At a Glance
- Tasks: Architect secure frameworks for AI and DevSecOps, ensuring robust security controls.
- Company: Join iProov, a leader in biometric identity assurance with a diverse and inclusive culture.
- Benefits: Enjoy 25 days leave, growth shares, flexible working, and wellness perks.
- Other info: Dynamic team environment with excellent career growth opportunities.
- Why this job: Make a real impact on security in cutting-edge AI environments.
- Qualifications: Experience in software engineering, cloud security, and AI threat landscapes required.
The predicted salary is between 60000 - 80000 £ per year.
Senior Security Engineer (AI & Dev Ops)
About i Proov i Proov provides science-based biometric solutions that enable the world's most security-conscious organizations to streamline secure remote onboarding and authentication for digital and physical access.
Our award-winning liveness technology and i SOC offer unmatched resilience against deepfakes and generative AI threats while ensuring effortless, scalable user experiences.
Trusted by leading governments and enterprises, including the U.
Department of Homeland Security, U.
Home Office, Gov Tech Singapore, ING, and UBS, i Proov sets the standard in biometric identity assurance.
This global trust is built not only on our technology but on the strength of the people behind it.
For us, diversity at i Proov is about reflecting the customers we serve, holding the principles of equality and inclusion at the heart of everything we do and all that we stand for, embracing differences, creating possibilities, and growing together.
We aim to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work, feel included, and their talents are nurtured, empowering them to contribute fully to our purpose.
The Role
- Reports to: Head of Cybersecurity
- Comp: $ (Base) + Company Performance Bonus (20%) + Share Options + US i Proov Benefits
The role was created specifically to provide the technical security depth that will allow us to accelerate our adoption of agentic AI, equipping developers and data scientists building our biometric products with the tools and workflows to use AI safely and at pace.
You will work as the direct counterpart to our GRC-focused Info Sec Manager, owning the engineering and implementation side of our security posture across cloud infrastructure, developer workflows, AI systems, and our core security toolstack.
This is a role for someone who has built and shipped software or infrastructure and brings that experience into a security context.
- How you can make an impact
- Architect and deploy the secure technical framework that governs the security controls for how our developers and scientists use agentic AI, including AI coding assistants, autonomous agents, and LLM-integrated tooling.
Given that these systems can autonomously access data, execute code, and interact with external services, the guardrails you design will need to address a substantially broader attack surface than traditional AI tooling, and must hold up in a context where the underlying data is among the most sensitive we handle.
- Be the primary technical security voice in decisions around the use and deployment of externally developed AI, ensuring the right controls are in place from the onset
- Continuously mature automated security controls into CI/CD pipelines and infrastructure-as-code deployments, championing the Dev Sec Ops culture across a large engineering organisation.
- Take hands-on ownership of our core security technology stack, including Wiz, Crowd Strike, Google Sec Ops, and Tailscale, ensuring these platforms are correctly configured, tuned, and integrated.
- Drive continuous technical delivery of strategic security initiatives, systematically identifying, triaging, and closing gaps across our cloud environments, internal networks, and developer workflows.
- Provide technical oversight of the security of the data pipelines feeding our internal AI systems and, critically, the permissions and access boundaries of agentic AI systems reaching out into other environments, enforcing the principle of least privilege, maintaining audit trails, and ensuring sensitive data and code integrity is handled with the rigour required.
- Complement the work of our existing biometric and product focused Red Team by owning security coverage of the Dev Sec Ops surface, the build pipeline, internal toolchain, cloud environments and developer infrastructure.
- Act as the primary technical security partner to our GRC-focused Info Sec Manager, translating governance and compliance mandates into concrete, automated engineering controls.
- Represent the technical security function in external audits.
This includes presenting evidence of controls, articulating the security posture of our cloud and AI environments to auditors, and working closely with the Info Sec Manager to ensure the technical substance behind our compliance position is clearly and credibly communicated.
- What we would like to see from you
- A foundational background in software engineering or Dev Ops before moving into a dedicated security role: you understand how code is written, tested, and deployed, and that experience is central to how you approach security problems.
- Proven, hands-on experience securing modern cloud infrastructure and containerised environments, with a solid understanding of infrastructure-as-code principles and the security implications of how infrastructure is defined and provisioned.
- Proficiency in deploying and administering enterprise security platforms, ideally with direct experience managing tools spanning CNAPP, EDR, SIEM, and zero-trust networking.
- A heavy and active user of AI in both professional and personal contexts, including agentic AI tools and coding assistants, with a grounded understanding of the evolving AI threat landscape, including model supply chain risks, prompt injection, data exfiltration, agent misuse, and LLM-specific attack vectors.
- Scripting and automation capability, particularly in Python, to build internal tooling, automate security checks, and reduce reliance on manual processes across the security function.
- Prior experience or a demonstrated practical interest in securing AI workloads, data pipelines, and machine learning environments.
- The communication skills to collaborate effectively with highly technical stakeholders, champion security initiatives without hindering developer productivity, and translate risk into language that resonates with both engineering peers and business leadership, including the confidence to present technical security evidence clearly in formal external audit settings.
Benefits
- 25 days Annual Leave, plus 8 Bank Holidays (more holiday with service - up to an extra 5 days off per year based on your continuous service)
- Growth Shares allocated after passing probation (6 months of service)
- Salary sacrifice schemes including: Pension, Cycle To Work and Electric Car Scheme
- Nursery Sacrifice Scheme
- Work Overseas Perk - Work globally for up to 2 weeks
- Life Assurance
- Smart Health - Access to private GP, Psychologist, Nutritionist along with tailored fitness plans for both you and your family
- Benefit from personalized 1:1 career coaching with our in-house Occupational Psychologist
- Award winning L&D platform with personal allocated training budgets
- Enhanced paid family leave
- Pension - 5% employee, 3% employer
- Flexible hybrid working environment
- Free Barista Coffee/Tea, biscuits with fruit in the We Work office
- Free access to We Work discounts and free online well-being sessions
- Vitality Health - a range of options available on this below
The Vitality Programme includes a number of reward benefits that all employees have access to as part of the plan, for example:
- Private Health cover including Dental, Optical, and Audiology
- 50% off monthly gym memberships
- Apple watches significantly discounted based member vitality status
- Half price trainers with Runners Need
- Weekly rewards – Free coffee with Café Nero
- Monthly rewards – Free Cinema ticket
- Discounts on travel with Expedia (hotels) and Mr & Mrs Smith with discounts getting greater throughout the year based on a members vitality status
- Amazon prime free months based on activity
- Up to 25% cashback at Waitrose when buying healthy foods
- 75% off stays at Champneys Health Spas
- Allen Carr's £299 no smoking programme for free
- Access to Vitality Healthy Mind with 30% off Headspace subscriptions and the ability to earn Vitality points for using Buddhify, Calm and Headspace
- Discounts on Weight Watchers
- 50%-80% off Comprehensive Private Health screenings
- Our Culture & Recruitment Process
At i Proov, we're incredibly proud of the culture we've carefully curated.
Our culture enables diverse thought, curiosity and innovation.
Our team strives to do everything to the highest standard possible to achieve the remarkable.
To do that we need different perspectives, experiences and ideas alongside an environment where these are welcomed - we want everyone to feel confident in bringing their full capabilities to work.
We firmly believe psychological safety is key to building and nurturing great teams.
We're a small and dynamic company, that means having the right skills is important, and we know that our best work emerges when people feel secure, welcomed and respected.
As an equal opportunities employer, we encourage applications from people of all backgrounds.
We're committed to building a workforce that is representative of the people we serve.
We will not put someone at a disadvantage or treat them less favourably because of race, color, national origin, ancestry, age, disability, creed, religion or belief, sex, sexual orientation, gender reassignment, marriage or civil partnership, or pregnancy and maternity.
Our goal is to find people who are passionate about creating a safer, more secure world.
Our recruitment process is designed to be fair and transparent, focusing solely on your qualifications, competence, and suitability for the role.
We review all applications carefully and will be in touch with shortlisted candidates regarding the next steps in our interview process.
If you need an adjustment for a disability or any other reason during the hiring process, please send a request to careers@iproov. com
StudySmarter Expert Advice🤫
We think this is how you could land Remote Senior Security Engineer (AI & DevSecOps) in York
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Grabjobs, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through Grabjobs
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Grabjobs. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Remote Senior Security Engineer (AI & DevSecOps) in York
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Grabjobs insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Grabjobs that you’re committed to staying ahead in the game.
How to prepare for a job interview at Grabjobs
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at Grabjobs to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Grabjobs.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.