Security Engineer

About The Position

Requirements

• AWS cloud security: Deep hands-on expertise designing and operating AWS native security services such as Security Hub, GuardDuty, CloudTrail, IAM, and VPC, including detection tuning and guardrail design.
• AWS cloud infrastructure: Strong working knowledge of AWS infrastructure and services, sufficient to assess architecture for security risk and design remediations.
• CNAPP / cloud posture management: Hands-on proficiency in cloud posture management, identifying misconfigurations, prioritizing risk, driving remediation, and recommending preventative controls within a CNAPP platform.
• Vulnerability management: Proficiency driving the vulnerability management lifecycle, including scanning, risk-based prioritization, SLA definition, and driving remediation to closure across a mixed asset inventory.
• Endpoint and network threat detection: Hands-on experience operating and tuning endpoint and network detection tooling, including authoring detections, leading investigations, and coordinating response.
• Application security tooling: Experience designing and integrating application security controls (software composition analysis, SAST, secure pipelines) into engineering workflows and partnering with developers on remediation.
• Linux and Kubernetes: Solid hands-on experience securing Linux and Kubernetes environments, including hardening, monitoring, and leading remediation.
• Security frameworks: Practical experience applying and helping mature NIST 800-53, CIS Benchmarks, and/or ISO 27001 controls, including supporting audits and assessment responses.
• Security automation & IaC: Proficiency building automation and security-as-code (e.g., Terraform, Python) to operationalize and scale security controls.
• Technical leadership: Ability to mentor junior team members and act as a domain subject-matter expert.

Nice To Haves

• 5–8 years of hands-on experience in security operations, security engineering, or related roles, including demonstrated experience driving security workstreams end-to-end
• AWS Cloud Services (5+ years hands-on experience)
• Linux systems administration
• Automation & Infrastructure as Code (Terraform), including the ability to design and maintain reusable modules
• Deep hands-on experience across several of the following areas, with the ability to act as subject-matter expert in at least one: AWS security services, cloud security posture management, vulnerability management, endpoint detection and response, network threat detection, or application security tooling
• Strong, hands-on command of cloud security principles in AWS (IAM, networking, logging, encryption), including hands-on experience with AWS CloudWatch (Logs, Metrics, Alarms, APM, and infrastructure monitoring) for visibility and alerting
• Familiarity with observability and metrics tooling used to support monitoring, alerting, and security visibility
• Experience applying and helping mature security frameworks (NIST 800-53, CIS Benchmarks, ISO 27001), including supporting audits and assessments.
• Proficiency in Python and/or Bash for building and maintaining security automation and tooling
• Bachelor’s degree in computer science, Information Security, or a related field, or equivalent practical experience
• Senior-level certification preferred (e.g., AWS Security Specialty or CCSP); hands-on or foundational certs a plus (e.g., Certified Kubernetes Security Specialist (CKS), Security+, CySA+)
• Demonstrated experience mentoring or providing technical guidance to other engineers.

Responsibilities

• Run day-to-day security operations and engineering activities across our cloud and hybrid environment, prioritizing work across competing risks based on severity, timelines, and dependencies, and partnering with Information Security, IT, and Engineering teams to identify, drive, and verify remediation while continuously improving detection and response capabilities
• Monitor and respond to findings in AWS Security Hub and Amazon GuardDuty; tune and author detections to improve signal quality and reduce false positives, and define remediation standards that engineering teams can follow
• Independently manage cloud security posture using our CNAPP platform, setting risk prioritization criteria, driving remediation with asset owners, and grouping recurring findings to identify root causes and recommend preventative measures
• Drive the vulnerability management lifecycle using an enterprise platform, performing assessments, applying risk-based prioritization and SLAs, and driving findings to resolution across a mixed asset inventory; coordinate penetration tests and remediation of their results
• Design and embed application security controls within development pipelines, partner with product and platform engineers to design remediation solutions, clearly communicate implications and timing of decisions, and recommend enhancements to code resiliency
• Operate and improve endpoint and network detection and response tooling, develop and tune detections, lead telemetry and threat investigations end to end, and coordinate response
• Lead investigation and response for security incidents, including high-severity events; lead root-cause analysis and drive post-incident corrective actions to completion across the relevant teams.
• Define and report security posture metrics and KPIs; explain complex findings and their implications to technical peers, leaders, and stakeholders outside the team, and respond to targeted technical questions from external audiences such as auditors, clients, and vendors.
• Independently automate security operations using scripting and infrastructure-as-code, developing reusable tooling that improves team efficiency and consistency.
• Stay current with emerging threats, CVEs, and platform changes; evaluate new security tooling and methodologies through proofs-of-concept and recommend adoption where they reduce risk.
• Work cross-functionally with engineering, information technology, and infrastructure teams to consult on security matters and champion secure-by-design practices.
• Mentor and provide technical guidance on security matters to junior team members and advise engineering teams on secure design.

Benefits

• Competitive benefits, including a range of Financial, Health and Lifestyle benefits to choose from
• Flexible working options, including home working, flexible hours and part time options, depending on the role requirements – please ask!
• Unlimited PTO policy, floating holidays, volunteering days and a day off for your birthday
• Learning and development tools to assist with your career development
• Work with industry leading Subject Matter Experts and specialist products
• Regular social events and networking opportunities
• Collaborative, supportive culture, including an active DE&I program
• Employee Assistance Program which provides expert third-party advice on wellbeing, relationships, legal and financial matters, as well as access to counselling services