Security Engineer

Shieldpay
Charing Cross, United Kingdom
4 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Charing Cross, United Kingdom

Tech stack

JavaScript
Amazon Web Services (AWS)
Amazon Web Services (AWS)
Software System Penetration Testing
Continuous Integration
DevOps
Github
Identity and Access Management
Python
Pulumi
Scripting (Bash/Python/Go/Ruby)
Information Technology
Cloudflare
Terraform
Serverless Computing
Vulnerability Analysis
Go

Job description

We're seeking a hands-on Security Engineer to build scalable controls through code and automation. We treat security as an engineering challenge-focusing on IaC, reliable guardrails, and making "secure by default" easy for our teams.

We aren't looking for a "checkbox" security professional or someone who just quotes NIST frameworks. We need a builder. This role is for a technical engineer who views security as an engineering problem to be solved with code, not a set of documents to be filed. Whether you're a DevOps specialist with a "hacker" mindset or a Developer who's tired of building features and wants to start securing them, we want your technical foundation.

Responsibilities

  • Instead of manually reviewing logs, you'll be writing the scripts that automate threat detection.
  • Working within AWS and GCP to ensure our infrastructure is secure by design using Pulumi, CDK, or Terraform
  • Building and maintaining the CI/CD security gates that allow our dev teams to move fast without breaking things.
  • Getting hands-on with vulnerability scanning, occasional internal "red-teaming," and incident response when things get interesting.

Requirements

Do you have experience in Terraform?, * A solid background in Computer Science. You understand how systems talk to each other, how memory works, and why the "cloud" is just someone else's computer.

  • Automation First - you are proficient in at least one scripting language (Python, Go, JavaScript) and hate doing the same task manually twice.
  • You've spent significant time in AWS or GCP. You know your way around IAM, VPCs, and serverless environments.
  • You understand CI/CD using GitHub Actions and how to bake security into the deployment process.
  • You've configured and managed Cloudflare, CloudFront and AWS WAF and know how to defend against common web threats at the perimeter.

The 'nice to haves'

  • We don't necessarily expect you to arrive with a CISSP or a deep love for ISO. If you bring the engineering muscle, we will train you on Governance, Risk and Compliance
  • Previous experience in Penetration Testing or CTF competitions.
  • Exposure to Incident Response (knowing what to do when the alarm goes off).
  • Experience securing event-driven serverless workloads.

Apply for this position