We’re hiring an experienced Cyber Security practitioner to take full ownership of our security function and lead Bloom to SOC 2 and ISO 27001 compliance. You’ll be responsible for day-to-day security operations, audit readiness, and the systems and processes that keep Bloom secure as we scale.

You’ll own security and compliance end-to-end, working closely with engineering, operations, and leadership to embed security into how Bloom operates.

Key responsibilities

Lead Bloom’s SOC 2 (Type II) and ISO 27001 compliance, including readiness, gap analysis, remediation, and audits.
Own compliance artefacts, evidence collection, documentation, and control mapping.
Act as the primary point of contact for auditors and ensure continuous audit readiness.
Monitor security systems (SIEM, intrusion detection, firewalls) and lead incident response activities.
Investigate security incidents and deliver clear remediation recommendations.
Conduct regular security assessments across systems, applications, and third-party tools.
Improve security operations through automation and streamlined workflows.
Serve as Bloom’s internal security SME, supporting teams and stakeholder reviews.
Deliver security awareness training and maintain disaster recovery plans.

Requirements

3+ years of experience in information security or internal security roles.
Hands-on experience delivering and maintaining SOC 2 and/or ISO 27001 compliance.
Strong knowledge of security operations, incident response, and threat detection.
Experience working with security standards and frameworks.
Familiarity with vulnerability scanning, risk assessments, and audit evidence management.
Certifications such as CISSP, CISM, or Security+ (preferred, not mandatory).
Excellent communication and interpersonal skills, with the ability to clearly translate technical concepts for non-technical stakeholders.
Ability to work independently while collaborating effectively across teams in a fast-paced environment.
Strong analytical and problem-solving skills, with high attention to detail.
Adaptable and committed to continuous learning and professional development.

Experience securing cloud-native SaaS platforms (AWS/GCP).
Experience with third-party/vendor risk management.
Understanding of data protection and privacy (GDPR alignment).

More about Bloom

Bloom is positioned to become a power brand in Future Of Work; On a mission to deliver ‘CAS’ Coaching At Scale. Our founders Alistair and Jamie have spent more than a decade building successful technology businesses together. Between them, they have created and sold companies to some of the world’s most successful enterprises and in the process have generated more than $1Bn in shareholder return.

Working at Bloom

Hybrid working 2-3 days a week in the office.
A great opportunity to play an integral role in important initiatives and have a meaningful impact.
The opportunity to work on a mission-led, purpose driven product, with a high-performing team.
Huge potential for career development and broad exposure as the company grows.
Plenty of opportunities to socialise and be part of a positive working culture - from regular team activities and lunch-and-learns.
Competitive benefits package including enhanced parental leave, and comprehensive health insurance.

Apply now

See more open positions at Bloom Coaching

Privacy policy Cookie policy