Senior Security Engineer

About the role

You’ve seen enough misconfigured IAM policies to last a lifetime. We need someone who can fix them and make sure they stay fixed. You’ll lead security across our client engagements, from threat modelling to cloud infrastructure hardening, application security, and compliance. No theatre, no ticking boxes. Real security that works.

What you’ll do

• Conduct security assessments and penetration testing for client environments
• Design and implement security architectures on AWS
• Build automated security scanning into CI/CD pipelines
• Advise clients on compliance frameworks (SOC2, ISO 27001, Cyber Essentials)
• Develop security policies, runbooks, and incident response plans
• Mentor the team on security best practices
• Lead threat modelling sessions with client engineering teams

What we’re looking for

• 5+ years of security engineering or InfoSec experience
• Deep knowledge of AWS security services (GuardDuty, Security Hub, IAM, KMS)
• Experience with container security (image scanning, runtime protection, network policies)
• Familiarity with IaC security (tfsec, Checkov, or similar)
• Understanding of OWASP Top 10 and application security fundamentals

Nice to have

• Relevant certifications (AWS Security Specialty, CISSP, CISM, CEH)
• Experience with SIEM platforms (Splunk, Elastic, or AWS-native)
• Penetration testing or red team experience
• Kubernetes security (OPA/Gatekeeper, Falco, network policies)
• Incident response and forensics experience

What we won’t ask you to do

• Produce security reports designed to terrify rather than inform
• Say yes to everything because the deadline is tight
• Sit in meetings where nobody understands what you’re talking about (we listen)
• Pretend a checkbox exercise counts as security
• Sign off on something you know is wrong