Security Engineer Technology (Product, Engineering, Design) · London ·

About RedCloud

The global supply chain is broken—creating a $2 trillion inventory gap where essential consumer goods fail to reach the people who need them. Brands miss sales, distributors mismanage stock, and retailers face empty shelves. The result? Higher prices, slower growth, and lost opportunity across the board.

RedCloud is fixing this. Our RedAI digital trading platform, bulk and retail trading exchanges connect key parts of the supply chain—enabling bulk inventory exchange, streamlined digital payments, and generating vast quantities of aggregated market data. By applying AI and machine learning techniques, we deliver predictive market insight and trading recommendations straight back to the trading environment—facilitating smarter everyday business decisions for our customers, from factory to warehouse to store.

Headquartered in London, RedCloud became a publicly listed company on Nasdaq (RCT) in March 2025. With a diverse team spanning many nationalities and operations across Africa, the Middle East, Europe, and Latin America. We’re building a more connected and efficient global trade network. Our AI labs are busy exploring the next generation of smart AI agents and deeper FMCG market intelligence for the benefit of our customers across a growing operational footprint.

The role

We are seeking a highly skilled and talented Security Engineer to join our team. As a top tier professional, you will play a critical role in planning and executing offensive engagements, demonstrating exceptional technical prowess and expertise in hacking and security assessments.

Responsibilities

• Application Security Assessments: Conduct thorough security assessments of applications, including vulnerability assessments, penetration testing, and code reviews to identify and address potential security weaknesses.
• Secure Software Development: Collaborate with development teams to integrate security practices into the software development life cycle, ensuring secure coding techniques, security controls, and secure configuration management.
• Security Architecture: Design, implement, and maintain secure application architectures, frameworks, and guidelines, incorporating industry standards and best practices.
• Threat Modelling: Conduct threat modelling exercises to identify and prioritize potential security risks, assisting in the design and implementation of effective security controls.
• Secure Coding Guidelines: Develop and enforce secure coding guidelines, standards, and best practices, ensuring the proper implementation of security controls within application code.
• Vulnerability Management: Monitor and respond to security vulnerabilities and advisories, coordinating vulnerability scanning, patch management, and remediation activities.
• Incident Response: Participate in incident response activities related to application security incidents, including investigations, forensic analysis, and remediation efforts.
• Security Awareness and Training: Develop and deliver application security training and awareness programs to promote a culture of secure coding practices among developers and stakeholders.
• Security Tools and Automation: Evaluate, implement, and manage security tools and automation frameworks for continuous monitoring, testing, and security verification of applications.
• Research and Innovation: Stay updated on emerging application security threats, technologies, and industry trends, providing recommendations for continuous improvement and innovation.

Requirements

• Expertise: Extensive experience in application security, with a deep understanding of secure coding practices, secure development methodologies, and common application vulnerabilities.
• Technical Knowledge: Strong knowledge of web application technologies, programming languages (such as Java, Python, or JavaScript), web frameworks, and associated security controls.
• Certifications: Relevant certifications such as Advanced Web Attacks and Exploitation (OSWE), or Offensive Security Certified Professional (OSCP) are highly desirable.
• Analytical Skills: Excellent analytical and problem-solving abilities to identify and address application security vulnerabilities effectively.
• Communication: Strong communication skills, both verbal and written, to effectively convey complex application security concepts to technical and non-technical stakeholders.
• Adaptability and Agility: Demonstrated ability to adapt quickly to changing application security landscapes, think strategically, and make sound decisions under pressure.
• Ethics and Integrity: High ethical standards, maintaining confidentiality and demonstrating a commitment to the organisation's values and secure application development.
• Continuous Learning: Proactive approach to self-development, staying updated on the latest application security practices, techniques, tools, and industry trends.
• A strong background in both enterprise security and product security, with experience in multinational organisations.
• Hands-on experience with security frameworks such as ISO27001, SOC2, and SOX.
• Someone who can bridge the gap between technical expertise and business priorities, communicating effectively with both technical and non-technical stakeholders.
• A problem-solver who is passionate about creating secure and scalable solutions for complex challenges.
• Advanced knowledge of security architecture and design principles.
• Expertise in threat intelligence and Incident response.
• Strong leadership and project management skills.
• Excellent communication and interpersonal abilities.
• Strategic thinking and the ability to influence organisational change.

Even if you don’t meet every requirement, we still encourage you to apply. Your unique experiences and perspectives might be just what we’re looking for.

Benefits

Working with a pioneering provider of eCommerce solutions you will have the opportunity to join an international company who are growing massively, we encourage ambition and creativity.

Plus, you will get:

• 25 Days Annual leave, increasing to 26 days after 12 months in the business
• Enhanced Company Pension (Matched up to 5% & Salary Sacrifice)
• Healthcare Cashplan with Medicash
• Private Healthcare with Aviva
• Life Insurance with AIG
• Happl, our benefit platform which provides access to pre-negotiated discounts on a wide variety of services including entertainment, food, and fitness.
• Stock / Equity

Check out the links below to see what our CEO Justin Floyd has to say about our plans for growth for the year ahead, and to see our latest video on the mission we’re on!

RedCloud I We're growing!

RedCloud I Red101 App I Open Commerce