Who We Are
At Certn, we’re revolutionizing background screening with The World’s Easiest Background Check — fast, global, and powered by tech. We’re not about outdated processes and red tape. We’re about innovation, speed, and impact. If you’re looking for a place where ownership, collaboration, and creativity thrive, this is it.
The Opportunity
We’re looking for a Technical Team Lead, Security to drive key initiatives in security operations, risk mitigation, compliance, and team development. You’ll work closely with our CISO to guide the day-to-day activities of the security team and help protect our systems, data, and people. This role blends hands-on security operations with leadership, mentorship, and cross-functional collaboration — ideal for someone who thrives in a fast-paced, high-impact environment.
Key Responsibilities
Security Operations Oversight:
Coordinate to day-to-day security operations to ensure timely monitoring, detection, and response to threats to ensure potential incidents are contained quickly and business operations remain uninterrupted.
Guide the optimization and maturation of the Security Information and Event Management (SIEM) platform, threat intelligence feed integration, and security monitoring tools.
Oversee the incident response lifecycle, from detection and analysis to containment, eradication, and post-incident review.
Contribute as a hands-on resource to security operations tasks, including vulnerability management, penetration test scoping, and security tool maintenance.
Risk Identification & Mitigation:
Work with technical and business teams to identify security risks and vulnerabilities in systems and processes to proactively address issues before they can be exploited.
Track and follow up on remediation actions to ensure identified risks are closed out and security gaps are eliminated.
Collaborate with Engineering and Product teams to ensure security requirements are integrated into product roadmaps and development sprints.
Assist in performing code reviews and architecting secure solutions for complex application features.
Act as a core contributor to the risk register, ensuring all risks related to operations and applications are appropriately identified, documented, and reported.
Team Leadership & Development:
Provide technical mentorship, coaching, and support to team members to build skills, foster accountability, and maintain a high-performing security function.
Assign work priorities, monitor progress, and ensure responsibilities are completed effectively so that security commitments and service levels are consistently met.
Promote a culture of security awareness and continuous improvement to embed good security habits across the organization and adapt to new challenges.
Lead by example in embracing a culture of collaboration and support through being an extension of the team in daily operations.
Policy, Compliance & Best Practices:
Support the implementation and enforcement of security policies, standards, and guidelines to provide clear expectations and consistency in protecting company assets.
Work closely with Legal and Compliance stakeholders to translate regulatory requirements into actionable security policies, procedures, and internal control documentation.
manage projects to achieve and maintain multiple regulatory and security certifications, including but not limited to SOC 2, ISO 27001, HIPAA, NIST, and FedRAMP, and collaborate with the team on gathering audit evidence and coordinate all internal and external security audits.
Define and track key performance indicators (KPIs) and key risk indicators (KRIs) for the entire Information Security program.
Collaboration & Communication:
Serve as the primary security point of contact for collaboration between the CISO and IT Operations, Legal & Compliance, Product Managers, Engineering Managers and other stakeholders.
Establish effective reporting and dashboards in communicating important metrics to the executive team to ensure alignment on priorities and transparency in security matters.
Communicate risks, incidents, and security updates clearly and promptly to leadership and teams so decision-makers have the information they need to act effectively.
Communicate complex technical risks and compliance requirements to non-technical stakeholders and executive leadership.
Partner with department leaders across the organization to ensure a “secure by design” approach to establishing processes, procedures, operations, production and service delivery.
Key Requirements
Certifications: 2 or more of the following certifications in addition to a minimum 2 years of experience in progressively complex security roles:
CISM (Certified Information Security Manager)
CISSP (Certified Information Systems Security Professional)
CSSLP (Certified Secure Software Lifecycle Professional)
CASE (Certified Application Security Engineer)
AI security certification (e.g. AAISM, CAISP)
CISA (Certified Information Systems Auditor)
CEH (Certified Ethical Hacker)
CTIA (Certified Threat Intelligence Analyst)
Skills:
Strong understanding of security compliance frameworks and control mapping (e.g. mapping technical controls to SOC 2 or ISO 27001 requirements).
Excellent written and verbal communication skills, with the ability to articulate technical security issues to a wide range of technical and non-technical audiences.
Effective stakeholder management with a strong focus on a delightful and customer service minded approach.
Strong technical and practical knowledge of:
Cloud security best practices (AWS, Azure, or GCP).
Vulnerability scanning and penetration testing methodologies.
Incident Response tools and procedures.
Secure SDLC controls and implementation.
ISMS fundamentals, implementation and operation.
Experience:
Minimum of 2+ years in a senior Information Security engineer role.
Moderate level of practical, hands-on experience (minimum 2+ years) across all three domains: Security Operations, Application Security, and Security GRC.
Proven experience in managing or significantly contributing to the achievement and maintenance of at least one major security compliance framework (e.g., SOC 2, ISO 27001, HIPAA, NIST).
Why You Should Be Excited
Flexibility: Remote-first role with teammates across North America and the UK
Global Collaboration: Partner with experienced technical teams in multiple regions
Compensation: Competitive salary, commission structure, comprehensive health benefits, generous paid time off.
Culture: Collaborative, async-friendly, and innovation-focused.
We believe talent knows no borders, and we’re open to candidates from the UK and beyond.
A Little Bit More About Us
Certn is a growing global technology company reinventing the way organizations build trust in people with technology and AI-backed background checks. Having recently been named one of Canada’s Companies-to-Watch in Deloitte’s Technology Fast 50 Awards, we are one of the fastest-growing start-ups in the sector. Just so you know, the selected candidate will be required to complete a background check — so you’ll get to see first-hand what we do. Certn is committed to equal opportunity, inclusion, and diversity. If you have a disability that requires accommodation at any stage of the recruitment process, please let us know how we can best assist you.
Ready to build your career and make an impact? Apply now and start your journey with Certn.
