Senior Platform Security Engineer

The Foundation teams build the "paved road" for all engineers at our company, creating the tools and infrastructure that empower our product teams to ship secure software, fast with very little friction. You will be a builder, embedding security directly into the fabric of our platform and making "shifting left" a practical reality.

This is a unique opportunity to own the security from the ground up, ensuring our tools and infrastructure are secure by default. Youll get to partner closely with our central InfoSec team for strategic guidance while being technically responsible for implementing security solutions as a member of the Platform team. You'll help the team spot potential vulnerabilities before they reach production and coach engineers on secure coding practices.

We are committed to building a diverse and inclusive team. We believe that different perspectives and backgrounds are what make our company and our products stronger.

What Youll Do

• Architect Secure Foundations: You help the platform team to own the security of our developer platform. This includes designing, building, and maintaining security controls and services within our CI/CD pipelines.

• Secure Our Infrastructure as Code (IaC): Partner with your Platform teammates to be the subject matter expert for securing our Terraform modules and cloud environments (AWS, Azure). Youll focus on preventing misconfigurations before theyre deployed.

• Incident Response and Operations: Participate in the teams on-call rotation, including out-of-hours coverage to support platform availability and security. We strive to keep our rotation sustainable and low-noise to respect your work-life balance. You will assist in troubleshooting critical issues, lead the response for security-specific incidents. Crucially, we believe in a blameless culture, so you will drive post-mortems focused on learning and preventing recurrence

• Build a Secure "Paved Road": Seamlessly integrate and orchestrate security testing (SAST, DAST, SCA, container scanning) into developer workflows. The goal is to make security testing a self-service, low-friction part of the development lifecycle.

• Enable Vulnerability Remediation: Develop tools and processes to help engineering teams triage, prioritise, and remediate vulnerabilities. Your focus will be on automating discovery and providing clear, actionable context to developers.

• Implement Platform-Level Detection: Leverage our cloud security and observability platforms to build robust, automated threat detection and response capabilities for the platform itself.

• Be a Security Partner: In partnership with Infosec team, act as a primary security consultants for our developers. Youll provide expert guidance on secure coding (Elixir, TypeScript/Node, Python), secret management, and securing our event-driven architecture and AI services.

• Govern Emerging Technologies: Help architect and implement our AI Management System, ensuring our innovative AI services are built on a secure foundation that meets governance standards like ISO42001.

Were looking for someone who is excited about building secure systems and empowering other engineers. Your background might be in Software Engineering, Platform Engineering, or Cloud Security. Were more interested in your skills and passion than a specific job title.

What were looking for:

• A "Builder" Mindset: You have strong coding and scripting skills (e.g., Python, TypeScript/Node) and a passion for automating everything.

• Cloud & Infrastructure Experience: You have experience building and securing modern cloud-native infrastructure, including CI/CD pipelines (like GitHub Actions), cloud environments (AWS/Azure), and Infrastructure as Code (like Terraform).

• Application Security Knowledge: You have a solid understanding of the AppSec landscape and practical experience integrating tools (SAST, DAST, SCA) into developer workflows.

• A Collaborative Partner: You have excellent communication skills. You enjoy collaborating with engineering teams and translating complex security concepts into clear guidance.

• Observability-Driven: You have experience using security and monitoring platforms (like Datadog) to detect and respond to threats.

Bonus points if you have:

• Familiarity with Privileged Access Management (PAM) solutions like Delinea Secret Server or HashiCorp Vault.

• Experience securing event-messaging platforms (e.g., CloudAMQP, RabbitMQ).

• Familiarity with the Elixir programming language.

• A background in securing AI/ML pipelines or services.

• Knowledge of governance standards like ISO42001.

• Relevant industry certifications (e.g., AWS Certified Security - Specialty, AZ-500).

£67,868 per year - estimated ? Full time NEW

Our upskilling apprenticeships are designed for people of any age and career stage to build critical AI, data, and tech skills. Our learners have driven $2bn+ ROI for their employers, using the skills they've learned to improve productivity and measurable performance.

In June 2022, we announced a $220 million Series D funding round co-led by StepStone Group, Lightspeed Venture Partners and General Catalyst. With a post-money valuation of $1.7bn, the round makes us the UK's first EdTech unicorn.

But we aren't stopping there. With a strong operational footprint and 800+ employees, we have ambitious plans to continue scaling. We're building a world where tech skills unlock people's potential and output.

Join Multiverse and power our mission to equip the workforce to win in the AI era., * Time off - 27 days holiday, plus 5 additional days off: 1 life event day, 2 volunteer days, 2 company-wide wellbeing days (M-Powered Weekend) and 8 bank holidays per year

• Health & Wellness- private medical Insurance with Bupa, a medical cashback scheme, life insurance, gym membership & wellness resources through Wellhub and access to Spill - all in one mental health support

• Hybrid work offering - we collaborate in the office 3 days per week

• Work-from-anywhere scheme - youll have the opportunity to work from anywhere, up to 10 days per year

• Team fun - weekly socials, company wide events and office snacks!