Information Security and Compliance Engineer

Engineered Arts is seeking an Information Security and Compliance Engineer to own the technical and operational execution of information security and cybersecurity compliance across products, cloud infrastructure, internal systems, and Robot-as-a-Service (RaaS) platforms.

Reporting to the Head of Compliance, this role is responsible for implementing, operating, and maintaining security controls, supporting certification to ISO 27001, SOC 2, and other relevant security frameworks, and embedding security-by-design into engineering, IT, and product operations as the business scales globally.

This is a hands-on role with clear operational ownership of information security BAU, working closely with engineering, DevOps and IT, product management, and external auditors.

This job can be worked remotely with bi-monthly visits to the London (Farringdon) office

Key Responsibilities

Information Security and ISMS Operations

• Implement, operate, and maintain the Information Security Management System (ISMS) aligned to ISO 27001.
• Maintain risk assessments, risk registers, Statements of Applicability, and control mappings.
• Collect, manage, and present evidence for ISO 27001 certification and surveillance audits.
• Support SOC 2 readiness, control operation, evidence gathering, and audit coordination.

Security Controls and Engineering Integration

• Implement and maintain security controls across:
• Cloud infrastructure and internal IT systems
• Robotics platforms, operating systems, and supporting services
• eCommerce, RaaS, and customer-facing platforms
• Work with engineering teams to embed security-by-design into system architecture, development pipelines, and operational workflows.
• Support secure configuration, logging, monitoring, and access control practices.

Vulnerability and Incident Management

• Operate vulnerability management processes including:
• CVE monitoring and triage
• Patch management coordination
• Tracking and closure of remediation actions
• Coordinate penetration testing and security assessments across products, platforms, and infrastructure.
• Maintain incident response documentation, support tabletop exercises, and assist with post-incident reviews.

Identity, Access and Data Security

• Support identity and access management (IAM) compliance including:
• Role-based access control
• Quarterly access reviews
• MFA/2FA enforcement

Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Support encryption, key management, backup, and recovery controls.
• Work with compliance and legal stakeholders on data protection and privacy-related security controls.

Supplier and Third-Party Security

• Conduct security assessments of suppliers, cloud providers, and third parties.
• Review security documentation, certifications, and contractual security requirements.
• Track third-party security risks and remediation activities.

Audits, Documentation and Governance

• Maintain security policies, procedures, standards, and technical evidence.
• Support internal audits, external certification audits, and customer security due diligence requests.
• Ensure security documentation remains current, controlled, and audit-ready.

Security Awareness and Compliance Culture

• Support delivery of security awareness and role-specific training.
• Act as a trusted security partner to engineering, IT, and product teams.
• Promote pragmatic security that enables innovation while managing risk.

Essential Experience and Expertise

• Hands-on experience in information security engineering, security operations, or security compliance roles.
• Practical experience operating an ISO 27001 aligned ISMS, including risk management and audit evidence.
• Working knowledge of cloud, infrastructure, and application security controls.
• Experience with vulnerability management and incident response.
• Ability to translate security and compliance requirements into practical technical controls.
• Experience working with engineering, IT, non-technical stakeholders, and external auditors.
• Strong documentation and evidence management skills.

Desirable Experience and Expertise

• Experience with SOC 2 or multi-framework security environments.
• Exposure to product, platform, or robotics/embedded security.
• Familiarity with IAM, data protection, and privacy-related controls.
• Experience with supplier and third-party security assessments.
• Involvement in security awareness or training initiatives.

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Experience supporting scaling or globally distributed organisations.

Reporting and Authority

• Reports directly to the Head of Compliance.
• Acts as the operational owner for information security and cybersecurity BAU.
• Escalates strategic, high-risk, or novel security issues appropriately.

Personal Attributes

• Highly organised, methodical, and evidence-driven.
• Comfortable operating autonomously as the day-to-day security owner.
• Calm and structured during audits and security incidents.
• Sound judgement in balancing security, usability, and delivery pace.

Role Fit

This role is ideal for an Information Security and Compliance Engineer who wants clear ownership, hands-on impact, and the opportunity to build security foundations that support the safe scaling of advanced robotics, AI platforms, and global services.

About Engineered Arts

Engineered Arts is the leading manufacturer of full-size humanoid robots used for entertainment, education and communication. With 20 years of hardware and software development, our robots have been sold in over 30 countries worldwide with customers such as NASA, PwC, Meta and many more.

Our Ameca robot is well known as ‘the face of AI’ and a social media viral success, taking advantage of the generative AI craze. Along with our ultra-realistic Mesmer range of animated figures our robots continue to surprise and excite visitors at museums, theme parks, visitor attractions and trade shows as well as aid leading universities with AI and robotics research. Our robots are poised to break into the future mega-expansion service robot segment, with applications such as front of house, receptions, check-in desks, information points and PoS. We are also exploring how our humanoid robot technology can disrupt other robotics sectors such as the growing cobot sub-segment of the industrial robotics market.

We are a team of dedicated engineers and creatives striving to develop the very best experiences for our customers. Our internal motto is ‘Be Wow’, everything we do is fun, entertaining or surprising to encounter. We always push the boundaries of what is possible in humanoid robotics, researching and developing new systems and techniques to further their appeal. We explore and challenge the human perception of robots as well as the fear and discomfort and the excitement and joy life-like mechanical humanoids present.

At Engineered Arts, innovation is at the core of everything we do — and we believe true innovation only happens when diverse minds come together.

We are committed to building a workplace where people of all backgrounds, identities, and perspectives feel welcome, supported, and empowered to contribute. Whether you’re an engineer, developer, or creative thinker, we value what makes you unique.

We actively promote inclusion across our hiring, design, and development practices, and we’re always looking for new ways to reflect the world around us — in our team, our robots, and our ideas.

Because building the future means including everyone in it.”

We are committed to equal opportunity in employment and comply with all applicable non-discrimination and equal employment laws in the regions where we operate.