At a Glance
- Tasks: Own tooling and automation for application security, integrating security into CI/CD pipelines.
- Company: Hopper's Security team is small but impactful, focusing on making security invisible to developers.
- Benefits: Work with AI tools extensively and enjoy a builder's role in a dynamic environment.
- Other info: Experience with GCP/GKE or equivalent cloud infrastructure is ideal.
- Why this job: Join a pivotal role that influences engineering culture around security without slowing down development.
- Qualifications: At least 5 years in software/platform engineering with deep application security experience required.
The predicted salary is between 60000 - 80000 Β£ per year.
Requirements
- At least 5 years experience in software and/or platform engineering, with the ability to design, build, and maintain production-quality tools.
- Deep experience in application security and vulnerability management β understanding CVEs, dependency risks, container security, and SDLC integration.
- Hands-on experience with cloud infrastructure, ideally GCP/GKE or equivalent, with the ability to adapt to our stack.
- A demonstrated habit of using AI tools β coding assistants, LLMs β as a core part of how you build and analyse.
- A bias toward automation β instinctively writing a tool for repetitive manual tasks.
- Comfort with ambiguity and ownership β making judgment calls on priority, approach, and scope without waiting for direction.
- Experience influencing engineering culture around security, making developers care without slowing them down.
- Strong written and verbal communication skills, including the ability to articulate our security posture clearly to customers when needed.
What the job involves
- Owning the tooling, automation, and processes that keep our applications secure across their entire lifecycle.
- Building systems that make security invisible to developers and unavoidable by default.
- Writing code, shipping tools, and using AI as a core part of how you work.
- Owning and evolving our vulnerability management program with a focus on application security β container images, dependencies, code scanning, and runtime detection.
- Building and maintaining security tooling that integrates directly into CI/CD pipelines and developer workflows.
- Using AI extensively to write code faster, automate analyses, and build intelligent tooling.
- Assessing and improving how we leverage available telemetry across our systems.
- Working directly with engineering teams to influence secure development practices by shipping tools and defaults.
- Investigating and responding to security findings when needed, while focusing on building systems that prevent and detect issues.
- Adapting quickly as priorities shift in an agile team environment.
Senior Security Engineer employer: Hopper
Hopper offers a unique opportunity to work in a small yet influential security team in a fast-paced environment. Employees benefit from using cutting-edge AI tools and have the chance to shape secure development practices directly. The company is committed to making security seamless for developers while maintaining agility in addressing challenges.
We think you need these skills to ace Senior Security Engineer
Application Security
Vulnerability Management
Cloud Infrastructure (GCP/GKE or equivalent)
AI Tools Usage
Automation
Security Tooling Development
CI/CD Integration
