Key skills
CloudDistributed SystemsJavaJavaScriptMicroservicesPHPPythonSDLCC++CCollaborationOWASP
About this role
Role Overview
- Design, build, and maintain security tooling and automation to protect applications, infrastructure, and data.
- Integrate security into the software development lifecycle (SDLC), particularly across modern web stacks.
- Conduct code reviews, threat modelling, and architecture assessments to strengthen system security.
- Identify and remediate vulnerabilities across applications, APIs, and services.
- Partner with development teams to promote and improve secure coding practices.
- Support and optimise application security tools (e.g. SAST, DAST, dependency scanning).
- Help secure cloud-native and distributed systems at scale.
- Take ownership of reducing security debt—working with engineers to design, track, and implement effective fixes.
- Act as an escalation point for security incidents identified by our managed SOC.
- Lead or support incident response, investigation, and remediation efforts.
- Contribute to maintaining security frameworks such as ISO 27001 and PCI DSS.
- Champion security best practices across the organisation through training and collaboration.
Requirements
- Degree in Computer Science, Software Engineering, or equivalent practical experience.
- Around 3–6 years of experience in software engineering, security engineering, or a related field.
- Hands-on experience securing modern applications and distributed systems.
- Strong understanding of: Application security principles and common vulnerabilities (e.g. OWASP Top 10).
- Authentication, authorisation, and security protocols.
- Applied cryptography fundamentals.
- Experience with one or more programming languages such as: JavaScript (essential for modern web applications).
- Python, Java, C/C++, PHP or similar.
- Ability to read, write, and review code from a security perspective.
- Familiarity with cloud environments, APIs, and microservices architectures.
- Experience defending against real-world attack vectors across multiple domains.
- Understanding of endpoint, network, and application security.
Tech Stack
- Cloud
- Distributed Systems
- Java
- JavaScript
- Microservices
- PHP
- Python
- SDLC
Benefits
- Private health insurance
- Wellness incentives, including a fitness allowance and mental well-being services
- Flexible national holidays: public holidays mean more time off, choose how and when to enjoy them!
- 2 weeks Work From Anywhere (10 days), increased to 4 weeks (20 days) after longer duration of employment within the Company: explore the world while working remotely
- Gourmet lunches and healthy snacks prepared by our in-house chef
- Variety of discounts from local vendors
- Access to some of the greatest tools and platforms for developing your professional skills and building success within your role
- A range of training courses, known as Casumo College, for continuous learning and growth
- Social events for building strong relationships with colleagues from all across the organisation