Senior Platform Engineer (DevSecOps)

We are looking for a Senior Platform Engineer specialising in security to join our Platform team and take ownership of our security posture across both our AWS environment and our software development lifecycle.

This is a hands-on role focused on building secure-by-default systems, not enforcing process. You will design and implement the guardrails, tooling and patterns that allow our engineers to move quickly without compromising on security.

You'll work closely with engineering teams across the business, as well as our Head of IT & Information Security, to prioritise and deliver the most impactful improvements to our security posture and support our ongoing SOC 2 maturity.

You'll spend your time on things like:

• Designing and implementing security guardrails across our AWS multi-account environment (IAM, networking, data protection, logging)
• Building and maintaining policy-as-code and infrastructure-as-code (Terraform) to enforce secure defaults
• Improving our software supply chain security (dependency scanning, build integrity, secrets management)
• Embedding secure development practices into our engineering workflows (CI/CD, GitHub Actions, code review patterns)
• Driving visibility and detection through logging, monitoring and alerting
• Partnering with engineering teams to threat model new systems and ensure secure design from the outset
• Working with our Head of IT & Information Security on SOC 2 controls and broader security strategy

This role will be a great fit if you:

• Have experience owning or significantly improving the security posture of a cloud-based platform (ideally AWS)
• Are comfortable designing systems, not just configuring tools
• Have strong experience with Infrastructure as Code (Terraform) and CI/CD systems (e.g. GitHub Actions)
• Understand modern application and supply chain security, and know how to implement it pragmatically
• Are opinionated about how to balance security with developer experience
• Communicate clearly and can influence engineers across the organisation
• Take ownership of problems end-to-end, from identification through to implementation

Bonus points:

• Experience working in a regulated environment (e.g. SOC 2)
• Experience in fintech or data-heavy platforms

9fin is the AI platform powering global debt markets - the world's largest asset class at over $145 trillion. Debt markets are vast, global, and mission-critical, yet still run on fragmented data, PDFs, and manual workflows. 9fin replaces this broken infrastructure with a single platform that centralises proprietary credit data, deep analysis, and high-value workflows across global markets. Today, 9fin powers teams at 300+ blue-chip institutions worldwide, including global banks, asset managers, private equity firms, law firms, and advisors. The business is scaling at exceptional speed, with rapid expansion in the US and best-in-class retention driven by deep workflow adoption. We're at a defining inflection point. With proven product-market fit and strong, global market pull, 9fin is accelerating toward becoming the category-defining platform for debt markets worldwide.