Security Platform Engineering Manager in London

We are looking to expand and mature further our Platform Engineering capabilities by introducing a Security Platform Engineering team, with a goal to make secure by default the best and easiest path for squads building customer facing services. This team will engineer and operate reusable security capabilities as internal products, embedding security controls directly into infrastructure, CI/CD pipelines and service templates. Working closely with Cloud Platform Engineering, Security Operations and other engineering squads, the function will focus on reducing risk through automation, consistency and developer experience.

We are looking for a Security Platform Engineering Manager to define, build and operate a portfolio of reusable security capabilities that can be consumed by engineering squads as part of our product delivery. This role will combine technical leadership with hands on engineering, ensuring that security controls are delivered as code, embedded into infrastructure and CI/CD pipelines, and aligned to our AWS first, Terraform led platform model. The successful candidate will be responsible for shaping the roadmap, forming the team to deliver it, driving adoption across build and run squads, and ensuring that security becomes a scalable, automated and measurable capability rather than a manual or reactive process.

ROLE AND RESPONSIBILITIES

• Work with the Head of Cloud and security stakeholders to define the strategic direction and technical vision of security platform engineering at CMC.
• Build and lead a small team responsible for delivering security capabilities as reusable platform "products".
• Own the roadmap and technical delivery of these capabilities across cloud infrastructure, CI/CD, IAM, application integration patterns and more.
• Engage and collaborate with internal customers and understand up and coming use cases for the security platform.
• Deliver hands on contributions to the platform; set technical standards and approach.
• Operate and support the security platform services with clear reliability expectations and continuous improvement.
• Drive measurable adoption of security platform services across engineering teams and report on coverage, risk reduction and maturity.
• Stay up-to-date on industry trends and emerging technologies and incorporate them into the platform roadmap as necessary.
• Mentor and coach the team through pairing, feedback and your behaviour.

KEY SKILLS AND EXPERIENCE

Required:

• Demonstrable experience in the following:
• Securing cloud native workloads, ideally within AWS and serverless architectures.
• Managing services required to deliver secure applications such as firewalls, package management and secrets management.
• Deep understanding of IAM, least privilege access design and secure service to service communication patterns.
• Integrating security controls into CI/CD pipelines, preferably using GitHub Actions.
• Enforcing security standards on Infrastructure as Code (e.g. via Policy as Code).
• Ability to translate regulatory or security policy requirements into practical, automated engineering controls.
• Leading team technical delivery in a cross functional environment with multiple stakeholder groups.
• Building and operating security capabilities at scale to support product development.

Preferred:

• Experience writing Terraform to configure and manage security tooling and services.
• Experience with GitHub Advanced Security features such as code scanning, dependency review and secret scanning.
• Experience in developing hardened golden image pipelines for containers and virtual machines.
• Experience integrating Wiz or similar CNAPP tools into developer workflows.
• Experience delivering identity or access management capabilities as shared internal services.
• Experience operating in a Platform Engineering model supporting build and run squads in a regulated environment.

CMC Markets is an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of gender, sexual orientation, marital or civil partner status, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.