Software Engineer (Infrastructure Security, IAC, DevSecOps)

Software Engineer (Infrastructure Security, Iac, DevSecOps)
Salary upto £80,000 (depending on experience)
Fully Remote (work from home) - office based in London

A young London based startup in 3D design and augmented reality is looking for a cyber security engineer.

As a Infrastructure security engineer you’ll work closely with the platform team & perform security research / reviews, identify vulnerabilities, be hands-on with security assessments, and improve our application, system & infrastructure security.

Specific responsibilities will include:

• • Perform security research and reviews
  • Identify vulnerabilities in our current infrastructure
  • Provide hands-on support with customers' security assessments
  • Provide and manage the foundational infrastructure for other product squads to build upon
  • Automate access control and permission for our cloud infrastructure.

• You have experience in software engineering (we use Go and Java, but we're open to all backgrounds) and you're excited about solving large-scale infrastructure security problems.
• You’re comfortable securing cloud-based environments and networks, and wrangling with code at this level of abstraction.
• You’re passionate about security and understand best practices.
• You’re constantly looking for flaws in systems and can reason about how best to address them.
• You believe in infrastructure as code (we use Terraform) and push automation & tooling to reduce human errors, improve security and efficiency.

• Experience with infrastructure as code and familiar with modern tech stacks like Kubernetes, Docker, Helm, terraform
• Significant experience and detailed technical knowledge in multiple areas of: security engineering, system and network security, authentication and security protocols, cryptography, and application security
• Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, BGP and other routing protocols)
• Strong scripting skills in one or more of the common languages (e.g., Java, C#, Golang, javascript, shell scripting)
• Experience with SaaS security
• Experience with the application of threat modelling or other risk identification techniques
• Experience designing and/or reviewing the security of systems in conjunction with a development team
• Experience in risk identification, secure software design, secure architectures, security testing, or vulnerability detection or remediation
• Sharp analytical abilities and proven design skills