Playson
Security Lead
8mo ago
WorldwideLeadRemoteiso/iec 27001gdprnist csfnis2datadogcrowdstrikecloudflaregoogle workspace+1
Lead and improve the information security framework and culture, ensuring compliance and resilience.
Responsibilities
- We are looking for a Security Lead to strengthen Playson’s information security framework and drive continuous improvement of our security culture.
- This role combines technical expertise, investigative focus, and process leadership - ensuring that our systems, data, and people remain secure, compliant, and resilient.
Conditions
- Competitive Salary
- Quarterly Bonuses
- Unlimited Paid Time Off
- Unlimited Paid Sick Leave
- Remote & Flexible Working
- Private Medical Insurance
- Financial Support for Life Events
- Professional Development Budget
- International Exposure
- Regular Company Events
- *Benefits may vary depending on location and contractual agreement
- Recruitment Process
- HR interview
- Technical interview
- Final interview
- Please take into account that sometimes the process may differ, your TA Partner will keep you updated.
- Know a perfect candidate? Referral bonus - up to €5,000. Email us at
Other
- Maintain and continuously improve the ISO/IEC 27001:2022 Information Security Management System (ISMS).
- Foster a strong Security-First mindset across the organization.
- Work closely with the CTO, Head of IT, and DevOps to enhance internal security controls.
- Conduct internal audits, risk assessments, and coordinate certification renewals.
- Update security policies and controls in line with ISO 27001 , GDPR , and relevant international frameworks (e.g., NIST CSF and NIS2 principles where applicable). Manage integrations and alerting within Datadog SIEM , CrowdStrike , Cloudflare , and Google Workspace .
- Support DLP implementation and maintain central tracking of security events.
- Document risks, incidents, and corrective actions to ensure continuous compliance.
- Lead investigations into security incidents such as phishing, data leakage, or unauthorized access.
- Collect and analyze digital evidence across systems (CrowdStrike, Cloudflare, Google, Slack).
- Maintain and enhance incident response playbooks and escalation workflows.
- Collaborate with HR, Legal, and IT teams during internal investigations.
- Produce post-incident reports and recommend remediation measures.
- Manage MDM systems (Zoho MDM, Endpoint Central) and ensure full compliance for macOS endpoints.
- Maintain CrowdStrike Falcon configurations and endpoint posture enforcement.
- Oversee SSO, MFA, and 2FA enforcement across services ( Google SSO, DUO Mobile, 1Password ).
- Implement Just-in-Time (JIT) privilege elevation and regular admin access reviews.
- Perform Quarterly RAS Access Management Reviews .
- Maintain a consistent audit trail for access management throughout the year.
- Requirments
- 3+ years of experience in information security, IT audit, or digital investigations.
- Solid understanding of ISO 27001 , GDPR , and modern security frameworks (NIST CSF / NIS2).
- Hands-on experience with SIEM / EDR systems
- Proven ability to manage SSO, MFA, DLP , and MDM environments.
- Strong communication skills in English (B2 or higher).
- Analytical mindset, integrity, and attention to detail.
- Nice to Have
- Certifications: CISSP , CISM , CEH , ISO 27001 Lead Auditor , AWS Security Specialty .
- Experience with Zero Trust , PAM , DLP/CASB , or SOAR platforms.
- Forensics experience.
- Experience in designing awareness programs or running phishing simulations.