Product Security Engineer

We have an great career opportunity for an experienced Mid-level Product Security Engineer with a background in cloud-based (AWS & Azure) & on-prem infrastructures and automation to join one of the most prestigious e-commerce and tech companies.

• Multi-million £ brand with a firm lead in their market against the competition (seriously, it's not even close)
• Multi-award-winning platform on an extraordinary Journey.
• Oversee, Maintain, and Upkeep Customer/Client Data.

Core tasks:

• Utilise your advanced security knowledge.
• Manage Cloud-based & on-prem infrastructures.
• Be the risk manager and automation advocate we need.
• Help us safeguard customer/client data with your expertise.

Location: Farringdon Office (2 days in-office) - Must be based in the UK without visa/sponsorship requirements

What will you be doing?

• Shape the product security roadmap and strategy.
• Enhance and innovate security tools in DevOps pipelines.
• Educate and empower teams on security best practices.
• Design preventive and detective security controls in an agile environment.
• Drive security testing through structured and exploratory methods.
• Provide expert support during incidents and crisis management.
• Work closely alongside the rest of the product security team and test the effectiveness of safeguards through tests
• Establish yourself as a security advocate and encourage others to spot potential pitfalls and remedy them.

With the brand well known for experimenting with new tech/architectures (backed by a system that can quickly pivot and handle changes), they’re in a unique position of already being an established name across UK households. With visibility and recognition already established, it’s all about innovating on their SDLC and ensuring any potential vulnerabilities are reduced through shifting left.

It's a great opportunity with a ton of cool projects and tech you’ll be working with. To succeed you’ll need:

• Strong application security knowledge (e.g., OWASP).
• Familiarity with cloud platforms (AWS, Azure, GCP).
• Proficiency in IaC tools (Terraform, CloudFormation) for security deployment.
• Experience extracting metrics from security tools.
• Expertise in securing microservices and APIs.
• Deep understanding of secure coding, SDLC, and engineering integration.
• Hands-on experience with SAST/DAST in CI/CD.
• Knowledge of WAFs, vulnerability scanners, and security tools.
• Understanding of cryptography, authentication, and authorisation.

Next Steps:

Please note, with this role based in Farringdon, applicants must be UK based and able to work without visa/sponsorship requirements

If you’re a dynamic and hard-working individual who enjoys nurturing talent, do not miss out on this fantastic opportunity!