Security Engineer

• Improve cloud security controls across AWS and Azure, including IAM policies, network segmentation, encryption standards, and logging.
• Integrate security tooling (SAST, DAST, dependency scanning) into CI/CD pipelines to shift security left in the development lifecycle.
• Triage, prioritise, and assisting remediation of CVEs - contributing code fixes directly to development projects when needed, not just raising tickets.
• Collaborate with platform and backend engineers on infrastructure-as-code reviews, container security, and secrets management.
• Support cloud hardening initiatives, including CIS benchmark compliance and ongoing posture monitoring.
• Participate in security reviews of new features, architecture proposals, and third-party integrations. Contribute to incident response processes, including root cause analysis and post-incident improvements.

• 3-5 years' experience in a security engineering, DevSecOps, or cloud security role.
• Solid working knowledge of AWS security services (GuardDuty, Security Hub, Config, IAM) and familiarity with Azure security controls.
• Practical experience with CI/CD tooling (e.g. GitHub Actions, Jenkins, GitLab CI) and embedding security checks into pipelines.
• Strong understanding of code management practices: branching strategies, pull request workflows, and dependency management.
• Ability to read, understand, and contribute to application code (Python, Java, TypeScript, or similar) to remediate vulnerabilities.
• Familiarity with container security (Docker, Kubernetes) and infrastructure-as-code
• Knowledge of common vulnerability frameworks (CVE, CVSS, OWASP Top 10) and secure coding principles. Good communication skills - you can explain a risk to a developer and help them fix it, not just flag it.

Additional skills you may have:

• Experience in financial services or a regulated environment.
• AWS or Azure security certifications (e.g. AWS Security Specialty, AZ-500).
• Familiarity with identity platforms such as Keycloak or AWS Cognito. Experience with security observability and SIEM tooling.

This is a remote first role but you will be expected to visit our London office from time to time. What we offer in return? Our commitment is to help you flourish in this role, through support with your professional development, opportunities to be involved in key projects, and exposure to challenges that you may not be offered in a larger organisation. We will provide:

• A competitive salary with annual reviews;
• 25 days' paid annual leave plus an additional day per year of service;
• Excellent staff development and training opportunities;
• Flexible working arrangements including remote working;
• Medical insurance;
• Life insurance, for UK based employees;
• Dental insurance;
• EV Scheme and Cycle to work scheme;
• Enhanced maternity and paternity leave; 1 day off for charity work per quarter and many other benefits!

MillTech is a FinTech company specialising in FX and cash management automation solutions. We build the technology that powers mission-critical currency operations in the worlds largest financial market. Our platform and security teams work at the intersection of cloud infrastructure, security, and software delivery to keep those systems resilient, compliant, and fast.