Home
Jobs
MRJ Recruitment
Product Security Engineer

Product Security Engineer

On site

Farringdon, United Kingdom

£ 75,000 / year

Full Time

12-03-2025

Share this job:

Score my CV Apply

Job Specifications

We have an great career opportunity for an experienced Mid-level Product Security Engineer with a background in cloud-based (AWS & Azure) & on-prem infrastructures and automation to join one of the most prestigious e-commerce and tech companies.

Multi-million £ brand with a firm lead in their market against the competition (seriously, it's not even close)
Multi-award-winning platform on an extraordinary Journey.
Oversee, Maintain, and Upkeep Customer/Client Data.

Core tasks:

Utilise your advanced security knowledge.
Manage Cloud-based & on-prem infrastructures.
Be the risk manager and automation advocate we need.
Help us safeguard customer/client data with your expertise.

Location: Farringdon Office (2 days in-office) - Must be based in the UK without visa/sponsorship requirements

Salary: £75k + Bonus!

What will you be doing?

Shape the product security roadmap and strategy.
Enhance and innovate security tools in DevOps pipelines.
Educate and empower teams on security best practices.
Design preventive and detective security controls in an agile environment.
Drive security testing through structured and exploratory methods.
Provide expert support during incidents and crisis management.
Work closely alongside the rest of the product security team and test the effectiveness of safeguards through tests
Establish yourself as a security advocate and encourage others to spot potential pitfalls and remedy them.

With the brand well known for experimenting with new tech/architectures (backed by a system that can quickly pivot and handle changes), they’re in a unique position of already being an established name across UK households. With visibility and recognition already established, it’s all about innovating on their SDLC and ensuring any potential vulnerabilities are reduced through shifting left.

It's a great opportunity with a ton of cool projects and tech you’ll be working with. To succeed you’ll need:

Strong application security knowledge (e.g., OWASP).
Familiarity with cloud platforms (AWS, Azure, GCP).
Proficiency in IaC tools (Terraform, CloudFormation) for security deployment.
Experience extracting metrics from security tools.
Expertise in securing microservices and APIs.
Deep understanding of secure coding, SDLC, and engineering integration.
Hands-on experience with SAST/DAST in CI/CD.
Knowledge of WAFs, vulnerability scanners, and security tools.
Understanding of cryptography, authentication, and authorisation.

Next Steps:

Please note, with this role based in Farringdon, applicants must be UK based and able to work without visa/sponsorship requirements

If you’re a dynamic and hard-working individual who enjoys nurturing talent, do not miss out on this fantastic opportunity!

About the Company

Here at MRJ We power startups, scaleups and global giants across the UK & Europe with great talent, enabling them to scale their technology & product teams, quickly. Why work with us? Three products. One result. We're more than just your average agency. What matters to you, matters to us and we tailor our solutions to fit with your hiring needs. Our Talent Partners live and breathe your brand, creating a genuine partnership with you. We replace the "us" and "them" divisions of traditional recruitment with a single, un... Know more

Related Jobs

Company Name: Jagex
Job Title: Senior Cyber Security Manager - GRC
Job Description: Are you a GRC specialist? Want to play a crucial role in the development, implementation, and management of the Jagex's Governance, Risk, and Compliance (GRC) framework? Want to do that for one of the worlds leading online games companies? This position will report to the Director of Cyber Security to ensure the company's information security policies and practices align with both industry regulations and internal strategic objectives, particularly focusing on supporting game development processes. This is an opportunity What you'll be doing{{:} }GRC Framework Development{{: } } Develop and implement a comprehensive GRC framework that aligns with industry standards such as ISO 27001, NIST CSF, PCI-DSS, and GD P R Manage and update the information security policies, ensuring they are current and relevant to evolving ris k s Ensure alignment with legal, regulatory, and contractual obligations specific to the game development indust r y Oversee the creation, implementation, and regular review of security policies, standards, and procedur e s Collaborate with business units to ensure that policies are understood, accessible, and appropriately enforc e d Risk Management{{ : }} Identify, assess, and manage technical and non-technical security risks associated with game development, live operations, and supporting infrastruct u re Develop risk treatment plans, work with game development teams to mitigate identified risks, and track remediation effo r ts Compliance & Audit Management{ { :}} Lead internal and external audits for compliance certifications, ensuring successful completion with minimal business disrup t ion Manage the lifecycle of compliance initiatives such as PCI-DSS, GDPR, and other regional requirements affecting game development operat i ons Stay informed of industry trends and changes in regulations that may impact security compliance eff o rts Training & Awareness{ {:}} Develop and deliver a security awareness program that targets various departments, with an emphasis on secure coding and game development prac t ices Ensure continuous education across the company on security policies, risks, and compl i ance Vendor & Third-Party Risk Management { {:}} Evaluate the security posture of third-party vendors and partners, ensuring their practices align with the company's security po l icies Oversee the third-party risk management process, conducting vendor security assessments and managing associated risks What you'll nee d {{:}} Extensive experience in a GRC role within the gaming, technology, or software development ind u stries Proven experience in managing security policies, risk assessments, and compliance programs (such as ISO 27001, PCI-DSS, GDPR , etc.) Knowledge & Skil l s{{:}} Deep understanding of governance, risk, and compliance processes as they relate to game dev e lopment Strong knowledge of security frameworks and standards like ISO 27001, NIST CSF, SOC 2, a nd GDPR Experience leading security audits and working with both internal and external a uditors Strong risk management skills, including conducting risk assessments, developing treatment plans, and overseeing remediation efforts Excellent written and verbal communication skills, with the ability to convey complex security topics to technical and non-technical stak e holders Relevant security certifications such as CISA, CISM, CRISC, or ISO 27001 Lead Imp l ementer Soft Ski l ls{{:}} Strong leadership and project management abilities, with a track record of managing cross-functio n al teams High attention to detail, proactive in identifying risks, and a solution-oriented approach Ability to thrive in a dynamic, fast-paced game development en v ironment What we o ffer{{:}}When you join Jagex you can look forward to a generous Perks & Benefits package incl u ding{{:}} Private Healthcare, including D ental Plan Minimum 6% Pension co n tributions Employee Assistance Programme & onsite C ounselling Lif e Insurance Discretionary annual perfor m ance bonus Enhanced family leave policies from day 1 Flexible wo r king hours 25 days annual leave + Bank holidays & the option to buy/sell holidays + so much more! Please note that due to us approaching the Christmas & New Year break, we have many people among the hiring teams who are on annual leave or will be absent due to the studio closing over the holi day period.This means that, in most cases, applications made during December are unlikely to proceed to interview until January 2025. We appreciate your patience during this time. Collaboration is at the heart of Jagex. We love getting together with our teams to share ideas and socialise.Flexibility really is the key to how we set up working schedules, we'll discuss your needs with you and be transparent about the working schedules of the team you'll be working with during our intervi e w process. About Jagex{{:}}Make forever ga mes with us.Jagex is a thriving international games company with a growing library of forever game IPs for core gamers. We have such huge expertise at running games for the long term that we re-define expectations for what evergreen success looks like.We create spaces for our players to come together - with each other and with us - inside and outside of our games. We empower our players with real influence on the game's evolution. We help our players belong. Our community experiences give players a greater stake in what they're playing, creating loyal f orever fans.These strengths inform our vision of our studio as a thriving international games company with a growing library of forever game IPs for core gamers. Our forever games will nurture sizable communities whose loyalty provides consiste nt revenues.This in turn drives our mission{{:}} We create forever fans by empowering our community. We give players experiences worthy of their long-term time investment and actively collaborate with them to shape the games and the community fo r the better.If this is something you want to be a part of, get in touch.We have 500 of the industry's most talented individuals in our Cambridge studio; if you share our values and ambition, we'd love to talk to you. Worried you don't meet all the requirements in the spec? Your attitude, fresh perspective and experience is just as important to us; if you think this could be the perfect job for you , let's talk.

Cambridge, United Kingdom

Hybrid

Full Time

11-03-2025

Company Name: Mytos
Job Title: Senior Software Engineer (Platform & Security)
Job Description: About Mytos You rarely get the chance to change an entire industry. But that's the position we find ourselves in. Join us, and you’ll unleash scientists, accelerate their research and help get cures to patients sooner. We’ve developed machines to fully automate human cell production - the most manual process in Biotech. Cells are used to discover and develop new drugs, and now they're being cure diseases like Parkinson’s and age-related blindness. Mytos will impact cure development across the board. We're live in multibillion dollar biotechs on both coasts of the US, and raised $19m to expand into the market faster, and accelerate our development! Next year, neurons grown on our machines will be going into Parkinson patient brains. We’ve assembled a world-class team to take on this challenge, with ex-Dyson engineers and Nature-published scientists working hand-in-hand. You can learn more about your potential Mytos teammates here: Team Mytos is backed by Y Combinator, the most successful startup program in the world which produced companies such as AirBnb, Dropbox, and Ginkgo Bioworks. The Role As a Senior Software Engineer focused on Platform & Security, you'll take a leading role in evolving and maturing our security and compliance posture while building robust infrastructure for our cell manufacturing platform. Mytos is already SOC 2 Type 2 audited, but as our our customers move from research into production of cell therapies, they need our technology to be suitable for GMP environments. In this role, you'll be responsible for designing and implementing the infrastructure, processes, and features needed to support cell therapy manufacturing in regulated environments. You'll create elegant solutions that are secure, compliant, and reliable without sacrificing the speed and flexibility that make Mytos successful — enabling scientists to develop breakthrough therapies with confidence. What you'll do Build and maintain secure, scalable infrastructure for our distributed system, which spans cloud services and on-premise hardware Represent Mytos to customers' executive, security, and quality teams, effectively communicating our approach to security, compliance and risk management Own Mytos' information security program (e.g., SOC 2, ISO 27001) and work cross-discipline to bring the business and product into GMP environments Develop automated testing and validation strategies that build quality into our development process rather than bolting it on afterward Streamline our deployment processes enabling both rapid development and stable validated environments for manufacturing customers Implement and improve security practices, including code scanning, access controls, and audit logging, ensuring compliance with industry standards Build core product features like electronic signatures, audit logging, and data traceability for customers based on your own user research Collaborate with cross-functional teams to build a Quality Management System that aligns with regulatory requirements whilst preserving our engineering culture Develop core architecture improvements for system reliability, database performance, API security, and distributed system design Mentor the team on security and quality best practices, helping to build a culture where compliance is a natural outcome of good engineering Must-haves Experience with cloud infrastructure and DevOps practices (AWS preferred) Experience implementing and maintaining security controls and compliance frameworks Proficiency with infrastructure-as-code and GitOps methodologies Strong fundamentals in API design, databases, networks, and distributed systems Experience with CI/CD pipelines and automated testing TypeScript and Node.js proficiency in production environments Understanding of security principles and experience implementing them in production systems Ability to communicate complex technical concepts to non-technical stakeholders and interface directly with vendors and customers At least one of these areas Compliance framework experience: Implementation or maintenance of ISO 27001, ISO 9001, SOC 2, or similar frameworks Regulated industry background: Experience in healthcare, finance, or other regulated domains that required balancing innovation with compliance Lifecycle management expertise: Experience designing systems that maintain both rapidly changing and stable validated components Quality systems implementation: Experience building automated quality checks, validation frameworks, or similar systems Nice-to-haves Knowledge of relevant standards and compliance frameworks (e.g. ISO 27001, SOC 2, ISO 9001, GAMP 5, FDA 21 CFR Part 11, ALCOA+, BS 10008) Experience with regulated environments (GMP, HIPAA, etc.) Understanding of hardware-software integration Experience with containerisation and orchestration (Docker, Kubernetes) Experience with Python for tooling or data processing Background in manufacturing or laboratory automation Experience with database performance optimisation and data integrity enforcement Why You'll Love Working Here Impact: Your work will directly enable the production of cell therapies that can transform patients' lives. Growth: We're solving complex problems at the intersection of software, hardware, and biology—you'll constantly learn and develop new skills. Autonomy: You'll have the freedom to shape our approach to GMP readiness, with support from a talented cross-disciplinary team. Team: Work with the best engineers and scientists in a collaborative environment where diverse perspectives drive innovation. Salary and Benefits Competitive salary with stock options Lunch covered daily in-office with team Collaborative team environment with very high potential to learn new skills 32 days holiday (bank holidays, end-of-year closure, and 21 days discretionary PTO) Pension Awesome colleagues and an office in the Imperial College Innovation hub in White City, where you'll be based We're building a team that enjoys moving fast, strives for continuous improvement through learning from mistakes, and is passionate about work that contributes to solving real world problems. No GMP experience? No problem! We want someone who is motivated to deliver an innovative product into a regulated space with creative, efficient solutions. If you're excited about solving interesting problems at the intersection of software, hardware, and biology while helping us prepare for the next phase of our growth, we want to hear from you!

London, United Kingdom

On site

Full Time

11-03-2025

Company Name: Ultima
Job Title: Security Engineer
Job Description: Security Engineer Location - Hybrid - Belfast KEY ACCOUNTABILITIES / ROLE PURPOSE For over 30 years Ultima has offered end to end solutions for clients across the globe including Fulfilment, Managed & Professional Services as well as innovation via our Ultima Labs division. Our Managed Services division is in a period of extensive growth; we utilise cutting edge technology & solutions to deliver a world class service to our clients. The Security Engineer will be responsible for ensuring all devices are patched and protected in compliance with industry standards and regulations on a schedule agreed with client as well as assisting the Deskside Support teams with security and patching related escalations. Engagement with client to investigate, present and implement project deliverables in line with the skills and experience of the role. The Engineer will be completely self-motivated with an ongoing desire to maintain and expand their knowledge with a focus on quality in line with Ultima's ISO certification and commitment to its clients. The candidate will be required to primarily work from within Ultima’s ITSM platform aligned with ITIL principles to troubleshoot and resolve incidents, along with completing service and change requests based on the associated Managed Service contract of the client. MAIN DUTIES AND RESPONSIBILITES Actively strive to improve technical ability through self-study, organised in-house training and attendance of external courses Continuously contributing to the Ultima Knowledge base with new/repeatable fixes and suggested edits to existing content. Contribute to the continuous service improvement plan for the team processes and procedures. Perform a series of routine proactive checks to ensure the prevention of incidents and service interruption. Escalate issues to relevant Partners, Internal Teams and Client Escalation contacts in line with the P1 Incident Management process. Act as a point of escalation for the wider team as well as to the Service Desk Teams for infrastructure and complex end user incidents. Prioritise and respond to incoming requests ensuring ITIL best practice ticket management is adhered to. Providing technical assistance to a key Ultima client and their IT teams in line with the agreed SLA’s. To always represent Ultima to our client in the most professional way and continually demonstrate our core company values. Supporting the Team Lead in the identification and delivery service improvement initiatives. Ensure that all assigned activities are approached and handled in a consistent logical way and, where possible, in line with the appropriate Standard Operating Procedures and/or Company (ISO) quality standards To always represent Ultima to our client in the most professional way and continually demonstrate our core company values. Additional activities and responsibilities not covered within the above may also be required as part of specific projects or the wider role of a Senior Technical Support Engineer ESSENTIAL KNOWLEDGE, SKILLS & EXPERIENCE To be knowledgeable and able to demonstrate in depth technical understanding across several of the skills and technologies below: General Microsoft Azure Platform knowledge and specifically around - Microsoft Azure Update Manager Concept of IaC (Infrastructure as Code) Deployment of AUM Maintenance Configurations AUM Configuration, Reporting and Troubleshooting Microsoft Intune Microsoft Defender for Endpoints Typical activities include (but not limited to): Plan and coordinate the deployment of operating system and app patches and updates. Test and validate patches before deployment to ensure compatibility and stability. Prioritize and schedule patches based on risk, urgency, and business impact. Create and maintain documentation for patching processes and procedures. Communicate patching schedules and status to relevant stakeholders. Monitor and troubleshoot patch deployment issues. Work with other IT teams to ensure that applications and systems are compatible with patches. Continuously review and update patching processes to improve efficiency and effectiveness. Document and report on patching metrics and compliance Ensure that patching is done in compliance with industry standards and regulations. Collaborate with vendor and third-party support teams to address any issues. Monitor and stay informed of new vulnerabilities and patches and make recommendations for future patching and Microsoft Defender configuration. Liaise with customer Compliance teams to convert business compliance requirements into technical implementation within the managed security tools. Ensure managed security tools are operational as per approved business requirements and agreed data is being fed into customer managed SIEM system if available. Attend weekly customer vulnerability meetings. Previous experience in a 2nd/3rd Line or similar Support role as part of a team. Experience using a ticket management system, creating/updating & logging tickets following an ITIL methodology. Experience managing multiple simultaneous activities. Excellent levels of both written and verbal communication skills. The ability to work both independently and as part of a team. The ability to manage time and prioritise activities. DESIRED KNOWLEDGE, SKILLS & EXPERIENCE The ability to demonstrate knowledge in some of the below would add significant value to your application. Training and development in these technologies/solutions will be provided if required. ITIL Foundation v4 certification Certification in any of the above technologies Microsoft Azure infrastructure platform knowledge Foundational networking knowledge

Belfast, United Kingdom

Hybrid

Full Time

11-03-2025

Company Name: ReversingLabs
Job Title: Application Security Architect
Job Description: At ReversingLabs, our software supply chain security and threat intelligence solutions have become essential to advancing cybersecurity maturity around the globe. We're on a journey to expand adoption and accelerate growth by hiring top talent across the security industry. Notable breaches such as SolarWinds, CircleCI, and 3CX have elevated software supply chain security as a top initiative across every organization developing or purchasing software. Only ReversingLabs delivers the software package analysis speed and intelligence needed to protect against this critical area of risk. Our vision is clear. Arming every company with end-to-end insights to ensure development releases securely, IT purchases safely, and the SOC can effectively detect, isolate, and respond. You will play a pivotal role in safeguarding our organization's applications and data from cyber threats. The teams you will be working with are developing our Spectra Assure Product Suite. You will work closely with development teams to ensure that security is integrated into the development lifecycle, identifying and mitigating vulnerabilities before they can be exploited. We accept applications only from candidates located in Croatia and Germany! Responsibilities Conduct security assessments and vulnerability scans of applications, APIs, and other software components Identify, analyze, and report security vulnerabilities and risks Develop and implement security controls and countermeasures to mitigate identified risks Collaborate with development teams to ensure that security is built into the software development lifecycle (SDLC) Provide guidance and training to development teams on secure coding practices and best practices Stay up-to-date on emerging security threats and trends Requirements 5+ years of experience in application security Strong understanding of application security principles and practices, including OWASP Top 10, secure coding practices, and vulnerability assessment methodologies Experience with security tools and technologies such as vulnerability scanners, penetration testing tools, and security code analysis tools Knowledge of programming languages (e.g., C++, Python) Experience with cloud security and DevOps practices is desirable Excellent problem-solving, analytical, and communication skills Ability to work independently and as part of a team Benefits At ReversingLabs, we're committed to taking care of our team by meeting all the benefits required under the United Kingdom law. Here's what you can count on{{{{:} }}}Paid annual leave, including public holid aysStatutory sick pay and parental le aveWorkplace pension contributi onsA safe and inclusive work environm entBut that's just the basics! We go beyond statutory benefits to make sure you feel valued and supported with these additional perks{{{ {:}}}}A competitive compensation package, including base pay, bonuses, and equityQuarterly Wellness Weekends—three extra days off every quarter to rest and re chargeAccess to Udemy Business, where you can explore a huge variety of courses to grow your skills and kno wledgeMonthly phone all owanceMedical allo wance Free membership to the Calm app to help you unwind and reduce stressVolunteer Time—8 hours a year to give back to a non-profit cause you're passionate aboutPlenty of opportunities to grow your careerA collaborative and innovative workplace where your ideas matterReversingLabs was founded in 2009 with the mission to offer the ultimate threat detection solutions. Our security products are used by some of the largest organizations in the world, including 2 of the top 3 banks, 4 of the top 6 software companies, and 2 of the top 6 insurance companies. We have been honored with numerous awards through the years including the 2023 Global InfoSec Award, 2022 CDM Global Infosec Awards, 2021 SC Media Trust Award for Best Threat Intelligence Technology, a 2020 Stevie Award, and the 2017 JPMorgan Chase Hall of Innovation Award for our truly unique malware and explainable threat intelligence pro ducts.Our pioneering technologies, exceptional products, and successful customer deployments also drove investments in ReversingLabs by some of the prominent investors in the world. With remote employees throughout the United States and England, and offices in Boston, United States and Zagreb, Croatia, ReversingLabs will continue to deliver groundbreaking innovation with top global t alent.We are committed to an inclusive and diverse team. ReversingLabs is an equal opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status or any legally protected status. If there is a match between your experiences/skills and the Company needs, we will contact you directly. ReversingLabs is an equal opportunity emp loyer.Applicants only - Recruiting agencies, please do not co ntact.