Security Engineer

About the role

Someone’s got to stop people from leaving S3 buckets open to the world. That someone could be you.

We need a security engineer who cares about keeping things locked down, not just ticking boxes on a spreadsheet. You’ll work across cloud environments, CI/CD pipelines, and application security for our clients, finding the holes before someone else does. If you’ve ever lost sleep over a misconfigured security group, you’ll fit right in.

What you’ll do

• Implement security controls across AWS environments
• Configure and manage security scanning tools in CI/CD pipelines
• Review infrastructure as code for security misconfigurations
• Support clients with Cyber Essentials and compliance requirements
• Monitor and respond to security alerts and incidents
• Write security documentation and policies
• Contribute to internal security standards and playbooks

What we’re looking for

• 2+ years of security engineering or DevSecOps experience
• Knowledge of AWS security fundamentals (IAM, Security Groups, KMS, CloudTrail)
• Experience with vulnerability scanning tools (Trivy, Snyk, or similar)
• Understanding of network security (firewalls, TLS, VPNs)
• Familiarity with at least one scripting language (Python, Bash, or Go)

Nice to have

• Container security experience (Docker, Kubernetes)
• Infrastructure as Code knowledge (Terraform, Pulumi)
• Familiarity with compliance frameworks (SOC2, ISO 27001, Cyber Essentials)
• Security certifications (CompTIA Security+, AWS Security Specialty)
• Bug bounty or CTF participation

What we won’t ask you to do

• Write a 40-page risk assessment that nobody reads
• Rubber-stamp insecure designs because someone senior said so
• Sit through compliance theatre. We do real security here
• Complete a take-home test the size of a dissertation