Base salary ranges are based on role, job level, location, and market data. Please note that whilst we strive to offer competitive compensation, our approach is to pay between the minimum and the mid-point of the pay range until performance can be assessed in role. Offers will take into account level of experience, interview assessment, budgets and parity between you and fellow employees at GoCardless doing similar work.