Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our Security team to protect user data and enhance security measures.
- Company: Flo is the world's #1 health app, revolutionising female health with over 75M monthly users.
- Benefits: Enjoy competitive salary, flexible working, and a 5-week paid sabbatical after 5 years.
- Other info: Diversity and inclusion are at our core; we welcome applicants from all backgrounds.
- Why this job: Be part of a mission-driven team making a real impact on women's health.
- Qualifications: 7+ years in information security, AWS experience, and coding skills required.
The predicted salary is between 48000 - 84000 £ per year.
400M+ downloads. 75M+ monthly users. A decade of building – and we\’re still accelerating.
Flo is the world\’s #1 health app on a mission to build a better future for female health. Backed by a $200M investment led by General Atlantic, we became the first product of our kind to reach a $1B valuation in 2024 – and we\’re not slowing down.
With 6M paid subscribers and the highest-rated experience in the App Store\’s health category, we\’ve spent 10 years earning trust at scale. Now, we\’re building the next generation of digital health – AI-powered, privacy-first, clinically backed – to help our users know their body better.
The job
Your role as the Security Engineer will be pivotal in supporting Flo Health\’s overall security posture. Working alongside our small but powerful Security team, you will help protect our applications and infrastructure by managing vulnerabilities, responding to incidents, and implementing security measures at scale. You\’ll also contribute to developing custom tooling and embedding security best practices into our product lifecycle to ensure we stay ahead of emerging threats.
What you will do:
- Developing regular touchpoints with key stakeholders.
- Manage Vulnerabilities: Triage newly discovered vulnerabilities, investigate potential risks, verify that fixes are effective, and drive remediation efforts across teams.
- Implement Security Measures: Support teams by configuring WAF rules, setting rate limits, and deploying additional controls to protect our environment.
- Develop Custom Security Tooling: Contribute to the creation and maintenance of in-house tools that enhance our security capabilities and automation.
- Product Security Support: Assist in security assessments, threat modeling, and penetration testing, working closely with the Product Security team.
- Secure Development Lifecycle: Help implement and improve security gates within the SDLC.
- Adapt & Collaborate: Be prepared to dive into any emerging security challenges. We\’re a small team with big responsibilities, and flexibility is key.
- Investigate and triage security alerts, manage security incidents.
- Gather, curate and communicate threat intelligence.
- Support and advise business stakeholders in relation to cyber security issues.
- Generate reports for both technical and non-technical staff and stakeholders.
What you bring:
- At least 7 years of experience in the information security field.
- Hands-on experience with AWS (or similar cloud platforms) and Cloudflare.
- Infrastructure as Code: Proficiency with Terraform or similar IaC tools.
- Vulnerability Knowledge: Solid understanding of common vulnerability classes and the OWASP Top 10.
- Coding & Scripting: Proficient in reading code (e.g., Python, Scala) and using Git for version control of code and configuration changes.
- Familiarity with iOS or Android security.
- Experience of industry-standard SIEM and vulnerability scanning tools.
Nice to have:
- Relevant industry certifications (CISSP, OSCP, etc.).
- Experience of supporting audits such as ISO27001.
- Experience of working with security risk management frameworks such as ISO31000.
- Knowledge of security control frameworks such as CIS, NIST800-53 and ISO27001.
How we work
We\’re a mission-led, product-driven team. We move fast, stay focused and take ownership – from brief to build to impact. Debate is encouraged. Decisions are shared. We care about craft, ship with purpose, and always raise the bar.
You\’ll be working with people who take their work seriously, not themselves. It takes commitment, resilience, and the drive to keep going when things get tough. Because better health outcomes are worth it.
What you\’ll get
We support impact with meaningful reward. Here\’s what that looks like:
- Competitive salary and annual reviews
- Opportunity to participate in Flo\’s performance incentive scheme
- Paid holiday, sick leave, and female health leave
- Enhanced parental leave and pay for maternity, paternity, same-sex and adoptive parents
- Accelerated professional growth through world-changing work and learning support
- Flexible office + home working, up to 2 months a year working abroad
- 5-week fully paid sabbatical at 5-year Floversary
- Flo Premium for friends & family, plus more health, pension and wellbeing perks
Diversity, equity and inclusion
Our strength is in our differences. At Flo, hiring is based on merit, skill and what you bring to the role – nothing else. We\’re proud to be an equal opportunity employer, and we welcome applicants from all backgrounds, communities and identities. Read our privacy notice for job applicants. #J-18808-Ljbffr
Senior Security Engineer employer: Flo Health
Contact Detail:
Flo Health Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Security Engineer
✨Tip Number 1
Familiarise yourself with Flo's mission and values. Understanding their focus on female health and how they leverage technology will help you align your experience and skills with their goals during discussions.
✨Tip Number 2
Network with current or former employees of Flo Health. Engaging with them can provide insights into the company culture and specific challenges they face, which you can address in your conversations.
✨Tip Number 3
Stay updated on the latest trends in cybersecurity, especially those relevant to mobile applications and cloud security. Being able to discuss recent developments or threats can demonstrate your expertise and proactive approach.
✨Tip Number 4
Prepare to discuss your hands-on experience with AWS and Infrastructure as Code tools like Terraform. Be ready to share specific examples of how you've implemented security measures in previous roles, as this will showcase your practical knowledge.
We think you need these skills to ace Senior Security Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in information security, particularly focusing on your hands-on experience with AWS, Cloudflare, and Infrastructure as Code tools like Terraform. Use specific examples to demonstrate your skills in managing vulnerabilities and implementing security measures.
Craft a Compelling Cover Letter: In your cover letter, express your passion for digital health and how your background aligns with Flo's mission. Mention your experience with security assessments, threat modelling, and penetration testing, and explain how you can contribute to the team’s goals.
Showcase Relevant Certifications: If you have any industry certifications such as CISSP or OSCP, be sure to include them prominently in your application. This will help demonstrate your commitment to the field and your expertise in security best practices.
Highlight Soft Skills: Flo values flexibility and collaboration. In your application, mention experiences where you've successfully adapted to new challenges or worked closely with stakeholders. This will show that you can thrive in their dynamic environment.
How to prepare for a job interview at Flo Health
✨Showcase Your Experience
With at least 7 years in the information security field, be ready to discuss specific projects or challenges you've faced. Highlight your hands-on experience with AWS and Cloudflare, as well as any relevant tools you've used.
✨Demonstrate Problem-Solving Skills
Prepare to discuss how you've triaged vulnerabilities and managed security incidents in the past. Use examples that showcase your ability to adapt and collaborate with teams to implement effective security measures.
✨Familiarise Yourself with Their Tech Stack
Research Flo's technology and security practices. Understanding their use of Infrastructure as Code tools like Terraform and familiarity with mobile security will show your genuine interest and readiness to contribute.
✨Prepare for Technical Questions
Expect questions on common vulnerability classes and the OWASP Top 10. Brush up on your coding skills, especially in Python or Scala, as you may need to demonstrate your ability to read and understand code during the interview.