Volteras is an early-stage, high-growth startup specialising in electric vehicle software. Our mission is to organise and leverage data to accelerate the transition to a greener and smarter future.
Skills and Experience
Job roles: Risk and Compliance, Security Engineer, Security
Experience level: Senior
Tech stack/tooling used: Auditing, Risk mitigation, Threat Detection, Penetration Testing, Security and Compliance
Core skills considered: Auditing, Risk mitigation, Threat Detection, Penetration Testing, Security and Compliance
Other skills considered: GDPR, Security Testing, Data Security, Data Protection, Privacy
Logistics
Base salary: £65,000 - £75,000
Employment type: Permanent
Remote working: Hybrid
Visa sponsorship: Available
Job Description
Key Responsibilities
- Lead efforts to achieve and maintain compliance certifications such as SOC 2 Type 2 and ISO 27001, ensuring all policies and controls meet required standards.
- Handle security questionnaires and due diligence requests from customers, providing clear and timely responses to build trust with client security teams.
- Ensure continuous GDPR compliance and oversee other relevant data protection requirements, implementing processes to safeguard personal and sensitive information.
- Act as the primary point of contact for external auditors and customer security teams. Manage security audits, address any findings, and maintain strong relationships by clearly communicating our security posture.
- Establish and maintain internal security policies, controls, and best practices. Regularly review and update these policies to adapt to emerging threats and business needs.
- Work closely with engineering, product, and legal departments to embed security and compliance into all company processes and the product development lifecycle.
- Monitor evolving security regulations and industry best practices to ensure proactive compliance. Advise the leadership team on necessary actions to stay ahead of new compliance requirements.
- When required, take a hands-on approach to security measures: performing risk assessments, developing incident response plans, and leading the response to any security incidents.
Requirements
- Proven experience in a senior-level compliance and cybersecurity role, ideally within a startup or high-growth tech environment.
- Strong track record of achieving and maintaining SOC 2 Type 2 and ISO 27001 compliance, including managing the end-to-end certification process.
- Experience handling security audits and managing relationships with external auditors, with the ability to interpret audit requirements and implement recommendations.
- Deep understanding of GDPR and related data protection frameworks, with experience driving company-wide data privacy compliance.
- Familiarity with API security and data-intensive applications; experience in IoT or connected device ecosystems is a plus.
- Relevant certifications (e.g., CISSP, CISM, CISA, ISO 27001 Lead Auditor) are highly beneficial.
- Excellent communication skills, with the ability to articulate security and compliance concepts to both technical and non-technical stakeholders.
As the Senior+ Compliance and Cybersecurity Officer, you will lead and shape our security and compliance function from the ground up. You will work cross-functionally with engineering, product, and legal teams to embed security best practices and ensure our operations remain compliant with all relevant standards and regulations.
Company Benefits
Competitive salary (range advertised in the respective open positions). Equity options. A high-growth, fast-paced environment with a great team. A lot of autonomy and product ownership. You'll be a hugely valued part of the team.
Interview Process
- Form completion (10 mins)
- Screening call (30 mins)
- Technical interview (1 hour)
- Final round (1 hour)