about 6 hours ago
London, United KingdomMid Level / Senior
Responsibilities
- Own the secure SDLC by implementing SAST, dependency scanning, and PR-blocking standards.
- Harden AWS and Cloudflare security through IAM, secrets management, and network segmentation.
- Run end-to-end pen testing, coordinating with scanners and researchers to address findings.
- Threat-model product features prior to release, including new authentication providers and APIs.
- Build detection and response capabilities for credential and authentication flows.
- Partner with engineering for architecture reviews and security standards in code.
- Utilize LLMs and agents to enhance security workflows with trusted guardrails.
- Support compliance efforts related to SOC 2, ISO 27001, and customer security reviews.
Requirements
- 3+ years of experience in security engineering with hands-on AWS security.
- Strong coding skills in TypeScript, Python, or Go for production code development.
- Fluency in application security concepts, including OWASP Top 10 and threat modeling.
- Experience securing a B2B SaaS multi-tenant production environment.
- Ability to manage end-to-end work processes independently.
- Clear communication skills with technical and non-technical stakeholders.
- Preference for automating security checks over manual processes.
- Preferred experience with IaC tools like AWS CDK or Terraform.
Benefits
- Meaningful share options (EMI) to participate in the company's success.
- 25 days of holiday plus an additional day for each year of tenure.
- Private health insurance, including dental and optical coverage.
- Daily lunch budget of £15 when working from the London office.
- £1,000 for home office setup and an annual £500 top-up.
- Annual team offsite events in sunny locations.
- Opportunity to work with a veteran team from top tech companies.
- Health, fitness, and gift card discounts available.
- Cycle2Work and Electric Cars scheme offered.
- Hybrid working model with flexibility in arrangements.