
Musixmatch · Italy or Remote
About Musixmatch Musixmatch is the leading music metadata company, featuring the world’s largest lyrics catalog and a community of over 80M contributors. Musi...
About Musixmatch
Musixmatch is the leading music metadata company, featuring the world’s largest lyrics catalog and a community of over 80M contributors. Musixmatch is the trusted global partner of companies like Spotify, Apple, Amazon Music, Meta, Google, YouTube, Tidal, and Snapchat and works with nearly 4,000 music publishing rightsholders (representing more than 225,000 songwriters), including Sony Music Publishing, Universal Music Publishing, Warner/Chappell, Kobalt, BMG Rights, and the Harry Fox Agency.
We are a bunch of creatives who care about our work and what we do. We believe that participation and collaboration are key to getting things done well. We are looking for tech-savvy people who are eager to learn in a fast-paced environment, who have an international outlook on life, and who love taking on new challenges.
We are looking for a Security Practice Lead to own and drive information security across our organization. You will shape our security strategy, protect our systems, data, and expanding AI infrastructure, and act as a key voice in company-wide decisions. This is a high-impact, cross-functional role at the intersection of engineering, AI development, compliance, and leadership.
Define and own the security strategy: Oversee comprehensive security across cloud, network, and application layers, partnering with engineering on vulnerability management.
Secure AI & ML integrations: Establish and enforce security guardrails for AI pipelines and LLM deployments, protecting against AI-specific threats (e.g., prompt injection, data poisoning, supply chain) and ensuring model safety.
Risk & Incident Management: Assess security risks, monitor processes continuously, and coordinate effective incident response and recovery efforts.
Policy & Compliance: Develop and manage security policies, ensuring compliance with privacy laws, standard frameworks, and emerging AI regulations (e.g., EU AI Act), aligning closely with DPO directives.
Cross-functional Leadership: Collaborate with senior leadership to embed security (and AI security-by-design) into business decisions.
Security Evangelism, Training & Vendor Management: Champion a security-first culture across the company. Design and deliver training programs, run awareness campaigns, and act as an internal advocate who makes security understandable and relevant for everyone, from engineers to non-technical teams. Manage risk assessments for external vendors and consultants to ensure third-party security standards are met.
Proven information security leadership experience with the ability to translate technical risks into business language
Deep knowledge of standard security frameworks (ISO 27001, SOC 2, GDPR) and strong background in policy development
Solid understanding of AI security: familiarity with AI-specific vulnerabilities (e.g., OWASP Top 10 for LLMs) and experience securing data privacy within machine learning pipelines
Hands-on experience with cloud, application, and device security (MDM), incident management, and post-incident recovery
Ability to work cross-functionally with engineering, product, AI/Data, legal, and executive teams
Security certifications such as CISSP, CISM, CEH, or CAISP (Certified AI Security Professional)
Familiarity with AI risk management frameworks (e.g., NIST AI RMF)
Experience in the music, media, or entertainment tech industry
Familiarity with DPO workflows, privacy-by-design principles, and working with regulatory bodies
Relocation to Bologna (Italy) or remote work. We are a hybrid company.
Italian and English language lessons.
Top-class tech and equipment.
Company-wide retreats.
The gross annual base salary for this role is €60,000-€70,000, calibrated on experience and seniority. The package includes a variable performance bonus tied to individual and company goals, plus a flexible welfare credit to use on the benefits that matter most to you. As a distributed team hiring across multiple countries, compensation may vary based on local market benchmarks and employment conditions in the candidate’s location.
ABOUT US: SRLabs is home to knowledge leaders securing critical infrastructures in finance, energy, and telecommunications. We focus on hands-on hacking resilience – not compliance –, which we shape by combining our hacking research with impactful consulting work for innovation leaders that have a natural thrive for cutting-edge technologies. We come from diverse backgrounds from all over the world, and that's just the way we like it. From coding, reverse engineering, penetration testing, exploit scripting, process design, research and consulting skills, our mix of colleagues possesses a vast set of qualifications, that equips us to influence design decisions of large-scale organisations. YOUR RESPONSIBILITIES Job brief: In this role, you lead a team of security consultants delivering consulting and assessment services such as offensive assessments, resilience improvements, or AI security engagements for some of the world's most complex organisations. You are equally comfortable in front of a client board and in the weeds of a red team debrief. Your responsibilities: * Lead and oversee security engagements including red teaming, TIBER/DORA resilience assessments, penetration testing, and AI-focused security reviews and others * Act as the primary point of contact for senior client stakeholders – translating technical findings into business risk and actionable recommendations * Manage project delivery across scope, timeline, quality, and team utilisation * Mentor and develop junior and mid-level consultants, providing hands-on guidance on complex engagements * Drive business development by contributing to proposals, scoping, and client relationships * Shape our AI security offering – including LLM red teaming, model security assessments, and AI risk frameworks * Contribute to research and thought leadership that keeps SRLabs at the cutting edge WHAT DO YOU BRING? * Proven hands-on background in security with the credibility to lead technical teams * Experience leading or managing security consulting engagements, including client-facing delivery at senior levels * Solid understanding of enterprise and resilience frameworks * Familiarity with AI/ML security concepts * Ability to communicate complex security issues clearly to both technical and non-technical audiences * Strong communication skills in English and German is nice to have * Experience writing proposals, scoping engagements, and managing expectations WHAT AWAITS YOU WITH US? * A senior role with real influence over how we build and grow our offensive security practice * Diverse team of motivated security experts from many countries and backgrounds * Opportunity to shape cutting-edge AI security work before it becomes mainstream * Annual company retreat – a week of working holiday packed with fun, team building, and knowledge sharing * Professional development: conference speaking, research publication, and training budget * Competitive salary and flexible home office * 30 days vacation period * A wide range of benefits (discounts on Urban sports gym and Public transport ticket) APPLY NOW We are looking forward to getting to know you! SRLabs is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for our team.
At i3D.net, we provide world-class global coverage with one of the most interconnected networks in the world. Our solutions focus on low latency, zero packet loss, and unmatched scalability, enabling seamless experiences for millions of users worldwide. With dedicated support, bespoke solutions, and cutting-edge technology, we deliver reliable, cost-efficient infrastructure that empowers game developers and businesses to scale effortlessly. Partnering with major names like Nvidia, DuckDuckGo, and Ubisoft, we are shaping the future of gaming and network technology. WHY YOUR ROLE MATTERS At i3D.net, we’re building our internal security foundation, and you’ll be right at the center of it. As our Lead Security Analyst, you’ll play a key role in securing our Microsoft environment (including Azure, Entra ID, and IAM), while also working on broader topics like incident response, tooling improvements, and DDOS investigations. We’re currently moving to a new Microsoft tenant, which means you’ll help shape security from the ground up. This includes defining how access is managed, working closely with the Workspace Management (WSM) team, and supporting the rollout of new security controls and monitoring tools. You’ll collaborate closely with our other Security Analysts and subject matter experts to strengthen detection and response and help support our future SOC capabilities and i3D’s overall security program. WHAT YOU’LL BE DOING * Ownership of securing our environment from the physical layer all the way up to application: Help design and improve the security of our Azure tenant, Entra ID, and identity and access setup. * Partner with the Workspace Management (WSM) team: You’ll guide protecting employees, endpoints and tools. Coordinate with the team that manages rights, starters, movers, and leavers, so access stays under control and risks are caught early. * Tracking, and handling escalated alerts and incidents: Investigate alerts, respond to breaches or policy violations, and make sure issues are resolved properly. * Drive continuous improvement: Suggest smarter ways of working, contribute to the development of security tools and processes, and strengthen the overall security posture of the company. * Partnering with Risk and Compliance teams: maintain and enable our compliance with frameworks such as ISO27001 and NIS2 * Lead vulnerability management: Drive system patching efforts for user endpoints and server infrastructure, making sure vulnerabilities are addressed quickly and effectively. * Support our SOC setup: Help implement or improve tooling like SIEM and SOAR together with the other Security Analyst(s) and partners. * Stay ahead of threats: Track what’s happening in the security world and help us stay a step ahead. * Keep others informed: Make sure relevant updates get to the right people, and that security processes are well documented. * Collaborate with external partners: Join conversations with groups like CSIRT-DSP and handle outside security contacts when needed. * Work with internal teams: Server as a SME and business partner to aid other departments and product teams to improve how they handle security in their own systems and workflows. WHAT SUCCESS LOOKS LIKE IN THE FIRST YEAR * Our technology environment is safer, easier to manage, and aligned with best practices. * Alerts and incidents are handled faster and with more confidence, reducing overall risk. * Our SOC tooling and processes have improved, thanks to your input and collaboration. * Vulnerability management is running smoothly, and critical systems are patched on time. * The company’s overall security posture has strengthened - security is embedded in workflows and visible across teams. * You’ve made yourself known across the company as someone who drives security forward and gets things done. YOUR PROFILE * Broad security ownership experience: You bring 5+ years of experience securing enterprise environments and have owned security outcomes across identity, infrastructure, endpoints, cloud, and incident response. You have been responsible for improving security posture, not just monitoring it. * Deep Microsoft security expertise: You have hands-on experience securing Azure, Entra ID, Conditional Access, Privileged Identity Management (PIM), Intune, and Microsoft Defender. You understand how to design and implement secure identity and access controls at scale. * SOC/Blue Team experience: You've monitored, detected, and responded to security threats in live environments, led incident investigations, and coordinated remediation across multiple teams. * Security tooling and detection engineering: You have experience implementing and improving SIEM, SOAR, and detection capabilities, developing use cases, tuning alerts, and increasing the effectiveness of security monitoring. * Vulnerability management leadership: You have driven vulnerability remediation programs, partnered with infrastructure teams to prioritize risks, and ensured critical findings are resolved effectively. * Security architecture and stakeholder influence: You are comfortable advising technical teams, challenging existing approaches, and helping shape security controls, standards, and processes across the organization. * Reliable and flexible when needed: You’re available when something urgent comes up, even outside of regular hours. * Netherlands-based and Hybrid-ready: You live in the Netherlands and are happy to join us on-site around two days a week. GOOD TO HAVES * Experience with SIEM and SOAR tooling: It’s a plus if you’ve worked with tools like Wazuh, Sentinel or Splunk and helped set them up or improve how they’re used. * Certifications: CISSP, CISM, CompTIA Security+, CySA+, AZ-500, or SC-900 or other relevant security certifications help, but your real experience matters most. * Familiarity with secure development practices is a bonus. WHY JOIN US? * Real Impact: Your work directly protects our employees, platform, our customers, and the broader internet, from handling DDOS cases to shaping how we secure our systems. * Small Team, Big Ownership: You’re not just a cog in the machine; you’ll help shape tools, processes, and how we grow our security practice. * Competitive Perks: Enjoy great pay, shift bonuses, annual bonus, 25 vacation days (excluding national holidays), travel allowance, and a premium-free pension. * Skill Development: Level up with career guidance and education reimbursement. * Gaming Perks: Get lifetime access to Ubisoft’s game library and two free games every year. * Stay Active: Use our in-house gym in Rotterdam or unwind in the game and music rooms.
Education is one of the world's most important systems. At Kognity, we develop technology that enhances its effectiveness for both the teachers delivering it and the students who rely on it. The problems are real, the work is challenging, and the results show up in classrooms every day. We're a 125-person EdTech scale-up powering learning in 140+ countries, helping students and teachers thrive through an intelligent platform that combines rich, interactive pedagogy with smart AI and data. Why join Kognity? Work on problems that matter – Your work directly influences the lives of teachers and students in over 100 countries. The scale is global, and the outcomes are tangible. High ownership, high expectations – You are trusted to take initiative, make decisions and drive outcomes. Responsibility comes early, accountability is real, and results matter. A fast-moving, high-performing team – You will work with smart, driven colleagues across the globe on complex problems. Standards and expectations are high, feedback is direct, and the pace is fast. Continuous growth is the baseline – Everyone is expected and supported to learn quickly, improve constantly and raise their own bar. If you enjoy responsibility, momentum and meaningful challenge, you will thrive here. What you'll do As an Information Security Manager you will get a chance to take ownership of Kognity's information security programme, keeping certifications like SOC 2 and ISO live and evolving, and driving incident response and customer trust for a platform used in classrooms across 120+ countries. You will: Take full ownership of Kognity's information security certifications and the policies behind them, turning a complex compliance landscape into a dependable system. Manage Kognity's incident response plan and strategy for data breaches, ensuring the business can respond quickly and confidently if an incident occurs. Oversee the IT and data security of Kognity's web systems, including banking security, keeping customer and company data protected across our platform. Lead customer information security dialogues and respond to RFPs, building Kognity's reputation as a partner customers can trust with their data. Manage physical security across Kognity's premises, keeping security risks to our offices and people to a minimum. Provide day-to-day support to teams across Kognity on information security questions, keeping good security practice a part of how people work rather than an afterthought. What we're looking for Experience working with information security frameworks (SOC2, ISO 27000 and ISO 42000) and ownership of an information security set-up end to end. A collaborative approach, comfortable managing security-related projects across functions such as Legal, Engineering, and Commercial. A commercial mindset, understanding how information security not only protects Kognity but also drives customer trust and business success. A passion for AI and a drive to experiment with new tools to enhance creativity, decisions, and execution. Our Values We take ownership We are transparent We make every week count We obsess over customers We show up with heart How we hire Discovery call with a Recruiter Hiring manager discussion Case study Values discussion Leadership talk References