Who are we?
Humn.ai is an award-winning venture-backed InsurTech headquartered in London but working wherever you are. We are a data-first start-up on a mission to make insurance work better for commercial transportation fleets. We make risk visible and price insurance by the second so businesses can focus on what they do best: move people and goods safely.
Our core platform utilises streaming telematics data and adjusts insurance pricing in real-time reacting to the driver's usage, behaviour and environment to enable us to offer previously impossible insurance products.
What's important to us?
Our ethos is built on the principles of empowerment and autonomy. We believe in the power of open collaboration, open communication & open-source software. We need people who understand what it is like to be part of a shared mission and what it takes for a team to succeed. Skills are important but people are everything. If these words speak to you, you should talk to us!
What will you be responsible for?
- You will be an essential part of an award-winning venture-backed and rapidly growing InsurTech.
- Defining and establishing the Cybersecurity standards and strategy for the whole organisation
- Building a Cybersecurity team
- Undertaking the organisation’s Data Protection from a technical standpoint
- Evaluating our existing security frameworks and processes, including (but not limited to) vulnerability scanning and intrusion detection systems, taking ownership of them and making changes to them
- Undertaking pentests regularly (or engaging with a 3rd party for that purpose) and pushing security fixes forward through the Engineering organisation
- Raising security awareness across the organisation
- Designing and building security products for our customers
We want you because you
- Have a good understanding of Kubernetes infrastructure and containerisation of apps from a security standpoint
- Have experience establishing AWS or other Public Cloud vendors security standards including Identity and Access Management
- Are comfortable using BurpSuite, Netsuite, OWASP ZAP, Metasploit and/or Nessus or other similar scanning/exploiting frameworks
- Can leverage OIDC claims/scopes and JWT integration with web services; SAML a nice to have
- Have an excellent understanding of the principles of Confidentiality, Integrity and Availability
- Love cryptography and know how to leverage it to achieve enterprise level security
- Have experience with Key Management Systems, AWS KMS and Secrets Manager a plus
- Ideally have a recognised certification such as OSCP, CREST, CCE, Security+, or any from GIAC
A great candidate would have experience with:
- AWS Cognito
- Go and/or Python
- AWS DynamoDB or other NoSQL databases from a developer and security integration perspectives
- JVM security
- Homomorphic encryption
- SQS, Kafka or MQTT
- Good communicator
- An eagerness to learn
- Good explainer: can make the complex simple
What will I get in return?
- Competitive salary
- You will be eligible to participate in our options scheme and will benefit from being an early joiner
- Work from the London office, from home or from anywhere!
- Very flexible and generous vacation policy*
- A cutting edge technical environment to tune your skills
* Our policy aims to encourage staff to consider flexible working arrangements. We recognise that a better work-life balance can improve employee motivation, performance and productivity, and reduce stress. Therefore we support employees in achieving a better balance between work and their other priorities, such as caring responsibilities, leisure activities, further learning, and other interests. Humn.ai is committed to agreeing on any flexible working arrangements, provided that the needs and objectives of both the organisation and the employee can be met.