What we are building

Mimica's mission is to empower enterprises, teams, and individuals to reclaim their most precious resource — time and work more efficiently, with greater purpose and impact.

Our AI-powered task mining observes employee actions across the desktop and categorizes them into detailed process maps. Mimica’s process intelligence highlights inefficiencies, prioritizes improvements based on ROI, recommends the optimal technology for automation (RPA, intelligent document processing, GenAI), and provides a blueprint for building new automations and transforming work.

About the Role

We’re a fast-growing Scale-up building up our security program from the ground up. As the new member of the InfoSec team, you’ll own critical security initiatives end-to-end, working side-by-side with Engineers to harden our cloud-native SaaS platform and significantly raise our overall security posture.

This is a high-impact, high-autonomy role perfect for a self-starter who enjoys building and deploying scalable security processes in a scale-up environment.

What You’ll Do Day-to-Day

• Lead the build-out and operation of core security capabilities: vulnerability management, patching, SIEM/logging, cloud security monitoring, and alert triage.

• Deploy, configure, and tune security tooling (scanners, WAFs, CSPM, SIEM, endpoint protection)

• Partner with engineering to build security with developer experience in mind.

• Triage and assess vulnerabilities, drive remediation prioritisation, and reduce risk in a pragmatic yet rigorous way.

• Design and implement tactical incident-response playbooks and improve detection coverage.

• Periodically review major architectural changes and guide engineering on secure design trade-offs.

• Continuously improve processes so security scales as the company grows.

Who We’re Looking For

• Senior-level experience (typically 5+ years) in security engineering or SecOps, with a strong preference for hands-on roles in startup or scale-up environments.

• Proven ability to independently deploy and manage cloud security solutions, especially in GCP (big plus), AWS, or Azure.

• Deep expertise in one or ideally several of the following: vulnerability management programs, cloud-native SIEM/logging, CSPM/CNAPP tools, IaC security, secure SDLC integration, and incident response.

• You are mindful of developer experience as part of the process.

• Strong communication skills — you can explain complex risks or trade-offs clearly to both technical and non-technical audiences.

Nice to Have

• OSCP, CISSP, or similar offensive/security certifications;

• Experience preparing for SOC 2, ISO 27001, or FedRAMP

Location

This is a fully remote position. You can be based anywhere in the UK, Americas, or Western Europe within a UTC-6 to UTC+1 timezone.

If you’ve ever thought “I could build a much better security program than what I’m seeing right now” - this is your chance.

We are excited to meet you! 🚀

What we offer

💰 Generous compensation + stock options - aligned with our internal framework, market data, and individual skills.

🏢 Distributed work: Work from anywhere - fully remote, in our hubs, or a mix.

💻 Company-issued laptop*, remote setup stipend, and co-working budget

📍 Flexible schedules and location

☀️ Ample paid time off, in addition to local public holidays

🍼 Enhanced parental leave

🧘‍♀️ Health & retirement benefits

📖 Annual learning & development budget - up to £500 / €600 / $650 per year

🌴 Annual workaways and regular virtual & in-person socials

🌍 Opportunity to contribute to groundbreaking projects that shape the future of work

Note: Some benefits may vary depending on location and role

*On company equipment: Company-issued equipment (e.g. laptops) is provided for work use and must be returned upon departure, unless otherwise agreed.