About the role
This is a new role at Eagle Eye, created to establish and grow a dedicated security function within the business. Reporting to the Director of Operations, you will have the support of an experienced leader with deep technical and organisational knowledge, along with access to SRE, Customer Care, and Compliance teams as you build this function from the ground up. You will take ownership of security across the group, identifying security risks, translating them into actionable prevention or mitigation work, by working directly with our external partners and internal teams. You will also act as the central point of contact for all security-related matters, including client questionnaires, audits, across the group. The role combines hands-on investigation and delivery with coordination across teams. Over time, you will help shape and evolve Eagle Eye's security function as the business continues to scale. The successful candidate must be fluent in both English & French.
Typical duties
Security Ownership & Delivery
-
Act as the single owner for security across the Eagle Eye group, maintaining a clear, prioritised view of risks and remediation activity across infrastructure, applications, SaaS platforms, and operational processes.
-
Own and manage a structured security backlog, ensuring issues are identified, triaged, prioritised, and progressed through to resolution using inputs from internal tooling and external partners.
-
Work closely with Engineering, SRE, Product, and Customer Care teams to ensure security improvements are delivered in a practical and timely way, aligned to business priorities.
Identity, Access & Platform Security
-
Own and evolve identity and access management across Google Cloud and SaaS platforms, improving how roles, permissions, and privileged access are structured, reviewed, and controlled.
-
Ensure authentication and access controls are applied consistently across the organisation, strengthening governance, reducing unnecessary access, and improving visibility across all systems.
-
Oversee the security of the SaaS estate and platform access, working with existing tooling and controls to ensure secure usage, device trust, and network access restrictions are applied effectively.
Application, Data & External Security
-
Own the approach to securing application and API access, ensuring appropriate controls are in place to manage how internal and external users interact with the platform.
-
Act as the primary point of contact for security-related queries from clients and external stakeholders, supporting security questionnaires, due diligence processes, and audit requirements.
-
Work closely with the Compliance Manager to strengthen information security processes, policies, and controls, ensuring alignment with standards such as ISO 27001 and supporting ongoing audit and certification activities.
-
Manage day-to-day relationships with third-party security partners, ensuring findings and recommendations are understood, prioritised, and delivered internally. Budget ownership sits with the Director of Operations, but you will have significant influence over vendor selection, engagement scope, and prioritisation of third-party work.
Group Alignment, Reporting & Continuous Improvement
- Act as the central point of contact for security across the wider group, supporting alignment of security practices across acquired businesses and identifying opportunities to improve consistency in controls and processes.
-
Provide clear visibility of security posture, risks, and progress, translating technical findings into actionable insights for stakeholders across the business.
-
Identify opportunities to mature Eagle Eye's security practices over time, introducing new processes, tooling, or capabilities as the business grows and the threat landscape evolves.
General responsibilities
-
Promote a culture of security awareness, ownership, and continuous improvement.
-
Ensure security is embedded into day-to-day operations across the organisation.
-
Balance risk reduction with business delivery.
-
Act as the escalation point for high-priority security incidents raised by the SRE team supporting investigation and resolution. This is not a first-responder or on-call rota role, but you should be available for escalation when needed, with overtime paid for any out-of-hours involvement.
-
Contribute to broader operational initiatives where security input is needed.