Key skills
AWSCloudJavaScriptPythonTerraformGoBashIAMGitCI/CDCloud SecurityWAF
About this role
Role Overview
- Own & Evolve Security Standards
- Take ownership of security standards across Phorest, ensuring they are practical, up-to-date, and consistently applied. Continuously improve them in line with evolving threats, business needs, and industry best practice.
- Protect Our Cloud & Infrastructure
- Configure, maintain, and optimise security tooling across our AWS environment. Lead threat monitoring, improve alert quality, and proactively identify gaps in our security coverage.
- Drive Risk Reduction
- Lead security assessments across infrastructure and applications. Prioritise vulnerabilities based on risk and work closely with teams to ensure effective remediation. Facilitate threat modelling to catch risks early in the development lifecycle.
- Embed Security into Engineering (Shift-Left)
- Partner with engineering teams to integrate security into CI/CD pipelines and development workflows — enabling secure-by-default practices without slowing delivery.
- Incident Response & Triage
- Lead the triage and analysis of security alerts and incidents. Provide clear guidance on remediation and identify patterns to reduce recurring risks.
- Be a Trusted Security Partner
- Act as a go-to security point of contact across the business. Support teams in making secure decisions, balancing risk with practicality and speed.
- Build Security Awareness & Culture
- Contribute to internal security education and secure coding initiatives, helping teams understand not just the “what” but the “why” behind security.
- Continuously Improve Our Security Posture
- Identify opportunities to strengthen our tools, processes, and ways of working — and take ownership of driving those improvements forward.
Requirements
- Strong Security Foundations
- You have a solid understanding of threat detection, vulnerability management, and secure development practices.
- Cloud Security Experience (AWS)
- You’ve worked hands-on securing cloud environments, with experience across areas like IAM, networking, logging/monitoring, and threat detection (e.g., GuardDuty, Security Hub, WAF).
- Technical & Tooling Depth
- You’re comfortable working with modern engineering tooling and environments (e.g., Git, Terraform, CI/CD pipelines), and understand how security fits into them.
- Security Assessments & Threat Modelling
- You can independently carry out security reviews, threat modelling, and technical assessments — and translate findings into clear, actionable recommendations.
- Coding / Scripting Ability
- You have working knowledge of scripting or programming (e.g., Python, Bash, JavaScript) and use it to automate or enhance security workflows.
- Pragmatic Problem Solver
- You’re able to navigate complex systems, balance trade-offs, and recommend solutions that are both secure and practical.
- Collaborative Mindset
- You see security as an enabler, not a blocker. You build strong relationships with engineers and stakeholders, influencing through partnership rather than process.
Tech Stack
- AWS
- Cloud
- JavaScript
- Python
- Terraform
Benefits
- Your wellbeing is important to us
- we provide private healthcare, 2 Wellness Days, an employee assistance program and a free online GP service.
- As part of our Financial Wellbeing, we provide competitive Compensation, an Employee Share Purchase Scheme, Pension, Life Assurance, and Income Protection.
- We help you travel by providing a bike to work scheme as well as tax saver transport tickets.
- We support the women who work in Phorest by offering 2 weeks leave for Fertility Treatment, Pregnancy Loss and Menopause.
- We care for your family and provide Enhanced Maternity and Paternity Benefits.
- We grow our own timber! We provide a great learning environment and extensive development opportunities. We run development programs and provide access to many online resources including LinkedIn learning.
- Moving house? Phorest employees get 3 moving days.