Cognism
Director, Security Engineering & Operations

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Director, Security Engineering & Operations
Director of Security Engineering & Operations
WHO ARE WE
Cognism is the leading provider of European B2B data and sales intelligence. Ambitious businesses of every size use our platform to discover, connect, and engage with qualified decision-makers faster and close more deals. Headquartered in London with global offices, Cognism’s contact data and contextual signals are trusted by thousands of revenue teams to eliminate the guesswork from prospecting.
The Role
At Cognism, the security of our data, our systems, and our clients’ systems is a business priority. Information security is embedded in the way we work, and we are driving a culture where the fastest path is the securest path. As the function continues to mature, we are now hiring for a Director of Security Engineering & Operations to report directly to our CISO. In this role, you will own and drive the technical security strategy for Cognism’s web and data products, as well as our corporate environment.
You will be responsible for designing a security programme that protects our most sensitive assets: our data, our data fusion engine, and the logic that powers it. As a trusted partner to our R&D leadership team, you will help define and drive the long-term security engineering maturity roadmap, driving alignment across engineering leaders, product leadership, and IT.
If you’re energized by the idea of shaping measurable security processes and controls from the ground up, aligning engineering around secure-by-design principles, and elevating operational excellence, then this is the role for you. This is a rare opportunity to define the technical security vision for a data-intensive product at a moment where AI, scale, and engineering velocity are creating new and exciting challenges. You will shape how Cognism builds securely for the next decade.
What Success Looks Like
Within 12 months, you will have:
- Delivered a unified security engineering roadmap aligned with engineering leadership.
- Matured secure SDLC adoption across Web and Data engineering.
- Improved MTTD/MTTR through stronger SOC operations.
- Invested in and mentored a team with clear ownership, KPIs, and engineering trust.
- Reduced engineering friction by creating pragmatic, developer-friendly guardrails.
What You'll Own
Security Strategy & Engineering Integration
- Define and own Cognism’s technical security strategy that seeks to embed security-by-design within our web and data products, our data fusion engine, pipelines, and corporate landscape. Drive a strategy that is pragmatic, risk-ranked, and aligned to engineering velocity.
- Work directly with product and technology leadership as a strategic partner. Drive ownership and accountability, clearly agreeing ways of working between your team and the product and technology teams.
- Set and direct a secure SDLC strategy that engineers engage with, coaching and mentoring our application security engineer in running our threat modeling program, embedding security in CI/CD, and iteratively improving our vulnerability management processes.
- Partner with engineering leadership to ensure risk-driven supply chain management across our product, ensuring what we bring in doesn’t undermine what we protect.
- Work directly with our Director of IT Operations to ensure our corporate security posture is mitigating risk and empowering our employees to be as secure as possible, through guardrails that protect unacceptable risk but don’t stifle innovation.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Data & AI Security
- Partner with our VP of Data Engineering to strengthen the security of our enrichment engine, data pipelines, and warehouse ecosystems.
- Direct a strategy that considers security across the full data stack – from ingestion through to the warehouse – with a focus on access governance, data classification, and secrets management as non-negotiables.
- Define how Cognism embeds AI securely as LLMs and agentic workflows move deeper into the product and our technology operations.
- Partner with our CISO to shape and implement an AI security posture that is embedded in strong security foundations, helping us stay ahead of the threat landscape rather than reacting to it.
Detection, Response & SOC Partnership
- Own the strategic relationship with our 24/7 outsourced SOC holding them to a high standard on threat hunting, threat intelligence utilization, and automated response, not just SLA compliance.
- Ensure Cognism has a holistic, well-maintained SIEM that reflects how we operate and improves continuously as the threat landscape evolves.
- Build the internal team into a trusted escalation layer, with clear incident response playbooks, rehearsed escalation paths, and a feedback loop that sharpens detection over time.
Team & Culture
- Lead a team of application and infrastructure security engineers, setting the standard for technical excellence and deep partnership with their engineering counterparts.
- Build a security culture where developers raise security questions early, understand threat models, and own remediations, not because policy requires it, but because the culture makes it natural.
- Be the security leader Cognism’s engineers want in the room: credible enough to be trusted, collaborative enough to be included, and strategic enough to make it count.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
What We Need
Leadership & Influence
- Demonstrated experience building security programs from scratch or transforming them significantly in a product-led, engineering-first company.
- A track record of influencing engineering culture and earning trust, not enforcing it.
- Experience managing external security partners (e.g., 24/7 Security Operations Center, penetration testing third parties) and raising their performance through clear accountability, not just contract reviews.
- Ability to communicate risk in business terms to executive and board audiences, and in technical terms to engineers, without losing precision in either direction.
Technical Foundation
- Strong Application Security expertise (OWASP, API security, SAST/DAST, SDLC) with practical threat modeling experience – enough to challenge and coach our most senior application security engineers.
- Hands-on understanding of data security, cloud data warehouses, and pipeline integrity – enough to ensure we are driving the right programme of work across our technology department.
- Cloud security fluency with working knowledge of container and Kubernetes security, IAM design, and cloud-native security tooling – enough to clearly identify, prioritize, and challenge solutions for implementing security in our cloud environment.
- Working knowledge of AI/LLM security risks: enough depth to assess integrations, define guardrails, and evolve the program as the technology does.
Mindset
- Risk-based by instinct: prioritizes based on both technical and business impact.
- Builder mentality: energised by creating structure where there isn’t any, pragmatic about sequencing, and focused on outcomes over coverage.
- Genuinely curious about AI, not just its security risks, but its potential to improve how security is done.
WHY COGNISM
At Cognism, we’re not just building a company – we’re building an inclusive community of brilliant, diverse people who support, challenge,, and inspire each other every day. If you’re looking for a place where your work truly makes an impact, you're in the right spot!
Our values aren’t just words on a page—they guide how we work, how we treat each other, and how we grow together. Here’s what they stand for:
🤝 We Own the Outcome Together. 🤓 We Deeply Understand our Customers. 🏆 We Celebrate Impact Wherever It Comes From.
At Cognism, we are committed to fostering an inclusive, diverse, and supportive workplace. We welcome applications from individuals typically underrepresented in tech, so if this role excites you but you’re unsure if you meet every requirement, we encourage you to apply!
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location