Senior Software Security Developer – Core Platform Services

About us

PhysicsX is a deep-tech company with roots in numerical physics and Formula One, dedicated to accelerating hardware innovation at the speed of software. We are building an AI-driven simulation software stack for engineering and manufacturing across advanced industries. By enabling high-fidelity, multi-physics simulation through AI inference across the entire engineering lifecycle, PhysicsX unlocks new levels of optimization and automation in design, manufacturing, and operations — empowering engineers to push the boundaries of possibility. Our customers include leading innovators in Aerospace & Defense, Materials, Energy, Semiconductors, and Automotive.

The Role

We are recruiting for a Senior Software Security Developer within our Core Platform Services Team. You will be responsible primarily for writing secure code components that many teams will use across the business. There is a strong emphasis on authentication for this role.

What you will do

• Design and implement platform security features and guardrails.
• Act as an SME for security for the Core Services development team, including mentoring, performing threat modeling, and security code reviews.
• Help shape incident response procedures and vulnerability management workflows.
• Support the response team by validating and remediating product security vulnerabilities.
• Contribute to secure coding standards and provide training/mentorship to developers.

What you bring to the table

• 8+ years in a developer role focused with strong focus on designing and building security features.
• Extensive RBAC/ABAC knowledge and implementation experience.
• Experience with user, agent, and machine authentication workflows.
• Hands-on experience with secure coding, OWASP Top 10, and threat modeling.
• Strong developer skills and extensive experience shipping code to production.
• Experienced in CI/CD, IaC, Python, and Go.
• Track record of balancing pragmatism and security rigor in a fast-paced team.
• Thorough knowledge of authentication and authorization protocols (e.g., OAuth, OpenID Connect, SAML, LDAP, etc.).
• Strong communication skills, comfortable working across development teams and managing multiple initiatives.

Nice to Have Skills

• Strong understanding of AI security fundamentals.
• Participation in bug bounty programs.
• Familiarity with the BSIMM framework.
• Experience in cloud security including identity and access management and cloud-native services.

What we offer

• Build what actually matters: Help shape an AI-native engineering company at a formative stage, tackling problems that genuinely matter for industry and society.
• Learn alongside exceptional people: Work with a high-caliber, collaborative team of engineers, scientists, and operators who care deeply about doing great work, and about helping each other get better.
• Influence over hierarchy: We operate with a flat structure; good ideas win - wherever they come from.
• Sustainable pace, long-term ambition: Building meaningful technology is a marathon, not a sprint.
• Equity options: Share meaningfully in the company you’re helping to build.
• 10% employer pension contribution.
• Free office lunches.
• Enhanced parental leave: 3 months full pay paternity and 6 months full pay maternity leave.
• YellowNest nursery scheme.
• 25 days of Annual Leave (+ Public Holidays).
• Private medical insurance: 100% employee cover.
• Wellhub Subscription: Access to thousands of gyms, classes, and wellness apps.
• Eye tests.
• Personal development: Dedicated support for learning, development, and leveling up over time.
• Employee Assistance Programme (EAP): Confidential wellbeing support.
• Bike2Work scheme and Season ticket loan.
• Octopus EV salary sacrifice.

We value diversity and are committed to equal employment opportunity regardless of sex, race, religion, ethnicity, nationality, disability, age, sexual orientation or gender identity. We strongly encourage individuals from groups traditionally underrepresented in tech to apply.