- Location
- London
- Workplace
- Hybrid
- Type
- Full-time
- Department
- Security
- Seniority
- Senior
- Education
- Master
- Source
- Lever
Description
The core of the role is hands-on security risk management, threat modeling, security risk assessments, and security design and architecture reviews, paired with the governance and process work that scales the program. You will partner on customer due-diligence and SOC 2 evidence and turn security controls into repeatable workflows that fit how the business already works. You will apply that lens across the full control landscape: cloud security, supply-chain and vulnerability management, endpoint and identity, detection and response, and AI security.
CMG operates in a highly regulated, client-facing market, so scope and impact here are unusually large for the level. We value strong collaboration and a deep sense of ownership: you will be trusted to take initiatives and run with them, often without an established process or a big team behind you. The defining shift for the program is moving from reactive to proactive, and this role is central to it. This is a high-growth-potential role: we expect the right person to start as a senior individual-contributor and grow into broader leadership, including people's leadership, as the function scales.