Partner Company logo
Partner Company

Senior Security Engineer

🕐 11 dias atrás📍 UK🌍 Remoto
Candidaturas encerradasVer outras vagas

Accountabilities

You will own and continuously improve the security posture of the platform, with a strong emphasis on application security, cloud security, and secure software delivery. This includes both building security capabilities and embedding them directly into engineering workflows.

  • Lead application security efforts across the product, including threat modeling, secure design reviews, and hands-on vulnerability remediation with engineering teams.
  • Design, implement, and maintain secure SDLC practices by embedding security into CI/CD pipelines, including SAST, DAST, dependency scanning, and secrets detection.
  • Build and manage security tooling and policy-as-code controls across Terraform/Terragrunt-based infrastructure pipelines.
  • Identify, validate, prioritize, and remediate vulnerabilities across applications, APIs, cloud infrastructure, and third-party integrations.
  • Own cloud security across AWS and Kubernetes, including IAM design, network security, encryption, logging, and configuration drift management.
  • Develop and tune detection and response capabilities using tools such as CloudTrail, GuardDuty, and Security Hub, and lead security incident response activities.
  • Drive SOC 2 and ISO 27001 compliance programs, including control design, audit coordination, and documentation ownership.
  • Support customer trust initiatives by responding to security questionnaires and explaining technical controls during audits and evaluations.
  • Manage and mentor an internal Security Engineer responsible for corporate IT, identity, and endpoint security.

Requirements

You are a hands-on security engineer with deep technical expertise in cloud and application security, comfortable operating directly within code, infrastructure, and CI/CD pipelines. You combine strong execution skills with the ability to guide security strategy in a product-driven environment.

  • 5+ years of experience in security engineering, application security, DevSecOps, or cloud security roles.
  • Strong hands-on experience with AWS and Kubernetes security in production environments.
  • Deep understanding of secure SDLC practices and CI/CD security integration.
  • Ability to read, review, and work directly with application code and APIs for security remediation.
  • Experience implementing SAST, DAST, container scanning, and secrets management tools.
  • Proven experience with SOC 2 and/or ISO 27001 compliance programs, including audit collaboration.
  • Strong knowledge of IAM, network security, encryption, logging, and cloud security posture management.
  • Experience working with incident response, detection engineering, and security monitoring tools.
  • Leadership experience, including mentoring or managing security engineers.
  • Strong communication skills, able to translate technical risk for engineers, leadership, and auditors.
  • Comfortable working in Atlassian tools (Jira, Confluence) and modern SaaS engineering environments.
  • Open and practical mindset toward AI tools and their use in security workflows.

Benefits

  • Fully remote-friendly role with flexible working arrangements.
  • Competitive compensation aligned with market standards.
  • Wellness programs and employee support initiatives.
  • Strong focus on learning, certifications, and professional development.
  • Inclusive, collaborative, and mission-driven work culture.
  • Opportunity to work on high-impact cybersecurity problems at scale.
  • Employee recognition programs and long-term growth opportunities.

🇧🇷 Essa vaga exige inglês. Você está pronto?

A DevSpeak Academy prepara desenvolvedores brasileiros para conquistar vagas internacionais. Domine o inglês técnico com professores que entendem o mundo dev.

Conheça a DevSpeak Academy
Candidaturas encerradasVer outras vagas