Job Description

What we are building

------------------------


Mimica's mission is to empower enterprises, teams, and individuals to reclaim their most precious resource -- time and work more efficiently, with greater purpose and impact.


Our AI-powered task mining observes employee actions across the desktop and categorizes them into detailed process maps. Mimica's process intelligence highlights inefficiencies, prioritizes improvements based on ROI, recommends the optimal technology for automation (RPA, intelligent document processing, GenAI), and provides a blueprint for building new automations and transforming work.

About the Role

We're a fast-growing Scale-up building up our security program from the ground up. As the new member of the InfoSec team, you'll own critical security initiatives end-to-end, working side-by-side with Engineers to harden our cloud-native SaaS platform and significantly raise our overall security posture.


This is a high-impact, high-autonomy role perfect for a self-starter who enjoys building and deploying scalable security processes in a scale-up environment.

What You'll Do Day-to-Day

Lead the build-out and operation of core security capabilities: vulnerability management, patching, SIEM/logging, cloud security monitoring, and alert triage. Deploy, configure, and tune security tooling (scanners, WAFs, CSPM, SIEM, endpoint protection) Partner with engineering to build security with developer experience in mind. Triage and assess vulnerabilities, drive remediation prioritisation, and reduce risk in a pragmatic yet rigorous way. Design and implement tactical incident-response playbooks and improve detection coverage. Periodically review major architectural changes and guide engineering on secure design trade-offs. Continuously improve processes so security scales as the company grows.

Who We're Looking For

Senior-level experience (typically 5+ years) in security engineering or SecOps, with a strong preference for hands-on roles in startup or scale-up environments. Proven ability to independently deploy and manage cloud security solutions, especially in GCP (big plus), AWS, or Azure. Deep expertise in one or ideally several of the following: vulnerability management programs, cloud-native SIEM/logging, CSPM/CNAPP tools, IaC security, secure SDLC integration, and incident response. You are mindful of developer experience as part of the process. Strong communication skills -- you can explain complex risks or trade-offs clearly to both technical and non-technical audiences.

Nice to Have

OSCP, CISSP, or similar offensive/security certifications; Experience preparing for SOC 2, ISO 27001, or FedRAMP

Location

This is a fully remote position. You can be based anywhere in the UK,

Americas, or Western Europe within a UTC-6 to UTC+1 timezone.

If you've ever thought "I could build a much better security program than what I'm seeing right now" - this is your chance.


We are excited to meet you!

What we offer

-----------------


Generous compensation + stock options - aligned with our internal framework, market data, and individual skills.


Distributed work: Work from anywhere - fully remote, in our hubs, or a mix.


Company-issued laptop*, remote setup stipend, and co-working budget


Flexible schedules and location


Ample paid time off, in addition to local public holidays


Enhanced parental leave


Health & retirement benefits


Annual learning & development budget - up to 500 / EUR600 / $650 per year


Annual workaways and regular virtual & in-person socials


Opportunity to contribute to groundbreaking projects that shape the future of work

Note: Some benefits may vary depending on location and role



On company equipment: Company-issued equipment (e.g. laptops) is provided for work use and must be returned upon departure, unless otherwise agreed.*