Software Engineer, Security (Contract)
Hybrid
London, United Kingdom
Freelance
14-03-2025
Job Specifications
We're putting together a talented team to build the #1 training platform for Runners
We help everyday runners become outstanding by providing world-class training, coaching and community for everyone, whether you're improving your 5k time or training for your first marathon. To date we have built iOS, Android and Apple watch apps that help people achieve their goals by coaching them through the full journey and syncing to their favourite fitness devices.
We're growing extremely fast and in November 2023 closed a new £5M funding round led by JamJar with participation from Eka Ventures, Venrex and Creator Ventures. We want to grow as fast as we can into the future and are looking for individuals who will help us get there. For more about our background and growth check out our Careers Page!
We're now looking ahead to the future and the people who want to help us build and scale Runna. Our aim is to reach millions of subscribers in the next 5 years and be the go-to training platform for any runner. Now is a magical time to join, we're still small, and everyone makes a foundational difference.
Who We're Looking For
We are looking for a talented, creative, and proactive Security Engineer to join our highly skilled cross-functional engineering team and take ownership of security across the entire organisation. As the first security engineer, you'll lead efforts to ensure our cloud infrastructure, applications, and internal processes meet the highest security standards. You'll work closely with the engineering, product, and leadership teams to establish a strong security culture while also ensuring compliance with relevant regulations.
You will partner with our CTO and founders to shape the future of security at Runna and play a critical role in safeguarding our product as we scale. As our first dedicated security hire, you'll have the freedom and support to build a security roadmap from the ground up.
As a Security Engineer, your role will include:
Lead the effort to secure our cloud infrastructure, ensuring secure deployments, access controls, and robust incident response strategies
Establish security monitoring and alerting to detect, respond to, and mitigate potential threats in real-time
Own and drive compliance initiatives (such as GDPR, Cyber essentials) to ensure our organisation meets the required standards
Implement and enforce best practices for encryption, identity and access management (IAM), and network security across the platform
Partner with product, engineering, and business teams to ensure security is embedded in all stages of development and product lifecycle
Create and manage a bug bounty program to incentivise external researchers to identify and report security vulnerabilities
Educate and train the wider team on security best practices, fostering a security-first mindset across the organisation
Stay ahead of emerging threats and technologies, ensuring we adopt the latest tools and practices to maintain a secure environment
Collaborate with external security firms for audits, penetration testing, and other assessments to validate our security posture
Software Engineer Interview Process
Our aim is to keep the interview process as straightforward and enjoyable as possible, and will consist of the following stages:
Kick off! (apply below)
Introductory chat (25-minute video call)
Technical interview (50 mins)
Once the process is finished, we promise to let you know our decision as soon as possible.
Requirements
What experience we're looking for
If you don't quite meet all of the below skills, we'd still love to hear from you as we might be able to tweak the role slightly or offer you a position better suited for you. You can apply directly below or contact us if you're still unsure.
Your key experience:
1+ years in a Security Engineering role or similar
2+ years working with cloud infrastructure (preferably AWS) or as a platform engineer
You've led the development and implementation of key security projects
Experience with security frameworks, policies, and compliance standards (e.g., SOC 2, GDPR, ISO 27001)
Familiarity with penetration testing, vulnerability assessments, and incident response gained through practical experience
Your key skills:
Experience with securing cloud infrastructure, ideally within AWS (e.g., VPC, IAM, Security Groups, CloudTrail, GuardDuty)
Experience with encryption, key management, and identity and access management (IAM)
Hands-on experience with infrastructure as code tools (e.g., CloudFormation, Terraform) and CI/CD pipelines
Experience with security monitoring and observability tools (e.g., AWS CloudWatch, Aikido, Datadog)
A pragmatic mindset, with excellent communication and collaboration skills
Able to work within a highly-skilled engineering team in a fast-paced, iterative environment
Bonus points if you:
Have implemented or managed a bug bounty program
Have experience with serverless architectures
Are familiar with DevSecOps principles and integrating security into the CI/CD pipeline
Have a strong interest in health/fitness technologies or have worked in a similar tech environment
Our tech stack
Check out our Tech Radar here which we are constantly iterating, and below you can find a small reflection of our current tech stack:
Below you can find a small reflection of our current tech stack:
Frontend:
React Native (iOS and Android)
Typescript
GraphQL (Apollo Client)
Fastlane
SwiftUI (Apple Watch)
Maestro E2E tests
Backend:
Serverless (AWS)
Lambdas (NodeJS & Python)
AWS AppSync
DynamoDB, S3, SQS, SNS, EventBridge, SageMaker
Postman API tests
All the other good stuff:
Sentry
GitHub Actions
Intercom, Mixpanel
RevenueCat
App Store Connect / Play Store
Figma
Benefits
We offer a salary of £42,500 - £100,000 (depending on experience), plus equity in the form of Runna stock options.
Based on years of direct, relevant experience. Software Engineer I £42.5k, Software Engineer II £47.5-60k, Software Engineer III £60-75k, Software Engineer IV £77.5-92.5k, Software Engineer V £95k+
We'll be growing our package of benefits over time. We currently offer:
Flexible working (we typically work 2-3 days in our office in Vauxhall)
Salary reviews every 6 months or whenever we raise more investment
25 days of holiday plus bank holidays
A workplace pension scheme where if you pay 5% we pay 3%
A brand new Macbook, a running watch of your choice, and anything else you need to do your best work
Private health insurance
Enhanced family care policy (3 months fully paid leave when a new Runna joins the family, fertility support & other benefits)
An hour slot each week (during work time) to do a Runna workout
At Runna we have a limited number of employment visas that we are able to sponsor and are limited by govt. guidelines so cannot guarantee a visa sponsorship to all applicants. Please do apply though as we will consider all applicants.
About the Company
Runna is the #1 rated running coaching app in the world. Our mission is to make running training effective, enjoyable and easy for everyone Take your running to the next level with Runna. We provide world-class training, coaching and community for everyone, whether you're improving your 5k time or training for your first marathon. Know more
Related Jobs
- Company Name
- Spinks
- Job Title
- Oracle Developer
- Job Description
- Oracle Developer - Contract - 6 month initial - £250 per day Remote occasional travel to client sites may be required Spinks have partnered with an exciting consultancy business who are seeking an experienced Oracle developer to join them on a contract basis. Key Details: Oracle Developer Experience with PL/SQL Experience with Oracle Integration Cloud Experience with Oracle Application Framework Strong communication skills 6 Month initial contract Outside IR35 £250/Day Remote first - occasional travel to client sites may be required If you're interested in this position, please apply now! Please note, sponsorship is unavailable for this role.
- Company Name
- Avance Consulting
- Job Title
- Dynamics Developer
- Job Description
- D365 CRM Developer Exeter, England (Hybrid Work) Contract Job Description: ----- Key responsibilities: Microsoft Certified 3+ experience professional having experience in MS Dynamics CRM (2011 / 2015 /2016 / Dynamics 365), Sales and Marketing Modules in CRM. (Both Customization and configuration) Key skills/knowledge/experience: Having knowledge in ADFS configuration as well as had worked on Azure based applications.
- Company Name
- mthree
- Job Title
- Production Support Analyst
- Job Description
- Support Analyst - Front Office , Fixed Income Large investment bank requires a Senior Support Analyst to join their Front Office facing Fixed Income Trading group providing 1st / 2nd line support and enhancement to their execution, pricing and associated infrastructure solutions for the Rates business. Candidates will be responsible for facing off to traders, risk managers and external clients providing Trading Support Analyst expertise, increasing of systems performance, infrastructure systems deployment, extensions and analysis of the implementation and integration requirements for the global trading system. Candidates will be expected to hold a full and comprehensive understanding of Front Office production environments across large scale distributed global systems gained from either an Investment Bank or Hedge Fund, Unix and Front Office infrastructure. Full detailed spec available. Essential skills: Production Support Analyst Front Office Application Support across Rates / Government Bonds, FX or Emerging Markets Electronic Trading ECNs Service Reliability Risk Management Database manipulation in SQL L2 Production Support Analyst Unix / Linux Scripting (Perl/Shell/Python) System Monitoring through ITRS Geneos or similar Support Analyst - Front Office , Fixed Income
- Company Name
- Square One Resources
- Job Title
- Remedy Developer (ARS v8) - Hybrid/Berkshire
- Job Description
- Job Title: Remedy Developer (ARS v8) - Hybrid/UK Location: Ideally Reading office once or twice a week - happy to consider other UK locations Salary/Rate: Up to £589 a day Inside IR35 Start Date: March/April Job Type: 16 Week Contract (with scope to extend) Company Introduction We are looking for a Remedy Developer to join our client in the Telecommunication industry. .*Must have Remedy ARS V8 experience for this role* You will contribute to the Design, Development, Enhancement & Support of hybrid (bespoke & vendor) Service Management IT solutions and provides subject matter expertise to enable others in the team to meet delivery needs & challenges. You will ensure the Service Management technical environment(s), processes, tools, capability and capacity are fit for purpose and shape/influence the operating model to improve the delivery service provided (costs, timescales & quality). The successful candidate for this role must be able to travel to their closest office once or twice a week, as well as the Reading office occasionally for meetings. Knowledge & Experience: Excellent verbal & written experience of the English language. Extensive recent knowledge and practical experience of one or more of the following software products:- BMC Remedy ARS (on premise) BMC Atrium Integrator Awareness & understanding of multiple software development/integration technologies (see Technical Skills & Abilities). Proven use of different Development/Delivery methodologies (eg Waterfall, Agile ). Ability to effectively communicate with all levels to ensure mutual and shared understanding. Builds and maintains strong internal and external relationships through mutual understanding. Excellent trouble-shooting and problem solving skills Experience of analysing, impact assessing, planning and resolving complex technology requirements, problems and issues. Technical Skills & Abilities: Customisation, Development and Integration skills, that can be evidenced/showcased, in BMC Remedy (ARS V8+ - as "greenfield" bespoke dev). Ability to integrate Remedy and 3rd party tools (on-prem). Experience on rest API, Atrium Integrator configuration and Remedy workflow development. Experience of BMC CMDB and the ability to troubleshoot issues related to data normalization, reconciliation Excellent SQL skills across industry RDBMS technologies (Oracle, MS SQLServer..) Awareness/Experience across industry RDBMS development languages (stored procedures/scripting) Proficient Windows/Unix skills (OS cmd line/Shell Scripting/Services). Recent experience in source code/version control management & delivery collaborative tools (eg Jira, Subversion, Microsoft Team Foundation Server ). Understands, explains and presents complex technical ideas or issues to both technical and non-technical audiences at all levels in a persuasive and convincing manner. Authentic, transparent and considerate. Works hard to create a Winning Team. Displays Energy and passion to achieve and exceed stretching objectives often delivering within tight timescales Job Responsibilities/Objectives Participates & Supports in impact assessment and analysis of hybrid Service Management platform solutions through direct fault fix or subject matter expertise to other support partners. Participates and Supports in the Quality Assurance of solution delivery (Unit, System, Integration, User Acceptance, Operational Readiness and Post Implementation test cycles). Data Configuration, Customisation and Development of bespoke Remedy ARS platform and Atrium CMDB & Integrator components. Support the production of delivery Impact Assessments, for software development, against business requirements, to allow timescales, costs and complexity to be socialized and agreed before any delivery engagement. Production of Detailed/Functional Design of hybrid Service Management platform solutions, based on business requirements and in line with architecture steer and security & compliance obligations. Peer review of code, configuration and documentation, ensuring it meets industry and organisational standards. Maintains and improves relationships with key customers, peers in other functions/operating countries and key vendor partners. Ensures that system development is implemented in a secure, compliant (ie CAS-T, IL3 and PSN obligations), coherent and consistent manner and that planned systems developments are compatible with the organisation's existing systems, infrastructure and strategic plans. If you are interested in this opportunity, please apply now with your updated CV in Microsoft Word/PDF format. Disclaimer Notwithstanding any guidelines given to level of experience sought, we will consider candidates from outside this range if they can demonstrate the necessary competencies. Square One is acting as both an employment agency and an employment business, and is an equal opportunities recruitment business. Square One embraces diversity and will treat everyone equally. Please see our website for our full diversity statement.