Remote Senior Security Engineer (AI & DevSecOps) in Glasgow

Remote Senior Security Engineer (AI & DevSecOps) in Glasgow

Glasgow Full-Time 60000 - 80000 £ / year (est.) No working from home possible
iProov

At a Glance

  • Tasks: Secure AI systems and cloud infrastructure while driving DevSecOps culture.
  • Company: Join iProov, a leader in biometric identity assurance with a focus on diversity.
  • Benefits: Enjoy flexible hybrid work, competitive salary, and extensive health benefits.
  • Other info: Dynamic team environment with opportunities for personal and professional growth.
  • Why this job: Make a real impact in securing cutting-edge AI technologies and developer workflows.
  • Qualifications: Experience in software engineering, cloud security, and AI threat landscape.

The predicted salary is between 60000 - 80000 £ per year.

About iProov

iProov provides science-based biometric solutions that enable the world’s most security-conscious organizations to streamline secure remote onboarding and authentication for digital and physical access. Our award-winning liveness technology and iSOC offer unmatched resilience against deepfakes and generative AI threats while ensuring effortless, scalable user experiences.

For us, diversity at iProov is about reflecting the customers we serve, holding the principles of equality and inclusion at the heart of everything we do and all that we stand for, embracing differences, creating possibilities, and growing together. We aim to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work, feel included, and their talents are nurtured, empowering them to contribute fully to our purpose.

Reports to: Head of Cybersecurity

Location: WeWork Waterloo - Hybrid

The role was created specifically to provide the technical security depth that will allow us to accelerate our adoption of agentic AI, equipping developers and data scientists building our biometric products with the tools and workflows to use AI safely and at pace. You will work as the direct counterpart to our GRC-focused InfoSec Manager, owning the engineering and implementation side of our security posture across cloud infrastructure, developer workflows, AI systems, and our core security toolstack. This is a role for someone who has built and shipped software or infrastructure and brings that experience into a security context.

  • Architect and deploy the secure technical framework that governs the security controls for how our developers and scientists use agentic AI, including AI coding assistants, autonomous agents, and LLM-integrated tooling.
  • Be the primary technical security voice in decisions around the use and deployment of externally developed AI, ensuring the right controls are in place from the onset.
  • Continuously mature automated security controls into CI/CD pipelines and infrastructure-as-code deployments, championing the DevSecOps culture across a large engineering organisation.
  • Take hands-on ownership of our core security technology stack, including Wiz, CrowdStrike, Google SecOps, and Tailscale, ensuring these platforms are correctly configured, tuned, and integrated.
  • Drive continuous technical delivery of strategic security initiatives, systematically identifying, triaging, and closing gaps across our cloud environments, internal networks, and developer workflows.
  • Provide technical oversight of the security of the data pipelines feeding our internal AI systems and, critically, the permissions and access boundaries of agentic AI systems reaching out into other environments, enforcing the principle of least privilege, maintaining audit trails, and ensuring sensitive data and code integrity is handled with the rigour required.
  • Complement the work of our existing biometric and product focused Red Team by owning security coverage of the DevSecOps surface, the build pipeline, internal toolchain, cloud environments and developer infrastructure.
  • Act as the primary technical security partner to our GRC-focused InfoSec Manager, translating governance and compliance mandates into concrete, automated engineering controls.
  • Represent the technical security function in external audits, presenting evidence of controls, articulating the security posture of our cloud and AI environments to auditors, and working closely with the InfoSec Manager to ensure the technical substance behind our compliance position is clearly and credibly communicated.

A foundational background in software engineering or DevOps before moving into a dedicated security role: you understand how code is written, tested, and deployed, and that experience is central to how you approach security problems.

Proven, hands-on experience securing modern cloud infrastructure and containerised environments, with a solid understanding of infrastructure-as-code principles and the security implications of how infrastructure is defined and provisioned.

Proficiency in deploying and administering enterprise security platforms, ideally with direct experience managing tools spanning CNAPP, EDR, SIEM, and zero-trust networking.

A heavy and active user of AI in both professional and personal contexts, including agentic AI tools and coding assistants, with a grounded understanding of the evolving AI threat landscape, including model supply chain risks, prompt injection, data exfiltration, agent misuse, and LLM-specific attack vectors.

Scripting and automation capability, particularly in Python, to build internal tooling, automate security checks, and reduce reliance on manual processes across the security function.

Prior experience or a demonstrated practical interest in securing AI workloads, data pipelines, and machine learning environments.

The communication skills to collaborate effectively with highly technical stakeholders, champion security initiatives without hindering developer productivity, and translate risk into language that resonates with both engineering peers and business leadership, including the confidence to present technical security evidence clearly in formal external audit settings.

25 days Annual Leave, plus 8 Bank Holidays (more holiday with service - up to an extra 5 days off per year based on your continuous service) ~ Growth Shares allocated after passing probation (6 months of service) ~ Salary sacrifice schemes including: Pension, Cycle To Work and Electric Car Scheme ~ Work Overseas Perk - Work globally for up to 2 weeks ~ Life Assurance ~ SmartHealth - Access to private GP, Psychologist, Nutritionist along with tailored fitness plans for both you and your family ~ Award winning L&D platform with personal allocated training budgets ~ Enhanced paid family leave ~ Pension - 5% employee, 3% employer ~ Flexible hybrid working environment ~ Free Barista Coffee/Tea, biscuits with fruit in the WeWork office ~ Free access to WeWork discounts and free online well-being sessions ~ Private Health cover including Dental, Optical, and Audiology ~50% off monthly gym memberships ~ Apple watches significantly discounted based member vitality status ~ Weekly rewards – Free coffee with Café Nero ~ Discounts on travel with Expedia (hotels) and Mr & Mrs Smith with discounts getting greater throughout the year based on a members vitality status ~ Up to 25% cashback at Waitrose when buying healthy foods ~Discounts on Weight Watchers ~50%-80% off Comprehensive Private Health screenings.

We firmly believe psychological safety is key to building and nurturing great teams. We’re a small and dynamic company, that means having the right skills is important, and we know that our best work emerges when people feel secure, welcomed and respected.

We’re committed to building a workforce that is representative of the people we serve. We will not put someone at a disadvantage or treat them less favourably because of race, color, national origin, ancestry, age, disability, creed, religion or belief, sex, sexual orientation, gender reassignment, marriage or civil partnership, or pregnancy and maternity. If you need an adjustment for a disability or any other reason during the hiring process, please send a request to careers@iproov.

iProov

Contact Details:

iProov Recruitment Team

We think you need these skills to ace Remote Senior Security Engineer (AI & DevSecOps) in Glasgow

Cloud Security
DevSecOps
AI Security
Infrastructure-as-Code
Container Security
Scripting in Python
Security Automation