
Humaans · London
ABOUT US Humaans is building the next generation of infrastructure for the workplace; software designed for companies that are scaling fast, operating globally...
Humaans is building the next generation of infrastructure for the workplace; software designed for companies that are scaling
fast, operating globally, and pushing into new boundaries.
What started as a system of record has evolved into a broader platform for operating people globally. With Athena, our agentic AI
layer, Humaans moves beyond data management into intelligent orchestration, connecting workflows across HR, IT, Finance, and
Operations so organisations can act faster and with greater confidence, redefining how work gets done.
We work with ambitious teams across Europe and the US, from AI-native companies like Lovable, Poolside, Fyxer AI, and Tandem
Health, to established, high-growth organisations scaling internationally and through acquisition, including Quantexa, Sellpy,
Manychat, Gigs, Croud, and Threecolts. These teams don’t buy software for features,they buy leverage. The ability to run faster,
cleaner, and with more control as complexity compounds.
To date, we’ve raised $20m in venture funding from some of the most respected founders, operators, and funds in technology: Lachy
Groom (Physical Intelligence), Stewart Butterfield (Slack), Tobias Lütke (Shopify), Dylan Field (Figma), Jeff Weiner (LinkedIn),
Claire Johnson (Stripe), Oliver Jay (OpenAI), Jay Simmons (Bond) as well as Y Combinator, Moonfire, Frontline Ventures, Pathlight
Ventures, and Exor.
If you have massive ambition and want to work on a hard problem, with a small team that moves fast, at a moment when the category
is genuinely up for grabs - this is it.
We're looking for a Security GRC Manager to own the systems, processes, audits, and customer-facing trust work that help Humaans
scale into more demanding markets.
This is a hands-on ownership role, built around AI. You'll run our security compliance programme throughout the year, not just
during audit season. AI is how the work gets done here. It drafts policies, speeds up questionnaire responses, and keeps evidence
current. You already use these tools daily and know how to get real leverage from them.
You'll own the operating rhythm for frameworks like ISO 27001, SOC 1, SOC 2, HIPAA and future standards that matter to our
customers. You'll keep evidence organised, controls running, policies up to date, vendors reviewed, risks visible, and audits
moving smoothly.
Own the commercial trust layer. Security questionnaires, enterprise diligence, vendor reviews; fast, accurate, reusable. You'll be
in the room with enterprise buyers; on calls, in reviews and procurement threads, ensuring security won't be the reason a deal
slows down.
This role sits at the intersection of Security, Legal, Product, Engineering, Revenue, and Operations. You don't need to be the
person configuring every system yourself, but you do need to understand how modern SaaS companies operate, ask sharp questions,
drive action across teams, and keep the bar high.
Humaans has a trust function that helps us win. In this role, you'll ensure evidence is stronger, controls are cleaner,
questionnaire turnaround is faster, ownership is clear. Security compliance is a commercial asset and enabler to growth.
pursue.
Finance and Operations.
incident response documentation that support our certifications and customer commitments. AI drafts and updates these artefacts
and keeps evidence current year-round, not only at audit time.
DPAs, subprocessors, data protection questions, and enterprise diligence.
Trust collateral stays current. A review process holds quality as volume scales.
the company down unnecessarily.
related role.
questionnaire responses, reviewing vendor documentation.
security questions clearly, and give buyers confidence.
read.
product development, customer data and enterprise sales.
This is an in-person role. Our team comes together in the office Monday through Thursday, while most of the team collaborates in
person on Mondays, Tuesdays, and Thursdays.
Early stage startups can be messy – we know that. We're putting effort in providing you with the best employee experience and a
quality driven environment in exchange for trusting us.
HR tech is having its AI moment and we’re positioned to own it. Humaans started as a next-gen HRIS taking on large incumbents in a
massive market. We’ve since evolved into something even bigger: an AI platform that sits across workforce data and automates the
operational layer of HR entirely; the natural progression of what we’ve been building toward.
The product is highly differentiated. It’s built around a structured workforce data model that makes AI reliable in an HR context,
something no one else has gotten right. Customers notice the difference immediately.
We’re backed by Y Combinator, Lachy Groom, Moonfire, Frontline Ventures, and operators who’ve built some of the most consequential
software companies of the last decade: the founders of Slack, Figma, and Shopify, and Asana’s former CRO and Head of OpenAI
International.
We’re a small team with an unapologetically high bar. It shows up in the product, in how we communicate, and in the standards we
hold each other to.
At Humaans we’re looking for genuinely good people that are transparent and emphatic. We’re committed to providing equal
opportunities, a diverse and inclusive work environment, and ensuring a fair interview process for everyone. You’re welcome to
apply no matter your gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race.
We care about your privacy. When you apply for a role at Humaans, we’ll collect and process your personal data as part of our
recruitment process. This includes things like your CV, contact details, and any other information you choose to share. We may
also contact you about future opportunities. You can ask us to delete your data at any time. For more details, see our Privacy
Policy.
Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology- and data-driven group implementing a scientific approach to investing. Combining data, research, technology, and trading expertise has shaped our collaborative mindset, which enables us to solve the most complex challenges. QRT’s culture of innovation continuously drives our ambition to deliver high-quality returns for our investors. You will work within the Cyber Security function, supporting the delivery of security initiatives across the organisation. The team partners with Technology, Engineering, and Infrastructure teams, as well as senior stakeholders, to ensure security programmes are delivered effectively and aligned with business priorities. Your Future Role within QRT You will: * Lead end-to-end delivery of cyber security projects within a broader programme framework * Manage multiple concurrent workstreams, including identity and access management, cloud security, risk remediation, and compliance initiatives * Develop and maintain project plans, timelines, and resource allocation * Ensure programme governance, including management of risks, assumptions, issues, and dependencies * Drive stakeholder engagement across technical teams and senior leadership * Translate cyber security concepts into clear, business-facing updates * Build and maintain programme dashboards using Power BI or Tableau to improve reporting automation * Track objectives, milestones, and programme performance metrics * Identify delivery risks and implement mitigation actions * Collaborate with Cyber Security, Infrastructure, and Engineering teams to align on technical requirements * Ensure alignment with internal standards, security frameworks, and regulatory requirement Your Present Skillset * Experience delivering IT or cyber security projects in complex environments * Strong understanding of IT infrastructure, cloud environments, and security principles * Experience using Power BI or Tableau for reporting and dashboard creation * Experience automating reporting and working with structured data sources * Knowledge of project management methodologies (Agile, Waterfall, or hybrid) * Strong stakeholder management and communication skills * Experience managing timelines, dependencies, and cross-functional delivery * Familiarity with cyber security frameworks such as NIST, ISO 27001, or CIS * Experience delivering cyber security or transformation programmes * Certifications such as PMP, PRINCE2, or Agile (Scrum) * Exposure to GRC tools or security platforms * Experience working in regulated environments QRT is an equal opportunity employer. We welcome diversity as essential to our success. QRT empowers employees to work openly and respectfully to achieve collective success. In addition to professional achievement, we are offering initiatives and programs to enable employees achieve a healthy work-life balance.
ABOUT FREETRADE Freetrade’s mission is to become the default place to invest. Investing has been too complicated and expensive for too long, keeping millions from making the most of their savings. We’re changing that. We’re building our team and looking for people who are excited to reshape how our customers invest and grow their wealth. If you’re driven by solving complex problems and building innovative products, you’ll fit right in. 2026 is a big year for us. Last year, we announced a game changing deal to become part of the IG Group. We’ll continue to operate as an independent business while gaining access to the resources and support of an established leader in the space. This year, we’re accelerating our roadmap and taking our products to the next level. We’re building new features like mutual funds, bonds, and family investment tools. We’re also exploring how we can leverage AI to deliver an even better experience for our customers. At Freetrade, we're on a mission to make investing accessible to everyone. We operate in a highly regulated financial environment where security isn't just a function, it's a foundation. As we scale, we're looking for a sharp, motivated Security Intern to join our Security, Privacy and Infrastructure team for the summer and contribute to real, meaningful work from day one. About the Role This is a hands-on internship, not a shadowing exercise. Whether you're a student, a recent graduate, or making your first move into security, you'll be embedded in the security team, working on operational tasks and a dedicated project designed to directly improve security at Freetrade. Your time will be split roughly 50/50 between supporting ongoing security operations and owning a scoped project with a clear outcome. You'll be supported throughout, with a defined onboarding plan, pre-scoped tasks, daily check-ins with your manager, and weekly visibility with the Director of SPI. What You'll Work On * Remediation: Vulnerability triage and proof-of-concept testing, putting your offensive security and pentesting skills to practical use. * GRC: Supporting vendor security review processes, assessing third-party risk against our security standards. * Automation: Assisting with AI tool adoption assessments, helping evaluate new tools for security and privacy risk. What You Bring Technical skills: * Foundational knowledge of offensive security, pentesting, or bug bounty practices. * Comfortable writing scripts or code in any language, Python preferred. * Solid understanding of core security concepts and principles. * Any hands-on experience with vulnerability assessment tools or CTFs is a plus. Soft skills: * Open to feedback and acts on it quickly. * Fast learner who is comfortable with ambiguity and can ramp up independently. * Clear and concise communicator, written and verbal. * Reliable, organised, and takes ownership of their time and commitments. * Collaborative and comfortable working across teams. Programme Structure * Duration: 10 weeks * Onboarding: Weeks 1 to 2, structured ramp plan with a pre-defined task list so you hit the ground running. * Split: 50% operational security work, 50% dedicated project to improve security at Freetrade. Support and Management * Direct reporting line to the Security function lead. * Daily check-ins with your intern manager. * Weekly skip-level with the Director of SPI for feedback, alignment, and visibility. * All work will be well-scoped and documented before you start, no vague briefs. What's in it for You * Paid internship with real responsibilities from day one. * Work on live security challenges in a highly regulated fintech environment. * Learn from an experienced security team with deep expertise across offensive security, privacy, and infrastructure. * Build a portfolio of tangible, real-world security work to accelerate your career. * A genuine pathway to a full-time role as part of Freetrade's 2027 headcount plan for high performers. Please note, applicants must be 18 years of age or older at the time of application and legally eligible to work in the relevant location. We are an Equal Opportunity employer committed to a diverse and representative team. Whatever your race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability - we want to hear from you. To find out more about how we look after your personal data when you apply for a job with us, please see our Recruitment Privacy Policy here. Please note we are not accepting agency CVs.
Since being founded in 2018, Copper has been building the standard for institutional digital asset infrastructure with a focus on custody, collateral management, and prime services. Led by Amar Kuchinad, Copper's Global CEO, the firm provides a comprehensive suite of custody, trading and settlement solutions that reduce counterparty risk and bring greater capital and operational efficiency to digital asset markets. At the heart of Copper's offering is Multi-Party Computation (MPC) technology – the gold standard in secure custody. Copper’s multi-award winning custody system is unique in that it can be connected to centralised exchanges, DeFi applications and even staking pools without the assets leaving the custody. Built on top of this state-of-the-art custody, ClearLoop is the first solution in the market that overcomes a growing industry challenge; counterparty risk with exchanges. This solution underpins a full prime services offering, connecting global exchanges, and enabling customers to trade and settle directly from the safety of their MPC-secured wallets. By reducing settlement time for transfers to a few milliseconds (without blockchain network dependency) and offering enhanced security measures, ClearLoop is rapidly reshaping the way asset managers trade and manage capital. In addition to industry-leading security certifications, Copper has one of the strongest insurance coverages in the industry from an A+ rated insurer, positioning the firm as the partner of choice for institutions seeking to safeguard their assets. Department/Team Purpose: Copper provides institutional digital asset custody, settlement, and collateral management services across a wide range of blockchains and integrated venues. Information Security protects the firm's platforms, client assets, and regulated entities across the group. Role Purpose: The Principal Security Architect is the senior technical authority for security architecture at Copper. The role reports to the CISO and partners closely with Engineering. The holder sets architectural direction, reviews and approves designs for major change, and acts as the firm's reference point on the security of the systems, protocols, and integrations Copper depends on. The role is predominantly architecture and assurance, with limited hands-on solution design in the cloud and integration space where reference patterns are needed. Key Responsibilities: Architectural authority * Hold formal security sign-off authority for major changes to Copper's platforms, infrastructure, and integrations. * Shape and maintain the security architecture patterns, principles, and reference designs that engineering teams build against. * Provide the senior technical security position in architectural and business decisions, including escalations where security and delivery pressures conflict. Custody, signing, and cryptographic architecture * Provide architectural security leadership over Copper's signing infrastructure, working alongside specialist engineering and cryptography teams. Scope covers the people, process, and operational design around MPC-based signing. Solid conceptual grounding in threshold cryptography and signature schemes is required; cryptographer-level work is not. * Review and approve changes to transaction construction, signing flows, approval policy, and key lifecycle operations. * Provide architectural assurance over chain-of-trust constructs adjacent to custody, including verifiable build pipelines, hardware-backed code signing, and authenticator-bound administrative paths. Multi-chain and integration security * Reason at architectural depth across the range of blockchains Copper supports, including EVM, UTXO, and account-based non-EVM families. This requires a working understanding of transaction construction, signing semantics, consensus assumptions, and validator and staking models across these environments, without being a protocol engineer in any of them. * Assess third-party smart contract architectures, implementations, and audit reports to a level sufficient to understand the exploit and risk surface, without performing line-by-line code review. * Review first-party integrations with partner networks, including those underpinning staking and similar on-chain participation, and form a defensible security position on the operational and contract risk Copper inherits. Settlement, collateral, and off-exchange architecture * Provide architectural ownership of the security model for Copper's settlement, collateral mirroring, and off-exchange product surfaces. * Reason about the trust boundaries between Copper, venues, and clients, and ensure architectural controls match the obligations each side carries. Identity and access architecture * Own identity and access architecture as a dedicated pillar of the role. * Set patterns for workforce, workload, and third-party identity across Entra ID, federated SSO, OAuth2 / OIDC, SAML, and modern authenticators. * Govern entitlement design, privileged access, and access models for contractors, vendors, and external operators. Cloud and platform security * Maintain working architectural fluency in both AWS and Azure, including network topology, segmentation, secrets handling, and platform telemetry. * Produce reference patterns and, where needed, direct integration designs in the cloud and platform space. Third-party and protocol risk * Lead technical security review of vendors, integrated venues, and protocols, including challenge of assurances that do not stand up to scrutiny. * Support client and counterparty due diligence on the technical content most likely to be misrepresented or under-specified. Policy, regulatory, and assurance support * Maintain a working understanding of the regulatory regimes applicable to Copper's licensed entities sufficient to translate architectural decisions into language Compliance and GRC can defend. Primary ownership of regulatory positioning sits elsewhere. * Contribute to security policy, standards, and control framework development as the senior technical reviewer. * Participate in resilience exercises and incident reviews where architectural input materially shapes the outcome. Skills and Experience: Essential * Multi-chain architectural literacy. Able to reason across EVM, UTXO, and non-EVM account-based chains at the level of transaction construction, signing, consensus, and validator models. Comfortable assessing third-party smart contract designs, implementations, and audit reports for exploit and risk surface without performing code review. * Custody and signing architecture. Strong conceptual grasp of threshold signing, signature schemes, and key lifecycle. Able to design and challenge the operational architecture around signing, separation of duties, approval policy, key ceremony equivalents in MPC, and recovery, to a high standard. * Settlement and collateral architecture. Demonstrable experience reasoning about settlement, collateral, and off-exchange constructs, including trust boundaries between custodians, venues, and clients. * Identity and access architecture. Senior-level experience designing and governing identity across Entra ID, federated SSO, OAuth2 / OIDC, SAML, and modern authenticators. Comfortable with entitlement governance and third-party access design. * Cloud security. Working architectural understanding of AWS and Azure, including the ability to produce reference patterns and limited direct integration designs. * Architectural authority and judgement. Track record of holding sign-off on significant designs, taking defensible positions under uncertainty, and owning residual risk. * Change review and assurance. Comfortable reviewing the work of engineering peers, infrastructure changes, and vendor designs, and able to hold the line where it matters. * Communication. Able to operate credibly with engineers, senior business stakeholders, auditors, and regulators in the same week, without losing precision at any of them. Desirable * Familiarity with chain-of-trust constructs including verifiable builds, reproducible build pipelines, and hardware-backed code signing. * Awareness of the regulatory landscape relevant to digital asset custody and trading (for example FCA, FINMA, FSRA / ADGM, MiCA). * Compliance familiarity across ISO 27001, SOC 2, and NIST CSF / 800-53, with the ability to map controls cleanly between them. * Enterprise architecture grounding (TOGAF, SABSA) where it complements rather than replaces technical depth. Why Copper? At Copper, we keep innovation, openness, and curiosity at the centre of everything we do. Here, bold ideas get the spotlight, learning is constant, and diversity shapes our team from the ground up. Jump into a fast-moving, dynamic team that loves a challenge and knows how to have fun along the way. Collaboration is just as important as results—you’ll be surrounded by smart, driven colleagues in London and across our APAC, Switzerland, UAE, and US offices. Hybrid working model – we believe in the value of bringing people together and at the same time we embrace the adaptability of flexibly working. Diversity and inclusion matter to us – they’re woven into Copper life. From employee-led groups like Women at Copper to a committee focused on community and wellbeing, you’ll have a network that supports you from day one. Everyone voice matters. If you’re looking to ramp up your career, or keen to do something new in your field, with us, you’ll keep moving forward. Ready to make your mark, keep growing, and join a supportive, dynamic team? Copper’s the place. The interview process at Copper Our interview process is designed to be thoughtful, efficient, and engaging. While specific steps may vary slightly depending on the role, the typical journey includes: 1. Initial Screening A brief conversation with our Talent Acquisition team to explore your background, motivations, and alignment with the role. 2. Technical Interview A virtual session conducted via Microsoft Teams, where you'll engage with team members to discuss relevant skills, problem-solving approaches, and technical experience. 3. In-Person Interview A conversation focused on team dynamics, collaboration style, and any final technical questions. This may be with cross-functional peers or leadership. Additional steps may be added based on the role's complexity or seniority. We aim to keep the process transparent and respectful of your time. Benefits In return for everything you can bring to Copper, we can offer you an exciting, challenging role in a fast-growing and dynamic business, with career opportunities and welcoming working environment. Some of our key UK benefits are highlighted below: * Paid Time Off - A minimum of 35 days of paid time off per year, inclusive of annual leave and public holidays. Employees also receive one additional day of annual leave for each year of service. * Comprehensive Medical Insurance - Inclusive of dental, optical, audiology, and mental health coverage, with medical history disregarded * Life Insurance * Enhanced Pension Contributions - Includes an enhanced employer matching contribution * 24/7 Employee Assistance Programme (EAP) If you think you have everything we're looking for and more, then we'd love you to apply for the opportunity. Copper is an equal opportunity employer. We embrace diversity and equal opportunities in a serious way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be. So, bring us your experience, perspectives, and skills. It is in our differences that we will continue to grow and ensure Copper is transforming how institutional investors engage with digital assets. Copper is a Disability Confident Employer, please let us know if you have a disability. If you require us to provide any assistance during the recruitment process, then we would ask you to highlight this to us and we will be happy to accommodate.