At a Glance
- Tasks: Identify and improve security metrics, introduce security tooling, and educate developers on secure coding.
- Company: Join a software-focused organisation that promotes rapid feature release through collaboration.
- Benefits: On-site working arrangement and the opportunity to work with multi-functional teams.
- Other info: Candidates must have the right to work in the UK.
- Why this job: Drive security improvements in a DevSecOps environment within a collaborative software development team.
- Qualifications: Experience in information security engineering and comprehensive software development knowledge required.
The predicted salary is between 60000 - 80000 £ per year.
Our client is a software-focused organisation that empowers multi-functional teams to rapidly iterate and release new features. In a strongly collaborative culture—through activities like pair programming and close working with editorial and commercial colleagues—this role applies information security best practices in a DevSecOps environment to help deliver secure outcomes from the start. You’ll join a software development team with subject matter expertise, driving security improvements through tooling, automation, metrics, and secure coding guidance.
Role Overview
The Security Engineer will partner with software engineering teams and the Information Security function to ensure engineering initiatives are aligned with the organisation’s information security strategy, embedding secure‑by‑design and secure‑by‑default practices across development and delivery.
Key Skills & Experience
- Demonstrated experience in information security engineering within a software engineering environment
- Comprehensive experience in software development and security engineering best practices
- In‑depth understanding of security engineering, including networking, software supply chain, and application security
- Familiarity with current and emerging information security standards (e.g., NIST Secure Software Development Framework, SLSA)
- Ability to translate product and business requirements into technical solutions
- Excellent communication skills, including experience communicating at internal/external events
Key Responsibilities
- Identify, develop, and improve metrics that drive desired behaviour and security outcomes
- Introduce and maintain security tooling to help teams efficiently secure services and reduce attack surface
- Assure implementation of security and control policies through automation and DevSecOps best practices (secure by design and default)
- Educate developers and support teams to expand secure coding best practices and achieve security goals
- Build close working relationships with the Information Security team to align engineering initiatives with the organisation’s information security strategy
- Work collaboratively within multi-functional, empowered teams rather than in isolation
Requirements
- Demonstrated experience in information security engineering
- Comprehensive experience in software development
- Experience leading in identifying and disseminating best practice
- On‑site working arrangement (as required by the organisation)
- Right to work in the UK (UK contract)
Nice to Have (Optional)
- Experience communicating with internal/external stakeholders at events
If you’re experienced in information security engineering and DevSecOps practices, apply now to join our client’s security‑focused software development team.
Security Engineer employer: Gravitas Group
This client is dedicated to empowering teams to innovate quickly while ensuring security. Located in the UK, they foster a collaborative culture with practices like pair programming. The team values close relationships between software engineers and the Information Security function.
