16 jobs found

Role: Senior Site Reliability Engineer (SRE) - Kubernetes / OpenShift Location: Remote - UK (possible paid occasional travel to TIG Secure site locations as required) Job Type: Full-time, Permanent (37.5 hours) Salary: Competitive + benefits + package Security Clearance Requirements Please note that holding a current Security Clearance is not essential at the time of application, but eligibility is required. This role requires the successful candidate to be eligible for Security Check (SC) clearance. To meet this requirement, applicants must: Have the right to work in the UK Have lived in the UK continuously for the past 5 years Not have spent more than 6 months outside the UK in total during that period Be willing to undergo security vetting as part of the onboarding process About You You're an experienced SRE, Platform Engineer or Cloud Engineer with strong hands on experience running Kubernetes in production environments. You're comfortable working across Linux, Kubernetes, cloud native tooling, automation, observability, CI/CD and infrastructure as code. You understand that reliability, security and operational maturity are critical to how modern platforms support engineering teams and customer facing services. You enjoy treating infrastructure as a product, automating repeatable work, improving resilience, and building platforms that other engineers can rely on. You're calm under pressure, methodical during incidents, and able to turn operational challenges into long term improvements. You may have worked in a regulated, secure, government, defence, financial services, telecoms, managed services or cloud native environment, but most importantly you have operated Kubernetes at depth and understand the realities of production ownership. You're a senior individual contributor who can mentor others, influence engineering practice, and provide technical authority without needing formal line management responsibility. About the Role We're looking for a Senior Site Reliability Engineer (SRE) to help operate, harden and mature our production OKD / Kubernetes platforms. This is a hands on engineering role focused on reliability, automation, observability, GitOps, CI/CD and secure platform operations. You'll work across the full stack, from bare metal and virtualisation through to Kubernetes control plane operations, ingress, identity, monitoring, developer platform tooling and application delivery. The role will play a key part in improving the operational maturity of our platform estate, supporting the migration from VMware to KVM, strengthening GitOps and CI/CD practices, and helping ensure our platforms remain secure, scalable and aligned to the needs of regulated customer environments. You'll work closely with platform, application, AI, networking, security, QA and architecture teams to build reliable foundations that enable other engineering teams to deliver safely and at pace. This is not a ticket handling role. It is a senior engineering position where you'll be expected to own problems, drive improvements, and help shape how TIG operates critical cloud native infrastructure. About the Team You'll be joining our Cloud team, working closely with Platform Engineering and wider engineering teams responsible for the foundational platforms on which TIG's services run. This is a great opportunity to join a small, senior technical environment where you can have direct ownership, meaningful influence, and visibility across modern platform engineering, Kubernetes, automation, observability, security and cloud native delivery. Key Responsibilities Operate, harden and extend production OpenShift / OKD / Kubernetes clusters across on premises and hybrid environments. Support the migration from VMware to KVM, helping modernise the underlying compute and storage layer. Own and improve CI/CD processes across the full lifecycle of platform and application components. Work with platform and application engineers to support cloud native delivery using tools such as Helm and Kustomize. Develop and mature GitOps deployment practices using tools such as Argo CD or Flux. Maintain and improve core platform services including identity, ingress, observability, certificate management, service mesh and container registry capabilities. Build and operate observability across logs, metrics, traces, alerting, SLOs and error budgets. Improve platform hardening in line with secure and regulated environment requirements, including network policy, SELinux, image provenance, secret management and audit. Automate repeatable operational tasks using tools such as Ansible, Terraform, Helm, Kustomize, Go, Python or equivalent technologies. Lead incident response activity, support blameless post mortems and drive systemic fixes. Partner with networking and security teams on platform integration, segmentation, load balancing and accreditation evidence. Create and maintain clear technical documentation, runbooks, design notes and operational guidance. Mentor other engineers and act as a senior technical authority across cloud and Kubernetes operations. Participate in an on call rota, with appropriate compensation. Success in This Role Looks Like A more reliable, secure and measurable production Kubernetes estate. Improved platform observability, with meaningful alerting, SLOs and trend data that engineering teams actively use. Progress against the VMware to KVM migration, with a clear and automated path for the underlying infrastructure layer. A mature GitOps approach covering platform and application components, including rollback, drift detection and operational control. Improved CI/CD practices that help teams move at pace while considering security, QA and compliance earlier in the lifecycle. Well documented, supportable and scalable platform services. Stronger incident response, clearer runbooks and post mortems that lead to real operational improvements. Recognition as a technical authority for Kubernetes, cloud and platform operations across the organisation. What We're Looking For We're looking for a Senior Site Reliability Engineer (SRE) with strong experience operating production Kubernetes environments. This role is well suited to someone who combines deep technical capability with strong operational discipline. You'll be comfortable taking ownership of complex platform challenges, improving reliability, and working collaboratively across engineering, security, networking and architecture teams. Essential Experience & Skills Strong experience running production Kubernetes environments, not just consuming or deploying into them. Strong Linux fundamentals, including systemd, networking, storage and performance troubleshooting. Experience with at least one Kubernetes distribution such as OKD, OpenShift, vanilla Kubernetes, Rancher, EKS, AKS or GKE. Solid infrastructure as code experience, including Ansible plus Terraform or equivalent, alongside tools such as Helm and Kustomize. GitOps and CI/CD experience managing full application and component lifecycles, using tools such as Argo CD, Flux, GitHub Actions or similar. Prometheus, Grafana, Elastic Stack / LGTM, OpenTelemetry or similar. Experience working with identity and access technologies such as OIDC, SAML, SCIM or Keycloak. Experience with virtualisation or infrastructure platforms such as KVM, libvirt or VMware. Scripting or tooling experience using Go, Python, shell scripting or similar. Strong troubleshooting, problem solving and analytical skills. Experience working in secure, regulated or enterprise scale environments. Strong communication skills, with the ability to produce clear documentation, runbooks, post mortems and technical guidance. Eligible to hold UK SC clearance. Desirable (Not Essential) Specific OpenShift or OKD experience, including operators, MachineConfig or SCCs. Service mesh experience such as Istio or Linkerd. Policy engine experience such as OPA, Gatekeeper or Kyverno. Cloud native application deployment experience using Helm, Terraform, Kustomize or similar. Storage experience such as Ceph, Longhorn, OpenShift Data Foundation or equivalent. Networking experience including BGP, VXLAN, Palo Alto or Juniper technologies. Software supply chain security experience, including SBOMs, image signing, admission control or tools such as Sigstore. Experience operating AI, ML or GPU enabled platforms. CKA, CKAD, CKS, Red Hat certifications or equivalent. Active or recent UK SC clearance. Recognised open source contributions to the Kubernetes ecosystem. Soft Skills & Behaviours Calm, structured and methodical under pressure. Strong written and verbal communication skills. Collaborative working style across platform, development, QA, security, networking and architecture teams. Strong sense of ownership and accountability. Automation first mindset, with a focus on removing repeatable manual work. Able to influence technical practice through evidence, example and credibility. Pragmatic and solutions focused approach to problem solving. Curious about why systems fail, not just how to bring them back online. . click apply for full job details

Location: Remote / Redheughs Rigg, Edinburgh EH12 9DQ, UK job type: Permanent / Full-time Sector and subsector: IT Cybersecurity Salary: Competitive salary Company Description: At Quorum Cyber, we're on a mission to help good people win. Founded in Edinburgh in 2016, we're one of the fastest growing cyber security companies in the UK and North America, serving over 400 customers on four continents. We protect organisations against the rising threat of cyber-attacks, enabling them to thrive in an increasingly unpredictable and inhospitable digital landscape. As a Microsoft-only security house, a Microsoft Solutions Partner for Security, a member of the Microsoft Intelligent Security Association (MISA), and winner of the Microsoft Security MSSP of the Year 2025 award, we offer a unified security ecosystem comprised of innovative services, all delivered through our customer platform, Clarity. In September 2024, Quorum Cyber acquired Canada-based, Microsoft Solutions Partner for Security, Difenda. This was closely followed in December 2024 by the acquisition of US-based, Kivu Consulting, a global cyber security firm with world-leading incident response capabilities. Role Purpose: To act as the senior technical SME and technical/team lead for customer facing Professional Services engagements across Microsoft cloud security and XDR managed service onboarding. The role leads complex technical delivery, provides design assurance, supports the development of the Cloud Security consulting team, and acts as the technical escalation point for Microsoft Defender XDR, Sentinel, Entra, Azure and Microsoft 365 security work. Resource allocation, utilisation forecasting and overall commercial governance remain led by the Head of Microsoft Security Professional Services, with this role providing technical input and early escalation of risks, blockers and capability gaps. What I Do Is: Lead complex customer facing cloud security projects as the technical delivery lead, from discovery, workshops and architecture through implementation, documentation, customer sign off and transition into managed service. Act as the technical authority for cloud security engagements, shaping the technical approach and guiding decisions across design, implementation, risks, dependencies and quality. Provide day to day technical leadership, coaching and mentoring to Cloud Security Consultants, supporting capability development, consistent delivery standards and confidence with customers. Act as the technical escalation point for the Cloud Security team, supporting complex design, implementation and customer facing challenges. Support the Head of Microsoft Security Professional Services with technical input into delivery planning, project risks, capability gaps, team development and delivery quality. Lead onboarding readiness assessments and transition to service planning for XDR managed service customers, ensuring integrations, data sources, controls, alerting, handover and acceptance criteria are complete. Own or lead technical delivery across Azure, Microsoft 365, Microsoft Defender XDR, Microsoft Sentinel, Microsoft Entra and wider Microsoft security capabilities. Design and assure advanced cloud security architectures, governance models and operating models aligned to customer requirements, Microsoft best practice and managed service delivery. Own and quality review HLDs, LLDs, implementation plans, service transition documents, recommendations and customer facing deliverables. Provide high value SME input into presales, technical discovery, SoW input, proposal review and shaping of cloud security service offerings. Work closely with project managers, SOC, managed services, engineering and customer stakeholders to ensure successful delivery, clean handover and ongoing service operability. Drive standardisation and reuse of delivery methods, documentation templates, design patterns and cloud security offerings, while staying current with emerging Microsoft security capabilities, cloud threats, technologies and compliance mandates. The Skills I Need Are: Deep expertise in Microsoft cloud security, including Azure, Microsoft Defender XDR, Microsoft Sentinel, Microsoft Entra and Microsoft 365 security services. Advanced knowledge of the Defender suite, Sentinel architecture, Entra ID, identity security, cloud workload protection, endpoint security, threat detection and security operations. Advanced knowledge of cloud security frameworks and guidance, including CIS, NIST, ISO 27001, Azure Cloud Adoption Framework and Microsoft Cybersecurity Reference Architecture. Strong experience designing and implementing IAM, RBAC, Conditional Access, encryption, network security, logging, monitoring, secure DevOps and governance controls. Expert level technical project leadership, including leading workshops, shaping the technical approach, managing technical risks/issues, guiding design decisions and driving customer confidence. Strong ability to own and quality assure HLDs, LLDs, SoW technical inputs, implementation plans, project artefacts and service transition documentation. Strong coaching and mentoring skills, with the ability to support team development, provide constructive technical feedback and build capability in others. Commercial awareness of Professional Services delivery, including scope, effort, utilisation, margin, risks and customer satisfaction, with the ability to elevate commercial or delivery risks early. Leadership, communication, stakeholder management, analytical thinking and problem solving skills across technical, operational and business audiences. Relevant Microsoft security certifications are desirable. CCSP, CISSP or similar cloud/security certifications are desirable. I Know I Have Done A Great Job If: Complex customer projects have clear technical leadership from discovery through implementation, sign off and transition into managed service. Technical delivery is high quality, customer facing outputs are clear, and engagements achieve agreed outcomes. Cloud Security Consultants are supported, coached and developed, with stronger technical confidence and consistent delivery standards across the team. XDR managed service customers are transitioned successfully into BAU operations with clear acceptance criteria, documentation and stakeholder alignment. Technical risks, blockers, dependencies and capability gaps are surfaced early to the Head of Microsoft Security Professional Services and project stakeholders. HLDs, LLDs, SoWs and delivery artefacts are technically accurate, consistent, commercially realistic and reusable. Presales and scoping inputs are technically sound, realistic and aligned to the team's delivery capability. The Cloud Security team is recognised internally as a high value SME function for Microsoft cloud security delivery. SOC, engineering and managed services teams receive a clean handover and are set up to operate effectively. Our Commitment to Equality & Diversity: "Our diversity is a huge part of our success, and collecting data during the hiring process helps us understand how to keep strengthening and supporting that diversity." We are an equal opportunity employer. We are committed to fostering an inclusive, accessible, and equitable workplace where all qualified applicants receive fair consideration. We do not discriminate on the basis of race, national or ethnic origin, colour, religion, age, sex, sexual orientation, gender identity or expression, marital status, family status, disability, or any other characteristic protected under applicable federal, provincial, or territorial human rights legislation. The information requested below is collected to help us meet our employment equity and reporting obligations, and to support our ongoing diversity and inclusion initiatives. Providing this information is entirely voluntary. It will not be shared with hiring managers and will not be used in any hiring decision. Declining to provide this information will not affect your application in any way.

Senior Security Engineer - Detection & Response - EU/UK Remote, UK We are seeking a UK-based Senior Security Engineer to join our Security Operations and Response Team as a senior individual contributor. In this role, you will investigate and respond to security incidents across Marqeta's environment, proactively monitor for cyber threats, and serve as incident commander during security events of varying severity. You will contribute to the development and improvement of response methodologies aligned with the NIST Incident Response Lifecycle and help maintain cybersecurity incident response documentation. This position requires strong expertise in incident response, digital forensics, threat hunting, and security monitoring technologies. You will collaborate across teams, contribute to detection engineering efforts, and participate in 24x7 on call rotations. The role reports to the Manager of Security Operations and Response. This role can be performed remotely anywhere in the UK, or from our London, UK office. We'd love for you to join us! Impact You'll Have Proactively monitor Marqeta's environment for cyber threat activity and manage day to day security alerts through timely analysis, triage, and appropriate response actions Serve as incident commander during security events, directing investigation strategies and coordinating cross functional response efforts Execute incident response activities aligned with the NIST Incident Response Lifecycle to detect, contain, eradicate, recover, and learn from cybersecurity incidents Contribute to the maintenance and improvement of the Cybersecurity Incident Response Plan (CIRP), playbooks, runbooks, and standard operating procedures to ensure consistent and effective response operations Participate in 24x7x365 on call rotations, providing skilled guidance during security incidents and contributing to thorough post incident reviews Research threat intelligence sources and contribute to hypothesis driven threat hunting initiatives to uncover threats in corporate and production environments Work closely with Security Engineering to tune security solutions, enhance detection capabilities, and leverage business knowledge to improve security monitoring Design, develop, and maintain detection logic using a detections as code approach, collaborating with Security Solution Engineering to deploy detections through CI/CD pipelines into our SIEM and EDR platforms Contribute to detection coverage mapped to MITRE ATT&CK framework, identifying gaps in visibility and supporting detection development prioritization based on threat intelligence and business risk Coordinate with HR, law enforcement, response retainers, and cyber insurers as required, including support on cyber crime financial fraud use cases Support the development of less experienced security team members through knowledge sharing, pair investigations, and leading by example Partner with Fraud, Compliance, and Risk teams on security events involving payment systems, cardholder data, or regulatory reporting obligations under PCI DSS and related frameworks Who You Are 5+ years of hands on experience in security operations with strong expertise in incident response, digital forensics, and threat hunting Experience serving as an incident commander or leading incident response workstreams, with the ability to make sound decisions under pressure Strong knowledge of the NIST Incident Response Lifecycle and experience contributing to incident response documentation and procedures Proficiency with security monitoring and forensic tools including EDR, SIEM, and SOAR systems Experience developing detections as code, including familiarity with version control, CI/CD pipelines, and detection testing frameworks Working knowledge of MITRE ATT&CK and experience using it to assess detection coverage and map threat actor TTPs Experience contributing to post incident reviews and implementing security improvements based on lessons learned Solid understanding of threat actor TTPs and ability to apply threat intelligence to enhance detection and response capabilities Experience tuning security solutions and developing automation workflows to improve monitoring effectiveness and response efficiency Working knowledge of AWS cloud services and securing cloud environments Ability to effectively communicate with technical and non technical stakeholders during security incidents and investigations Experience in payment processing, fintech, or other highly regulated environments; familiarity with PCI DSS incident handling requirements a plus Proven ability to work independently while demonstrating sound judgment about when to engage team members or elevate issues Willingness to mentor and support the growth of junior security professionals in incident response techniques Benefits Premium Private Medical and Dental coverage Generous time off program with additional "Floating Holiday days" Retirement savings program with company contribution Equity in a publicly traded company and an Employee Stock Purchase Program Monthly stipend to support our remote work model Annual development stipend to support our people's growth and development Family forming benefits and up to 20 weeks of Parental Leave Wellbeing programs (e.g., Modern Health, HealthKick and more) Marqeta is an equal opportunity employer committed to an inclusive workplace that fosters belonging. We do not discriminate based on race, color, religion, sex (including pregnancy, lactation, childbirth, or related medical conditions), veteran status or uniformed service member status, age, national origin or ancestry, citizenship or immigration status, physical or mental disability, gender identity, gender expression, sexual orientation, genetic information (including testing or characteristics) or any other characteristic protected by applicable law. We also consider qualified applicants with criminal histories, consistent with legal requirements. Marqeta endeavors to make reasonable accommodations for applicants with disabilities. Individuals requiring accommodation to submit this application, complete any pre employment testing, or otherwise participate in the selection process should submit a request detailing the specific accommodations needed.

Reapit - Who are we? Reapit is the original end-to-end business technology provider for estate agencies of all sizes. We've been helping sales and lettings agents build relationships and grow their businesses for more than 25 years. Our technology empowers property professionals across Europe, the Middle East, Australia, and New Zealand to work with buyers, sellers, tenants, and landlords to deliver a dream home experience. Worldwide, over 78,000 agents across more than 15,000 branches use Reapit to run their businesses, manage properties, collect rent, engage clients, and provide outstanding customer service every time. What you'll be doing Reporting directly to the CISO, you'll play a critical role in strengthening and maturing Reapit's cloud security posture. Your work will span hands on security engineering, deep incident response, proactive threat detection, and collaboration with global teams. Design, implement, and enhance secure Cloud infrastructure, services, and applications in collaboration with DevOps teams. Conduct ongoing security assessments, configuration reviews, and audits of AWS environments to identify vulnerabilities and recommend remediation. Implement and maintain AWS security controls aligned to ISO 27001, NIST and cloud security best practices. Proficiency in building/configuring SOAR platforms such as Shuffler and Tracecat. Develop security automation tooling, scripts, and infrastructure as code processes to streamline security operations. Take ownership of security engineering projects, delivering them end to end with strong attention to detail and high quality documentation. Work in a self managing, proactive manner - anticipating security needs, identifying gaps, and driving improvements without close supervision. Incident Response & Threat Detection Respond to SOC alerts. Working with our outsourced SOC, Lead and participate in global incident response activities, including investigation, containment, eradication, and recovery. Perform advanced log analysis, digital forensics, and threat validation using AWS native and third party tooling. Monitor AWS and application security alerts, responding quickly and decisively. Participate in an out of hours when required (time in Lieu given), including early morning collaboration with Australia based teams and responding to major incidents. Document all incident activity clearly and thoroughly in tickets, knowledge bases, and post incident reports. Carry out threat models and review log ingestion and alerting with the SOC. Security Collaboration & Enablement Provide expert guidance and mentorship to development, engineering and operations teams. Lead the standups and provide guidance to team members. Collaborate across multiple time zones, contributing proactively and reliably to global security initiatives. Stay ahead of emerging cloud threats, AWS security tooling, and defensive techniques; champion their adoption across the organisation. Produce clear, detailed, and structured documentation for tickets, processes, runbooks, and security standards. Who we're looking for At Reapit, we prioritise hiring individuals who share our values and possess the right attitudes and behaviours for success. Whilst some of the listed requirements may be important, don't worry if you don't meet all of them, we'd still like to hear from you. Essential Skills & Experience Minimum 5 years' hands on experience in cloud security or security engineering within an AWS focused DevOps environment. Strong technical proficiency across multiple cloud services including IAM, VPC, EC2, S3, RDS, Lambda, Entra ID, Azure Front Door, Azure Functions, Azure Monitor and core networking concepts. Deep, practical experience in incident response, including digital forensics, log analysis, threat detection, and handling security incidents end to end. Experience with security tooling such as Security Hub, GuardDuty, Detective, CloudTrail, CloudWatch, Inspector, SIEM (Elastic, Sentinel) and related cloud native controls. Practical experience with scripting (Python preferred) and Infrastructure as Code tooling such as Terraform. Solid understanding of ISO 27001, NIST CSF, and cloud security best practices. Familiarity with commonly used open source security testing tools (e.g., BurpSuite, ZAP, Nikto, Metasploit, SQLmap). Behaviours & Mindset Highly self managing, able to take ownership of work, prioritise effectively, and drive tasks to completion with minimal oversight. Proactive in identifying security gaps, recommending improvements, and staying ahead of emerging threats. Strong attention to detail, especially in technical execution, documentation, and ticketing. Excellent communication skills, able to work with both technical and non technical teams across multiple time zones. Comfortable participating in out of hours incident response when required. Desirable Exposure to threat intelligence, cloud forensics, or advanced SOC workflows. Experience working in a global or distributed security team. What your impact and success looks like As a Senior Cloud Security Engineer we expect your success and impact in the early stages of your career with us to look something like this: Within 1 month: Familiarity with Company Policies and Security Infrastructure Familiarity with AWS/Azure Security Best Practices and the business Setup Integration into DevOps Workflow for UK Within 3 months: Familiarity with Company Policies and Security Infrastructure Familiarity with AWS/Azure Security Best Practices and the business Setup Integration into DevOps Workflow for UK Within 6 months: Continuous Improvement Initiatives Security Incident Management Integration into DevOps Workflow for EMEA/ANZ Complete SOAR implementation What's in it for you? We operate a Flexible Working Policy and we would like for you to work from our London or Solihull office, 2 days a week. We're offering the chance to really make a difference here at Reapit and the opportunity for personal growth is very real. You'll feel part of a special team. You can expect a highly competitive salary and some great benefits, including: 5.5% employer pension contribution 20 days annual leave (plus a day for your birthday), increasing by a day for every year worked (capped at 24 days) Business permitting, we're closed over Christmas, to give you time back to your friends and family Formal and in-house training for your L&D plus access to Go1 - the world's largest online learning library Health benefits including Gym Flex, annual flu vaccinations and many others Season ticket loan Regular local and companywide social events including Tucker Thursday - mouth watering cuisine delivered straight to the office doors once a month! Opportunity to participate in retail benefits and savings via our Benefits partner, Benni! Don't tick all the boxes? Neither do we We care about our industry and want it to become a more inclusive and diverse place to work. So, we're driven by hiring not only by experience and relevance for the role but by sharing our values and the right attitudes and behaviours for success. We are committed to Equal Employment Opportunity through attracting and retaining a complementary team of employees and building an inclusive environment for all. We feel we have an empowering environment where everyone is supported and respected, and we want you to feel this too. We welcome new ideas, thinking and approaches, whilst listening to all our employees.

London, England, United Kingdom Engineering ID: 6335 Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences- all created by our global community of developers and creators. At Roblox, we're building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We're on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there. A career at Roblox means you'll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone. As a founding member of the Security Operations team in EMEA, you will be joining us at an exciting time in Roblox's SIRT & SOC program. This is a highly autonomous role where you will be a primary decision-maker, core to our mission to maintain a highly capable 24/7/365 monitoring and response capability. While you will work in close collaboration with peers at our US West Coast Headquarters, the nature of the time difference requires a leader who can operate independently, making critical decisions without immediate oversight. You will help scale our ability to monitor and protect players, developers, employees, and the platform globally. We favor automation, orchestration, and risk-based prioritization, while retaining the deep technical skills required to conduct detailed, hands on analysis and response when the situation warrants. Work Environment: This role is based in London, UK. You will be working from a dedicated, private space located within a shared office environment, designed to enable collaboration while remaining secure. You will: Exercise High Autonomy: Act as the primary Incident Commander for the European time zone, making critical, time sensitive decisions independently before US HQ comes online. You will serve as the senior most security operations point of contact in the region. Command Security Incidents: Ensure serious threats and impacts are understood, mitigated, and learned from with speed and professionalism, often leading responses end to end without immediate escalation paths during local hours. Drive Strategy & Operations: Go beyond individual contribution to shape the strategic direction of the SIRT/SOC function, specifically identifying how global hand offs and "follow the sun" models can be optimized. Conduct Advanced Investigations: Dig into complex context, determining if threats exist and taking decisive action to prevent them. Collaborate Cross Functionally: Work with Legal, HR, Executive teams, and external partners (Developers & Customers). You will also travel semi regularly to the USA to visit HQ, ensuring deep alignment with central engineering and security leadership. Lead High Profile Responses: Collaborate with Security and Engineering to lead responses to major vulnerabilities or platform wide events. Build & Automate: Produce and refine security response procedures (runbooks, IRPs, workflows) with a focus on automation to reduce manual toil. Threat Hunt: Proactively hunt for anomalous activity in our signals, distinguishing between outliers and threats. You have: Experience: 10+ years of experience across Infosec, IT, Infra/SRE, and/or Incident Response. Specialization: 7+ years of experience specifically in Detection or Response (Incident Response) roles. Autonomous Leadership: Proven ability to work independently in satellite offices or distributed teams. You are comfortable being the "person in charge" during your shift and making calls that impact the business. Incident Command: Extensive experience operating as an incident commander. You can flex into deep engineering work but also possess the executive presence to coordinate responders and communicate status to leadership. Investigations: Expert level capability in investigating threats in enterprise and production environments, taking ownership from identification to resolution. Knowledge/Tools/Techniques: Deep understanding of security tools (SIEM, EDR, IDS/IPS, NDS, SOAR). You are proficient in applying Incident Response frameworks (NIST IR Lifecycle, Cyber Kill Chain, MITRE ATT&CK) to real world scenarios. Collaborate effectively with engineering colleagues, leveraging extensive expertise across various infrastructure and technologies (Public Cloud, OS, Virtualization, Containerization, Networking, Build/Development infrastructure, and Hardware). Education: Bachelor's degree in Computer Science, Cybersecurity, or a related technical field; advanced degree preferred or equivalent experience. You are: A Strategic Self Starter: You don't wait for instructions. You identify gaps in coverage-especially those unique to regional or time zone specific challenges-and fix them. Detailed Thinker: You enjoy exploring the details and considering the second and third order effects of your decisions. Eager Problem Solver: You are drawn to complex issues rather than avoidant of them. Embeddled to Make Change: You instinctively ask what you can do to improve the situation rather than waiting to be prompted. Compelled by our Mission: You are driven by the opportunity to protect our community and the safe space we've created. A Calculated Risk Taker: You move fast, navigating reasonable risks to take action and build capabilities as quickly as possible. Roles that are based in an office are onsite Tuesday, Wednesday, and Thursday, with optional presence on Monday and Friday (unless otherwise noted). Roblox provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Roblox also provides reasonable accommodations to candidates with qualifying disabilities or religious beliefs during the recruiting process. For US based roles only, please note the Company may not be able to employ candidates for this role who have United States work authorization related to certain U.S. visa categories, or support future H 1B sponsorship at this time.

Contract: Permanent or Contract considered Location: Greater Oxford Area Working Pattern: Hybrid (2-3 days in office) Salary: Competitive A note from the Founders Oxford Dynamics is at an inflection point. We operate in some of the most complex and high stakes environments in the world - defence, national security, AI and robotics. The decisions we make now will define not just how fast we grow, but who we become. You will work closely with all the team. You will be trusted with judgment calls. You will influence the business. And you will see the impact of your work every day in the work we do. If you are excited by ownership, pace and purpose - and by building something that genuinely matters - we would love to hear from you. Who We Are Founded in 2020, Oxford Dynamics (OD) is a fast growing UK deep tech company developing AI and robotic systems designed to operate in mission critical environments. Our flagship AVIS (A Very Intelligent System) AI framework fuses multi modal data - text, imagery, telemetry and sensor feeds - enabling operators to interrogate complex information at speed and make better decisions under pressure. Our STRIDER robotic platform performs autonomous tasks in hazardous environments, protecting people while extending operational reach. Our ambition is simple but demanding: to converge AI and robotics so machines can sense, understand and act in complex, real world environments. We work with defence and security organisations internationally to help protect nations, infrastructure and lives. What you will be doing here/ why this role matters Oxford Dynamics is a small team who rely on a collaborative and positive approach and so the right attitude for this role is equally as important as experience. We are at an important stage and time in our growth, and as a Senior DevOps Engineer you will be an essential part of our success. We are looking for a seasoned DevOps professional with deep hands on expertise in AWS, Kubernetes and modern CI/CD who can also drive cloud native security. You will design, build and audit scalable infrastructure, automate delivery pipelines and champion cost efficient, highly available platforms while owning key processes that will help OD remain compliant with our various certifications also. Key Responsibilities Your responsibilities will include, but not limited to: End-to-end cloud ownership - architect, implement and maintain multi account, multi region environments using IaC (Terraform, CloudFormation, Helm). Platform reliability & automation - manage Kubernetes clusters (EKS/OpenShift), container registries and service meshes; create GitHub Actions / Argo CD pipelines for zero touch deployments. Security hardening - lead security posture reviews, implement GuardDuty, CloudWatch and IAM best practices. SRE & monitoring - uphold SLAs through observability stacks, proactive alerting and performance tuning of distributed systems. Collaboration & enablement - automate repetitive tasks, mentor developers and champion DevSecOps best practice across teams. Policy & audit ownership - steward the regular audits we need to put in place to remain compliant with industry standards ensuring provenance. Backup & DR - design AWS Backup plans, run annual restore drills, maintain RPO/RTO dashboards. Capacity & cost optimisation - run the monthly Capacity & Availability Checklist; leverage Compute Optimizer, Savings Plans and Graviton. Drift detection & golden images - operate Terraform/Helm drift alerts, AMI & container image pipelines with Inspector v2 scanning. Incident & hot fix response - coordinate emergency changes, rollbacks and post incident reviews. What you can bring to Oxford Dynamics A collaborative and supportive attitude to work is essential for this role. You will be expected to operate at multiple levels within the company, with a strong focus on delivery and attention to detail. You will be comfortable working alone, supporting team members as well as interacting with clients if required. Qualifications, experience and skills Proven experience in DevOps / SRE, with recent focus on AWS cloud engineering. Expert in AWS core services (EC2, VPC, IAM, S3, ALB/ELB, CloudFront, ECR/ECS, Elastic Beanstalk, Control Tower) and security tooling (GuardDuty, IAM Identity Center, CloudWatch). Strong Kubernetes (EKS/OpenShift) administration, Helm packaging and service mesh know how. Proficient in IaC (Terraform, Terraform Cloud, CloudFormation), containerisation (Docker, Docker Compose) and Linux systems. Solid CI/CD engineering with GitHub Actions and Argo CD. Experience integrating SAST and DAST best practices. Scripting in Bash and Python or Go for automation. Demonstrated success delivering cloud cost optimisation and high security solutions for enterprise clients. Expertise in implementing SSO across a variety of industry standard software. Preferred/ Bonus Experience with MLOps (Softwares such as Sagemaker, Kubeflow or ZenML). Deployment of on premise Kubernetes. Prometheus (or other stacks) observability. Experience with AWS Karpenter & Compute Optimizer. Compliance literacy - ISO 27001, NIST SSDF/OWASP SAMM, GDPR basics. Soft skills Process driven, documentation friendly mindset. "Can do" attitude, quick learner and unafraid of complex challenges. Excellent teammate with strong cross functional communication. Why This Role? You will join a culture that values secure, automated delivery and encourages experimentation. If you thrive on scaling cloud platforms, tightening security and shaving milliseconds (and money) off every deployment, we'd love to meet you. Why Oxford Dynamics? Join the most exciting growth area in the UK: AI and Robotics! Every member of the Oxford Dynamics team has a major impact on the products and services we provide. Regardless of job title, you'll get to make a real difference and learn from colleagues about all areas of our business. Benefits include Salary: negotiable based on experience and attitudes Rapid career progression with meaningful ownership of core systems Opportunity to shape the future of a fast growing, successful, early stage business Flexible working hours Hybrid working model Company pension (UK Government NEST scheme) with company contributions at 4% Private Healthcare 29 days holiday in addition to public holidays (Full Time Equivalent) Oxford Dynamics is committed to creating an inclusive team experience for all. Regardless of race, gender, religion, sexual orientation, age, disability, or parental status, we believe our work is at its best when everyone feels free to be their authentic self.

Monzo's Offensive Security team is looking for a security professional to identify and demonstrate vulnerabilities before others do through testing, red teaming, purple teaming, and adversarial research. Responsibilities Leading offensive security projects from initial idea through to execution and reporting Simulating real world attacks to uncover vulnerabilities across our systems, infrastructure, and products Partnering with engineering and security teams to improve detection, response, and resilience Bringing an attacker mindset into conversations - asking what if? and challenging assumptions Producing proof of concept exploits to clearly demonstrate risk and drive meaningful fixes Mentoring others in the team and acting as a highly independent technical lead on complex engagements Qualifications Strong attacker mindset and natural curiosity about how systems can be broken Hands on experience in offensive security across areas such as web, mobile, cloud, or infrastructure Comfortable working across modern tech stacks (e.g., Kubernetes, AWS/GCP, microservices) or excited to learn Ability to take ownership of ambiguous problems and drive them through to impactful outcomes Enjoys collaborating with others and influencing teams to think more securely Experienced in security testing and/or holding relevant certifications (e.g., OSCP, CREST) Benefits £76,500 - £90,000 salary plus performance based incentive awards Role can be based in London office or work remotely within the UK with occasional meetings in London Flexible working hours with trust to work the hours necessary for quality results £1,000 annual learning budget for books, training courses, and conferences Work from home setup support, with all employees receiving MacBooks and additional support for fully remote workers Additional benefits available - full list in our benefits page Equal opportunities We're an equal opportunity employer. All applicants will be considered for employment without attention to age, ethnicity, religion, sex, sexual orientation, gender identity, family or parental status, national origin, or veteran, neurodiversity or disability status.

Monzo's Offensive Security team is looking for a security professional to identify and demonstrate vulnerabilities before others do through testing, red teaming, purple teaming, and adversarial research. Responsibilities Leading offensive security projects from initial idea through to execution and reporting Simulating real world attacks to uncover vulnerabilities across our systems, infrastructure, and products Partnering with engineering and security teams to improve detection, response, and resilience Bringing an attacker mindset into conversations - asking what if? and challenging assumptions Producing proof of concept exploits to clearly demonstrate risk and drive meaningful fixes Mentoring others in the team and acting as a highly independent technical lead on complex engagements Qualifications Strong attacker mindset and natural curiosity about how systems can be broken Hands on experience in offensive security across areas such as web, mobile, cloud, or infrastructure Comfortable working across modern tech stacks (e.g., Kubernetes, AWS/GCP, microservices) or excited to learn Ability to take ownership of ambiguous problems and drive them through to impactful outcomes Enjoys collaborating with others and influencing teams to think more securely Experienced in security testing and/or holding relevant certifications (e.g., OSCP, CREST) Benefits £76,500 - £90,000 salary plus performance based incentive awards Role can be based in London office or work remotely within the UK with occasional meetings in London Flexible working hours with trust to work the hours necessary for quality results £1,000 annual learning budget for books, training courses, and conferences Work from home setup support, with all employees receiving MacBooks and additional support for fully remote workers Additional benefits available - full list in our benefits page Equal opportunities We're an equal opportunity employer. All applicants will be considered for employment without attention to age, ethnicity, religion, sex, sexual orientation, gender identity, family or parental status, national origin, or veteran, neurodiversity or disability status.

Data Governance Manager - Compliance Super Group International, a NYSE-listed online gaming company, is seeking a high performing data governance professional to lead data governance across multiple brands and markets. The role includes responsibility for data quality, regulatory compliance, data stewardship and cross functional collaboration, with scope for progression to senior data leadership. Key Responsibilities Develop, maintain and evolve the organization's data governance framework, ensuring consistent standards across all brands and markets. Maintain enterprise data dictionaries, metadata catalogues, data quality rules and governance processes. Ensure alignment with regulatory requirements including UK GDPR, EU GDPR, AML/KYC and sector specific obligations. Support implementation of data policies, standards and guidelines across the business. Own data quality strategy: profiling, cleansing, monitoring and root cause analysis across core platforms. Identify and resolve data lineage gaps and data integrity issues across complex system landscapes. Oversee data lifecycle management (retention, deletion, minimisation, archival). Partner with engineering teams to implement controls that improve data accuracy, completeness and reliability. Lead the network of data stewards across Product, CRM, Marketing, Fraud, Payments, Trading, Finance and Customer Operations; provide guidance on data ownership, definitions and handling expectations. Serve as central point of contact for cross functional data questions, risks and governance escalations. Train and support teams to adopt good data governance practices. Oversee the creation and maintenance of master data models and standards across customer, player, transactional and marketing datasets. Support implementation of enterprise MDM strategies and integrations where required. Prepare documentation, evidence and governance artefacts for audits, regulatory requests and internal reviews. Maintain data governance controls for data integrity, accuracy, retention and lineage. Assist compliance teams during market entries, new product launches and regulatory submissions. Identify data risks, document findings and oversee remediation plans. Maintain logs of data issues, governance decisions and lessons learned. Support incident response processes for data accuracy, lineage or integrity issues. Develop and deliver training, playbooks, guides and communications to embed a strong data culture. Champion data governance as an enabler of decision making, regulatory compliance and product innovation. Required Qualifications Clear written and verbal communication skills with ability to explain complex ideas. Collaborative mindset working across product and technical teams. Strong organisational skills, capable of managing multiple projects simultaneously. Exceptional attention to detail and commitment to high quality work. Adaptability to fast moving environments. Strong grounding in data governance principles: metadata, lineage, data quality, stewardship and lifecycle management. Hands on experience with complex datasets in data rich environments. Background in iGaming, sports betting, fintech, SaaS, telecom or eCommerce sectors. Experience collaborating with Product, Engineering, Data, CRM, Marketing, Fraud, Security teams. Experience with data governance tools (Collibra, Alation, Informatica, Atlan). Demonstrable experience improving data quality, resolving lineage issues and implementing governance controls. Desirable Skills Knowledge of sports betting markets, odds calculation and trends. Experience in online gaming or casino industry, understanding of player behaviour and regulations. Familiarity with gambling regulations across jurisdictions. Experience in customer retention strategies. Experience in iGaming, online sports betting or adjacent digital gambling. Familiarity with player data flows: KYC/AML, fraud detection, behavioural modelling, marketing journeys, responsible gambling data. Experience in multi brand or multi market data environments. Understanding of GDPR, AML, licensing obligations, data processing and retention regulations. Exposure to data platforms such as Snowflake, BigQuery, Databricks. Prior involvement in regulatory audits, data quality investigations or governance committees. Values & Culture Adaptability Ownership and accountability Initiating action Resilience Team orientation Integrity Innovation Benefits & Development Learning and development programmes to accelerate growth. Performance feedback tools. Employee Assistance Programme. Private health care, dental, life assurance & income protection. Retail discounts. Super Group International is a member of the Betway Group, listed on the New York Stock Exchange (ticker: SGHC). We are committed to building a diverse and inclusive workforce.

THE WORK As a Senior Security Engineer focusing on anti-abuse and threat intelligence, you will lead the design and development of systems and automation to detect, mitigate, and prevent threats targeting Ripple's staff, products, and users. This includes identifying and advising on Advanced Persistent Threats (APTs) targeting the crypto ecosystem, phishing campaigns, impersonation attempts, and social engineering campaigns across web, mobile, and social platforms. You will collaborate closely with Legal, Communications, Brand Security, and third party vendors to build a scalable and proactive threat intelligence capability. WHAT YOU'LL DO Operationalize threat intelligence: Develop systems to detect and disseminate intelligence on threats impacting Ripple and Ripple customers. Automate intelligence sharing: Build tooling, workflows and AI agents to streamline the integration and interpretation of intelligence across Ripple orgs. Analyze attack patterns: Investigate attacker infrastructure and threat trends to advise proactive defenses. Develop internal visibility tools: Create dashboards and alerts to supervise threat detection and public awareness on emerging threats. Assist with incident response: Assist in investigations for sophisticated abuse cases and help implement long term preventative measures. Guide strategy: Advise on threat intelligence standard methodologies, tooling decisions, and vendor integrations to improve Ripple's external security posture. WHAT YOU'LL BRING 5+ years of experience working within a security, abuse prevention, or threat detection domain, ideally with exposure to large scale platforms, FinTech, or crypto environments. Proficiency in Python, Go, or similar languages for building automation and detection systems. Experience investigating cyber threats, phishing, impersonation, or abuse at scale - ideally in FinTech, crypto, or social platforms. Ability to analyze attack trends, extract insights, and drive detection improvements through data. Familiarity with abuse reporting and enforcement APIs (e.g., threat intelligence feeds, social platforms, domain registrars). Strong communication skills and an ability to tailor them to various technical/non technical audiences. Passion for stopping bad actors and building trust in crypto ecosystems. Above all, a teammate that can handle ambitious situations, a rapidly maturing security culture, and an eagerness to mentor less expert engineers. Other common names for this role: Senior Threat Intelligence Engineer, Senior Trust & Safety Engineer. BENEFITS Competitive salary, bonuses, and equity Competitive benefits that cover physical and mental healthcare, retirement, family forming, and family support Employee giving match Mobile phone stipend RR days so you can rest and recharge Generous wellness reimbursement and weekly onsite & virtual programming Generous vacation policy - work with your manager to take time off when you need it Industry leading parental leave policies. Family planning benefits. Catered lunches, fully stocked kitchens with premium snacks/beverages, and plenty of fun events Benefits listed above are for full time employees. LEGAL Ripple is an Equal Opportunity Employer. We're committed to building a diverse and inclusive team. We do not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by local law or ordinance. Please find our UK/EU Applicant Privacy Notice and California Applicant Privacy Notice for reference.

About us Causaly is redefining how humans acquire knowledge and develop insights in biomedicine. Our AI powered platform enables researchers and decision makers to discover and interpret evidence from millions of scientific publications, clinical trials, regulatory documents, and other complex data sources in minutes. We are building the world's most advanced biomedical knowledge platform, powered by a high precision Knowledge Graph and GenAI capabilities. Our technology is already used by leading biopharmaceutical organizations to accelerate drug discovery, improve safety, and drive better decision making. Backed by top tier investors including ICONIQ, Index Ventures, Pentech, and Marathon, we are scaling rapidly and expanding our product suite and market presence. About the Role We are looking for a Senior or Staff Security Engineer to join our security team and own our vulnerability management program, collaborate with several Engineering and Product teams as a Security advisor and support SecOps. You will operate with a high degree of autonomy - defining strategy, building processes, and acting as a trusted security advisor to our engineering organisation. What You'll Do Own the vulnerability management program end to end: strategy, tooling, prioritisation, and remediation tracking across dependencies, containers, and cloud environments. Define and maintain a dependency security strategy, including policies for third party library adoption and update cadence. Integrate and maintain security tooling in CI/CD pipelines (SAST, SCA, secrets detection, container scanning). Act as a security consultant to product and engineering squads - supporting design reviews, architecture decisions, and secure coding practices. Define and maintain security standards and guidelines practical for development teams. Manage and continuously improve the Security Champions program - growing security awareness and capability across engineering teams. Support SecOps in incident triage and response, contributing security engineering context where needed. Requirements Strong knowledge of cloud security - IAM, network security, secure configuration best practices. Hands on experience with security tooling in CI/CD pipelines (SAST, SCA, secrets scanning, container scanning). Proven experience in a vulnerability management role, through the entire lifecycle. Passionate and knowledgeable about using LLMs for building robust security practices, including triage, secure code review, threat analysis and tooling. In depth knowledge of secure coding practices in Node.js, TypeScript, Python, and/or React. Familiarity with security frameworks and standards (e.g. OWASP, NIST, CIS Benchmarks). Strong communication skills, with the ability to translate risk for both technical and non technical audiences. Nice to Have Experience with Semgrep for static analysis and custom rule authoring. Experience with Wiz for cloud security posture management. Experience running or contributing to a Security Champions program. Experience with threat modelling (e.g. STRIDE). Familiarity with SOC 2 and ISO 27001. Relevant certifications are considered a plus (e.g. CISSP, IaaS specific certifications). Benefits UK Competitive compensation package Private medical insurance Private dental insurance Life insurance (4 salary) Personal development budget Individual wellbeing budget 25 days holiday plus bank holidays Your birthday off! Potential to have real impact and accelerated career growth as a member of an international team that's building a transformative AI product. We are on a mission to accelerate scientific breakthroughs for all humankind, and we welcome applications from all backgrounds and fairly consider qualified candidates without regard to race, ethnicity or national origin, gender, gender identity or expression, sexual orientation, disability, neurodiversity, genetics, age, religion or belief, marital/civil partnership status, domestic / family status, veteran status or any other difference.