Rodeo
ResourcesPartnersSign in

Wordsmith AI

IT Security & Compliance Lead

City of Edinburgh
Posted about 8 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

I.T Security, Privacy & AI Governance Lead

Edinburgh

Wordsmith

Wordsmith is building the AI-enabled command centre for in-house legal teams.

Our customers are some of the most demanding enterprise legal departments in the world, and they hold us to a high bar on how we secure our systems, devices, and infrastructure.

We're looking for someone to build the IT security function that keeps that trust intact as we scale.

The Role

Security, Privacy & AI Governance Leads make sure Wordsmith's systems, devices, and infrastructure stay secure as the company grows.

You'll build our IT security function from the ground up — covering device management, identity and access, infrastructure controls, and incident response — while also owning the compliance and AI governance work that keeps enterprise customers confident in how we operate.

It's a hands-on, build-it-yourself role. You'll choose the tooling, set the controls, and make sure security is baked into how the company operates day to day, not bolted on afterwards.

What You'll Do

IT Security & Device Management

  • Own device compliance and mobile device management (MDM) across the company, using tools like Jamf or Intune to keep endpoints secure and compliant.
  • Manage identity and access management (IAM) — provisioning, access reviews, and least-privilege controls — using tools like Okta.
  • Own infrastructure and cloud security controls across our environment (e.g. AWS), working closely with Engineering to keep systems hardened.

Security Operations & Incident Response

  • Lead security incident response — full lifecycle investigations, coordinating with internal teams and external partners (e.g. SOCaaS providers), and running post-incident reviews and tabletop exercises.
  • Operate and tune security monitoring and detection tooling (EDR, DLP, SIEM, or similar) to catch and respond to threats quickly.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Compliance & Certification

  • Own SOC 2 Type II and ISO 27001/27017/27018 end-to-end, from policy design through to audit evidence and the audits themselves.
  • Automate evidence collection to cut audit overhead and keep the program running without heavy manual effort.

AI Governance & Vendor Risk

  • Assess third-party vendors and AI tools for security and privacy risk before they're adopted, and put the right safeguards in place.
  • Support Wordsmith's AI governance program, including risk reviews tied to how AI is used across the product.

Customer & Deal Support

  • Partner with Sales, Customer Success, and Legal to support enterprise deals — security questionnaires, DPAs, and contract terms — without slowing the business down.
  • Manage our Trust Center, giving customers self-service access to our security and compliance documentation.

Essential

What we're looking for

  • Experience running IT security operations at a fast-growing SaaS company, including device management and identity and access management.
  • Hands-on experience with MDM platforms such as Jamf or Intune.
  • Hands-on experience with IAM tooling (e.g. Okta) and cloud infrastructure security (e.g. AWS).
  • Experience leading security incident response, from investigation through to post-incident review.
  • Working knowledge of SOC 2 and the ISO 27000 series.
  • Comfortable evaluating and operating security tooling such as EDR, DLP, or SIEM platforms.
  • A strong cross-functional operator, comfortable bridging IT, Security, Engineering, and GTM teams.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Valued

  • Exposure to privacy regulation (e.g. GDPR) and AI governance frameworks (e.g. ISO 42001).
  • Relevant certifications — e.g. CISSP/ISC2, CCSK, CIPP/E, or AIGP.
  • Experience in legal tech, AI, or another highly regulated SaaS environment.
  • Familiarity with tools such as Vanta, Crowdstrike, Zscaler, Datadog, or Whistic.

Why this role matters

The trust enterprise legal teams place in us depends on how well we secure our systems and devices — this role is central to that.

Your work will directly shape how the company handles security operations, device management, and infrastructure risk as we scale globally.

You will have the autonomy to build this function from scratch — this is a high-ownership role at a company moving fast.

What You Can Expect

  • The chance to build an IT security function from the ground up, with real ownership over how it's shaped.
  • Close collaboration with Engineering, Legal, and GTM in an environment where your work has visible, immediate impact.

How We Work

We're an in-office team in Edinburgh. We work together because it helps us collaborate closely across product, engineering, and legal teams. You should expect to be in the office as your default.

This is a high ownership role. You'll be trusted to run projects, work directly with customers, and drive outcomes without heavy oversight.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

IT Security Operations
Device Management
Identity and Access Management
Mobile Device Management
Cloud Security
Security Incident Response
SOC 2
ISO 27000 Series
Security Tooling
Cross-Functional Collaboration
Privacy Regulation
AI Governance
CISSP
CCSK
CIPP/E
Legal Tech

Location

City of Edinburgh, Scotland, United Kingdom

Sign up to applySee more jobs like this