Key skills
AngularAWSCloudCDNCloudflareCI/CDPenetration TestingNetwork SecurityZero TrustWAF
About this role
Role Overview
- Design and implement security solutions to protect systems, networks, and data from cyber threats across our cloud and application ecosystem.
- Embed Security into Workflows (DevSecOps): Work directly with engineering teams to integrate automated security scanning (SAST, DAST, SCA) and validation into CI/CD pipelines.
- Cloud Infrastructure Security: Implement security controls as code (Infrastructure as Code) to ensure our AWS environment is secure by default, including container hardening and network security groups.
- Network & Web Security: Manage and optimize our Cloudflare implementation, including WAF, Zero Trust, and CDN tooling to protect our web applications.
- Vulnerability Management & Incident Response: Monitor security systems, act as the primary responder for security incidents, and conduct regular security assessments, threat modeling, and code reviews.
- Champion Security Culture: Act as a security consultant and mentor to software engineers, promoting secure coding practices and fostering a culture of technical excellence.
- Manage External Testing: Coordinate and assist in running penetration testing, bug bounty programs, and red teaming exercises.
Requirements
- Proven hands-on experience as a Security Engineer, DevSecOps Engineer, or similar technical security role.
- Strong background in Software Engineering, with proficiency in programming/scripting languages to build automation and understand complex codebases. (Familiarity with Angular is highly beneficial as it is used within our estate).
- Extensive hands-on experience securing AWS cloud environments.
- Proven experience implementing, configuring, and managing Cloudflare (WAF, CDN, Bot Management).
- Deep understanding of modern engineering practices, Infrastructure as Code (IaC) mindsets, and CI/CD pipelines.
- Strong analytical and problem-solving skills with a methodical approach to troubleshooting complex security issues.
Tech Stack
- Angular
- AWS
- Cloud
Benefits
- Up to 33% annual bonus for being awesome
- 25 days holiday, increasing with length of service up to 30 days, plus bank holidays
- Private Medical Insurance
- £1,500 training budget per year, to ensure you grow as we do
- EV Salary Sacrifice Scheme
- Pension scheme, up to 8% matched contributions
- Enhanced parental leave
- Cash back health plan
- Lots of our people work flexibly in many different ways, including part-time, flexitime and hybrid working.