Information Security Engineer

About us 

We're a culture-first organisation and put our people at the forefront of everything we do. We believe that a great working environment leads to a happy and productive team which is why we offer our staff the flexibility to work remotely or from our beautiful office in Fitzrovia, Central London. 

Xiatech is the pioneer of Xfuze, the world's first AI-powered composable Integration, Data Management, Analytics and Orchestration Platform that innovatively connects systems, creates a single view of data and delivers actionable insights in one cloud-native, SaaS solution. Business, technology and data teams use Xfuze to shorten time-to-insights, accelerate digital transformation, and extend the value of their legacy technology investments.

The Role 

We're looking for a proactive Information Security Engineer to strengthen our technical security posture as we scale.

Reporting to the CTO/CISO and working closely with our DevOps and Engineering teams, you'll be responsible for embedding best security practices into our cloud platform and operations, while supporting the business in meeting compliance objectives such as ISO 27001 and SOC 2.

This role is ideal for someone hands-on who enjoys both technical security engineering and practical risk management in a fast-moving SaaS environment.

Key Responsibilities

Technical Security

Implement and maintain security controls across cloud and SaaS environments (Azure, AWS, CI/CD pipelines).

Monitor, detect, and respond to security alerts and incidents using company tooling (e.g. SentinelOne, ManageEngine, Chronicle).

Conduct regular vulnerability scans, analyse results, and collaborate with DevOps and Engineering on remediation.

Manage and optimise core security tools such as endpoint protection, identity and access management, and firewalls.

Support secure configuration, patching, and secrets management within CI/CD pipelines.

Security Governance (Supportive Role)

Support the rollout and ongoing maintenance of ISO 27001 controls and documentation.

Assist with maintaining audit evidence and records of incidents, risks, and vulnerabilities.

Contribute to refining security policies and procedures under guidance from the CTO/CISO.

Help deliver staff awareness and training initiatives (in collaboration with HR and IT).

Collaboration & Advisory

Work with Engineering, IT, and DevOps teams to embed security early in development and deployment processes.

Support internal and external security assessments and customer due diligence where needed (security questionnaires, RFP inputs, etc.).

Contribute to incident response and post-incident reviews.

Your Knowledge & Experience

Must have

3+ years in a security or DevSecOps-focused role within a SaaS or product-led environment.

Hands-on experience with security monitoring, vulnerability management, and incident response.

Strong understanding of cloud security, access control, and secure DevOps practices.

Familiarity with ISO 27001, NIST, or SOC 2 frameworks.

Ability to collaborate effectively across technical and non-technical teams.

Desirable

Experience integrating security into CI/CD pipelines.

Scripting or automation skills (Python, PowerShell, or similar).

Familiarity with tools such as SonarCloud, AppCheck, OneTrust, or GitHub security features.

Experience contributing to or supporting compliance certification processes.

Security certification 

Your Personality

Energetic & driven

Innovative

Resilient

Insightful

Creative

Problem solver

Sound judgement

Analytical

Capacity to learn

If you would like the opportunity to join a disruptive UK-based Software as a Service organisation who believe in using the latest leading-edge technology to drive business growth and customer differentiation and success, please enquire now by emailing

If you receive an offer of employment, this will be conditional upon satisfactory completion of a right to work and identity check, a reference check and a basic criminal record check for any unspent convictions.

Xiatech is proud to be an equal opportunity employer and prohibits discrimination and harassment of any kind.