Security Engineer

Security Engineer

£40,000 - £50,000 Poole, Dorset (Hybrid - 3 days/week in the office)

You don't just spot vulnerabilities, you close them before they become a problem.

Whether it's penetration testing, access controls, or a misconfigured firewall, you've got the mindset and the method to lock things down. You understand the bigger picture of what security means in a software company covering infrastructure, applications, data, and even physical spaces.

This is your opportunity to join a product-led software business in Poole and being able to shape the role and make your own rules when it comes to security. You will take ownership of their security posture across multiple teams and environments. It's a hybrid role, focused on prevention, improvement, and real-world risk reduction not just ticking audit boxes.

Protect the platform. Strengthen the business.

What's in it for you?

• Salary: £40,000 - £50,000
• Location: Poole, Dorset (hybrid - 3 days/week in the office)
• Scope: Work across IT, application, cloud, and physical security, no siloed remits here
• Responsibility: Be the go-to person for penetration testing, compliance audits, and vulnerability management
• Environment: Modern SaaS product environment, working alongside DevOps, engineering, and IT
• Growth: Get stuck into a wide variety of work, with support from leadership and autonomy to make a real impact

What you'll be doing:

• Leading vulnerability assessments and coordinating regular penetration testing across systems and products
• Owning risk remediation actions, from security audits to PCI scans and compliance reporting
• Working across cloud (AWS), infrastructure, and software environments to ensure security best practices are embedded throughout
• Supporting the secure design of products and infrastructure, providing input early in the SDLC
• Maintaining and improving physical security systems including access control and CCTV
• Managing identity, access controls, and endpoint protection tools
• Writing clear, actionable reports for both technical and executive audiences, including regular updates on the security landscape
• Aligning with frameworks such as ISO 27001, Cyber Essentials+, GDPR, and PCI-DSS
• Collaborating with compliance, IT, and engineering to deliver secure, scalable solutions

What you'll bring to the table:

• Proven experience in a security-focused role (ideally 2-3+ years), ideally across cloud and hybrid environments
• Strong penetration testing experience with confidence to act on the findings
• A solid grasp of access controls, identity management, and cloud security (especially AWS)
• Familiarity with secure software development practices and working alongside dev teams
• Understanding of key frameworks like ISO 27001, PCI-DSS, and GDPR
• Bonus points for scripting/automation experience (PowerShell, Python, etc.) or exposure to tools like Keeper, Keycloak, or IAM
• A proactive mindset and excellent communication skills, being able to simplify security for non-technical stakeholders

If you're looking for a hands-on security role with variety, visibility, and the opportunity to actually make things safer, this is the one.

Interested?

Send your CV to bob com and let's have a confidential chat.