Head of Security
EvooqPoland22 hours ago
Full-timeRemote FriendlyOther, Information Technology +1
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Company Description
Head of Security/ Security Manager/ Senior Security Engineer
Seniority: Senior/ Principal level
Location: Warsaw, Poland
Contract type: Full-time, UOP
Work Environment: Remote
At Evooq, we are building an ecosystem of solutions that combine data, technology, and investment expertise. Finance professionals use our platform to quickly identify investment opportunities, make informed decisions, and manage risk across the entire investment lifecycle. We operate through highly autonomous teams built on a culture of trust and responsibility.
Now, we’re expanding by launching a new tech hub in Warsaw, which will act as a direct extension of our core engineering teams in Lausanne, Zurich, and Singapore.
Job Description
We are looking for a Head of Security (or a senior security leader ready to step into their first Head role) with strong engineering and technical security expertise to build and lead our security program. Reporting to the CTO, you will own the security of our SaaS platform, infrastructure, and corporate environment, while also enabling enterprise sales through an efficient, automated approach to compliance and customer trust.
This role is ideal for someone who has deep hands-on experience in cloud and application security, plus exposure to compliance and governance, and is motivated to step up and lead. We value a builder’s mindset and the ability to grow with us more than long résumés or rigid opinions.
You will be hands-on with cloud and application security, incident response, and detection, while also shaping how we approach governance and compliance. A key responsibility will be to automate as much as possible the GRC workflows (evidence collection, audit prep, questionnaire responses) so the company stays audit ready without adding bureaucracy.
Qualifications
Technical Security Leadership
Evooq is a global provider of technology-driven solutions for wealth and asset managers. We aim to radically simplify the investment process and make investments more accessible and more understandable for professional investors and their clients.
Our clients include some of the world’s largest banks, as well as wealth management companies and pension funds across Europe and Asia.
We are headquartered in Lausanne and have offices in Zurich, Geneva, Fribourg and Singapore.
Head of Security/ Security Manager/ Senior Security Engineer
Seniority: Senior/ Principal level
Location: Warsaw, Poland
Contract type: Full-time, UOP
Work Environment: Remote
At Evooq, we are building an ecosystem of solutions that combine data, technology, and investment expertise. Finance professionals use our platform to quickly identify investment opportunities, make informed decisions, and manage risk across the entire investment lifecycle. We operate through highly autonomous teams built on a culture of trust and responsibility.
Now, we’re expanding by launching a new tech hub in Warsaw, which will act as a direct extension of our core engineering teams in Lausanne, Zurich, and Singapore.
Job Description
We are looking for a Head of Security (or a senior security leader ready to step into their first Head role) with strong engineering and technical security expertise to build and lead our security program. Reporting to the CTO, you will own the security of our SaaS platform, infrastructure, and corporate environment, while also enabling enterprise sales through an efficient, automated approach to compliance and customer trust.
This role is ideal for someone who has deep hands-on experience in cloud and application security, plus exposure to compliance and governance, and is motivated to step up and lead. We value a builder’s mindset and the ability to grow with us more than long résumés or rigid opinions.
You will be hands-on with cloud and application security, incident response, and detection, while also shaping how we approach governance and compliance. A key responsibility will be to automate as much as possible the GRC workflows (evidence collection, audit prep, questionnaire responses) so the company stays audit ready without adding bureaucracy.
Qualifications
Technical Security Leadership
- Drive security across our SaaS platform and cloud infrastructure (AWS).
- Partner with Engineering to embed secure coding practices, automated scanning, and CI/CD security controls.
- Oversee vulnerability management, penetration testing, and incident response processes.
- Define and monitor security metrics, detections, and logging to ensure visibility and resilience.
- Own the company-wide security roadmap, aligning technical and business priorities.
- Lead risk management: identify, assess, and mitigate key risks.
- Build or adopt tooling to automate compliance evidence collection, security questionnaires, and audit reporting.
- Define and enforce access controls, identity management (SSO, MFA), and endpoint security in
- partnership with IT.
- Maintain compliance with ISO 27001, GDPR and other relevant standards.
- Lead external audits and security certifications, using automation to minimize manual effort.
- Streamline responses to enterprise customer security reviews and RFPs.
- Grow into leading a lean security team as the function expands.
- Manage relationships with external vendors and consultants (pen-testing, compliance support).
- Promote a culture of security awareness across the company.
- 5+ years in information security with a strong background in cloud and application security.
- Hands-on experience with AWS security, modern DevOps practices, and SDLC security.
- Proven ability to design and implement security tooling and automation.
- Familiarity with ISO 27001, GDPR or similar frameworks, ideally with an emphasis on automation.
- Comfortable representing security in customer conversations and enterprise due diligence.
- Strong communication skills: able to translate technical risks into business impact.
- Experience mentoring or guiding others; formal management experience a plus but not required.
- Startup or scale-up SaaS experience.
- Prior success with automation.
- Certifications such as CISSP, CISM, or cloud security certs (AWS).
Evooq is a global provider of technology-driven solutions for wealth and asset managers. We aim to radically simplify the investment process and make investments more accessible and more understandable for professional investors and their clients.
Our clients include some of the world’s largest banks, as well as wealth management companies and pension funds across Europe and Asia.
We are headquartered in Lausanne and have offices in Zurich, Geneva, Fribourg and Singapore.
Key Skills
Ranked by relevanceReady to apply?
Join Evooq and take your career to the next level!
Application takes less than 5 minutes