Infrastructure Security Engineer

Senior Infrastructure Security Engineer

What you will do

• Design, build, and implement security controls, automation, and processes across product, platform, and infrastructure environments.
• Identify operational and technical security gaps, propose solutions, and drive engineering initiatives to close them.
• Collaborate with the SRE and engineering teams to integrate security into CI/CD pipelines, deployment workflows, and cloud-native architectures.
• Build automated tooling and services to enforce secure configurations, detect misconfigurations, and support continuous compliance.
• Assist in threat modeling, design reviews, and architectural assessments for new and existing systems.
• Contribute to internal security documentation, best practices, and developer guidance.
• Participate in security incident response when engineering expertise or automation support is needed.

What you will need

• 4+ years of experience in security engineering, platform security, or DevSecOps roles.
• Hands‑on experience implementing security controls and automation within cloud environments; GCP or AWS are preferred.
• Proficiency in modern scripting, automation and infrastructure as code e.g. Python, Bash, Go, Terraform, or similar.
• Ability to collaborate closely with engineering teams and translate security requirements into practical, scalable solutions.
• Strong analytical and problem‑solving skills, with a bias toward automation over manual workflows.
• Curiosity, ownership, and a drive to continuously improve the security posture of complex systems.
• Familiarity with some of the following: Cloudflare (DDoS protection, WAF), OSS SIEM tools (Splunk, Elastic, etc), Incident management platforms (e.g. Incident.io, PagerDuty).
• Familiarity with at least one of the following CI/CD systems (Github Actions, Concourse, CircleCI).
• Familiarity with maintaining HIDS systems (Wazuh preferred).

Nice to have

• Knowledge of security standards and governance frameworks (e.g., CIS Benchmarks, NIST, SOC2, ISO 27001, PCI DSS) and how to operationalize them.
• Hands‑on experience with building and maintaining a SIEM comprised of open‑source and hosted components.
• Experience securing consumer‑facing web and iOS / Android applications.
• Experience designing policies and administering Vault & other Hashicorp products.
• Experience managing security vendors.

Compensation & Perks

• Full‑time salary based on experience and meaningful equity in an industry‑leading company.
• This role is based in our London office, with a mandatory in‑office presence four days per week.
• Work from Anywhere policy – you can work remotely from anywhere in the world for up to 20 days per year.
• ClassPass.
• Unlimited vacation policy; work hard and take time when you need it.
• Apple equipment.
• The opportunity to be a key player and build your career at a rapidly expanding, global technology company in an emerging field.
• Flexible work culture.

#J-18808-Ljbffr…