Senior Security Engineer

Job Title: Senior Security Engineer

Location: London/Hybrid (2 days per week in office located near Elephant and Castle)

As a Senior Security Engineer, you will be the driving force behind implementing, scaling, and maintaining secure-by-design patterns across our internal corporate/production infrastructure and customer-facing managed networking and security solutions. This is a high-impact technical role responsible for building the actual guardrails, secure automation pipelines, and technical controls that allow the business to scale rapidly and safely.

Platform & Infrastructure Hardening: Implement and maintain technical security controls across corporate, production, and platform layers (UCP/UAP/UOP). Build and enforce clear trust zones between management planes and customer environments.

Identity & Access Management (IAM): Execute and manage the IAM strategy, including the hands-on configuration of SSO, RBAC/ABAC, privileged access management (PAM) tools, and break-glass procedures for both users and automated workloads.

Secure Engineering Patterns: Deploy and maintain security-grade observability and logging systems. Build guardrails for secure automation, including secrets management infrastructure and immutable audit trails.

Solution Security: Actively harden major customer offerings—such as managed firewalls, ZTNA/SSE, and observability services—by creating and enforcing secure configuration baselines.

Assurance & Automation: Embed technical "security gates" directly into CI/CD pipelines and the product lifecycle. Help generate technical evidence and documentation to support customer-facing compliance and sales queries.

What Success Looks Like

Directly execute a pragmatic remediation roadmap based on our current security baseline.

Deploy and maintain standard "security-by-default" configurations for IAM, segmentation, and encryption that seamlessly integrate with Engineering and Ops workflows.

Measurably reduce material risks across the organization by eliminating identity sprawl, locking down privileged access, and closing logging gaps.

Who You Are

You are an enabling, not blocking engineer. You are a practical systems thinker who understands blast radius, failure modes, and how to build resilient systems without over-engineering them or disrupting engineering velocity.

Core Requirements:

Proven Experience: Strong track record in security engineering, covering both internal corporate systems and customer-facing managed services or SaaS environments.

IAM & PAM Expertise: Hands-on experience configuring and managing privileged access, identity lifecycle management, and automation identities.

Infrastructure & Cloud Security: Practical experience with network segmentation, data encryption, secrets management tools (e.g., HashiCorp Vault), and system hardening in cloud/hybrid environments.

Technical Collaboration: Ability to write clear, actionable documentation, runbooks, and threat models that engineering teams can immediately adopt.

High-Leverage Skills (Nice-to-Have):

Experience engineering security controls within an MSSP/MSP, Telecom, or Networking environment (e.g., Firewalls, VPNs, SD-WAN).

Experience building automated evidence pipelines for continuous control monitoring.

Familiarity with maintaining multi-tenant isolation patterns and analyzing supply chain security.