Lead IT Security Engineer

Job description

We Are Redefining How People Approach Their Health

ZOE is the science and nutrition company leading a movement to transform the health of millions.

We exist because the food we eat is making us sick. Most of what we are taught about food is wrong.

ZOE runs the world’s largest nutrition science study to find scientifically proven solutions.

Our randomized controlled trial of ZOE proves that if you eat the right food for your body, you can feel healthier in weeks and be on track for more healthy years.

ZOE can change the way you eat, feel, and live. We host world-leading scientists on our podcast and bring proven science to your plate with Daily30+, our 30+ plant supplement.

Over 100,000 people rely on ZOE Membership, our personalized nutrition program, to make smarter food choices. ZOE Membership turns complex science into clear step-by-step actions, helping you improve your health with every meal.

ZOE means life — and you can change your life with food.

Visit our career page and become a ZOEntist 🚀

About the team

The IT function at ZOE is currently led by our Head of IT, supported by an IT Support Engineer. Together, they ensure the smooth operation of our internal systems and infrastructure. As we scale, security is a top priority, and this role will be instrumental in shaping and implementing our IT security strategy, working closely with teams across ZOE to build a robust security framework. You will partner with the Head of IT for strategic guidance but serve as the hands-on lead for security initiatives.

About the role

We are looking for a Lead IT Security Engineer to own and operationalise our security roadmap, ensuring the protection of our SaaS-based environment, devices, and data. This is a business-critical role and the first dedicated IT security position at ZOE, giving you the opportunity to shape our policies and practices from the ground up. You will collaborate closely with our Engineering, Legal, and IT teams to mitigate key risks (e.g., endpoint security, BYOD, privileged access) and embed a culture of security across the organisation.

What you’ll do…

• Shape and implement a comprehensive IT security roadmap that aligns with ZOE’s business goals, covering everything from endpoint security and identity/access management to DLP (Data Loss Prevention) and logging/monitoring.
• Drive security programs around OS and application patch management, disk encryption, and local admin privilege management, ensuring corporate devices and contractor/BYOD setups meet compliance and security standards.
• Assess, mitigate, and manage security risks across our SaaS ecosystem (over 100 apps), corporate IT systems, and infrastructure. Lead projects such as domain registration migrations, centralised logging/SIEM setup, and endpoint protection rollouts.
• Develop and enforce security policies and frameworks, covering identity and access management, incident response, vendor security reviews, and data handling.
• Drive automation and adopt Infrastructure-as-Code (IaC) patterns to ensure security controls and configurations are repeatable, consistent, and easily deployed across our endpoints and cloud resources.
• Lead security compliance efforts in partnership with the Legal team, and provide technical guidance to the organisation on data privacy regulations (GDPR, DPA, CCPA etc.)
• Monitor, investigate, and respond to security incidents, performing root cause analysis, implementing proactive measures and taking lead on responding to IT security incidents.
• Cultivate a security-first culture by delivering ongoing training (e.g., phishing simulations, secure practices) and collaborating with teams on secure SaaS configuration.
• Evaluate, select, and deploy security tools and technologies (e.g., EDR, MDM solutions), balancing strong security posture with user experience.
• Own privileged access reviews and work with stakeholders to enforce least privilege across critical applications and data.
• Stay ahead of evolving security threats and trends, continuously improving our security capabilities and processes.

What We’re looking for…

• Extensive experience in corporate IT security, cybersecurity, or information security, ideally in a fast-paced, SaaS-based and cloud-based environment.
• Proven ability to design, implement, and own security strategies independently.
• Strong understanding of network security, and device management (Mac, Chromebook, or other).
• Awareness of cloud security practices (AWS, GCP, or Azure).
• Hands-on expertise in incident response, vulnerability management, endpoint protection (e.g., EDR), and security operations (logging, SIEM).
• Deep knowledge of security industry best practices and data privacy regulations (GDPR, DPA, CCPA).
• Experience embedding security culture: phishing training, running security awareness programs (KnowBe4 or similar), and guiding stakeholders on best practices.
• Ability to communicate security risks and concepts effectively to both technical and non-technical stakeholders, and work autonomously on big initiatives.
• A proactive, problem-solving mindset: comfortable tackling complex issues like domain migrations, privileged access reviews, and DLP rollout in a single role.
• Experience working in a remote, international team is a plus.

The experience, skills, and attributes listed above reflect what we believe will contribute to success in this role. If you’re passionate about ZOE and the opportunity, but don’t meet 100% of the criteria, we still encourage you to apply. We are committed to supporting growth and are happy to offer upskilling opportunities where possible.

Compensation Philosophy

At ZOE, we are committed to offering competitive and equitable compensation that reflects the value of each role and aligns with regional labor market standards. Our approach to compensation goes beyond just base salary — we offer a comprehensive package that includes base pay and stock options, ensuring that every team member is rewarded for their contributions to the company’s growth and success.

We believe that building a thriving team requires not only providing fair and competitive compensation but also fostering an environment where success is shared collectively. Our total compensation package is designed to support the well-being of our employees, recognise their individual contributions, and empower them to grow alongside ZOE.

Benefits & Perks

At ZOE we understand the significant role our benefits play in motivating, inspiring and safeguarding our employees’ well-being. Our benefits strategy is thoughtfully designed to echo our mission and values, recognising the diverse needs arising from different life stages of our ZOEntists.

Our approach to benefits takes an inclusive and flexible view of both personal and professional growth. From competitive health insurance and wellness packages to inclusive parental policies, building connection, and tailored professional development programs, we’ve got you covered.

At ZOE, we continue to build a benefits package that invests in our team members’ long-term personal and professional growth and wellbeing, adding to this list as it evolves.

Equal opportunities

We are committed to fostering a diverse and inclusive team where every individual can bring their authentic self to work. We believe that this is key to our success and are dedicated to positively impacting the tech industry. As part of our commitment to equal opportunities, we encourage candidates from underrepresented backgrounds to apply. We ensure a respectful and inclusive environment for all and do not discriminate on the basis of race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, marital status, disability, or age. If you require any accommodations during the interview process, please feel free to inform us, and we will make every effort to support your needs.