At a Glance
- Tasks: Embed security into software development and collaborate with product teams to enhance security practices.
- Company: Join Redgate Software, a leader in simplifying database management for IT professionals.
- Benefits: Enjoy competitive salary, health coverage, flexible work, and generous paid time off.
- Other info: Be part of a diverse team committed to inclusion and personal growth.
- Why this job: Make a real impact on software security while working with cutting-edge technologies.
- Qualifications: Experience in application security and familiarity with cloud and container security.
The predicted salary is between 60000 - 80000 £ per year.
hackajob is collaborating with Redgate Software to connect them with exceptional professionals for this role.
Redgate creates ingeniously simple software to help data professionals get the most value out of any database. Our solutions solve complex database management challenges across the DevOps lifecycle, making life easier for IT leaders, development, and operations teams by increasing efficiency, reducing errors, and protecting business-critical data. The data community trusts Redgate to balance speed to market, team collaboration, and data protection.
Redgate Software – Culture
- As a Product Security Engineer, you'll embed security into the software development lifecycle across multiple product teams. You'll help teams build, ship, and operate secure software by defining requirements, improving detection and prevention (SAST/DAST), assisting teams with application security governance, and running threat modelling.
- Partner with engineering and product teams to define and operationalise security requirements across the SDLC (from design to release).
- Own or co-own application security governance practices: secure-by-default standards, patterns, guardrails, and exceptions/risk acceptance.
- Drive SAST/DAST adoption and quality: tool tuning, triage workflows, severity calibration, and "fix-forward" enablement.
- Support adoption of threat modelling for new features, architectural changes, and high-risk services—turning findings into actionable engineering work.
- Provide product security guidance for cloud-native environments (AWS + containerised workloads), with an emphasis on secure service design and deployment practices.
- Build strong relationships with product teams through clear communication, coaching, and security enablement.
- Review and assist in the development of engineering policies aligned with security best practices.
- Contribute secure shared libraries/paved-road components or perform targeted security testing/pentesting to validate controls.
- Work with product teams to support implementation of AI, including LLMs, SLMs, and MCP.
- Hands-on product/application security experience supporting engineering teams in a modern SDLC (requirements, design review, secure coding guidance, release support).
- Working understanding of cloud and container security fundamentals in an environment using AWS and Docker (and related CI/CD practices).
- Comfort working across a primarily C# ecosystem (with some Java/Python), including the ability to review code and explain security issues clearly to developers.
- Ability to translate security risk into actionable engineering priorities—balancing risk, delivery timelines, and operational realities.
- You're pragmatic: you care about real risk reduction, not checkbox compliance or perfect theoretical security.
- C# / .NET (primary engineering ecosystem), React.
- Java (J2EE), TypeScript, and Python.
- AWS (cloud infrastructure and services), Docker (containerised workloads).
- Get access to core systems and security tooling; Shadow the Product Security Architect and sit in on a handful of ceremonies (planning/refinement/retro) to understand team dynamics and where security naturally fits.
- Start building a knowledge base: common app patterns, approved controls, "how we do security here," and where to find the right people.
- Begin owning a defined slice of AppSec work with supervision (e.g., Start contributing to security reviews for new features or higher-risk changes—initially as a second set of eyes, then independently for scoped areas).
- Help improve signal-to-noise in SAST/DAST: tune rules, reduce duplicates, and document triage guidance that developers can follow.
- Support lightweight threat modelling sessions alongside the Architect (prep, note-taking, translating outcomes into engineering actions).
- Demonstrate steady throughput on findings: consistent triage quality, meaningful developer support, and reduced turnaround time for the scoped area.
Benefits include:
- Competitive salary
- Comprehensive health coverage
- Monthly wellbeing allowance
- Flexible working arrangements
- Generous paid time off
- Employee assistance program
- Community and social events
Redgate has adopted a flexible-hybrid model. This means that people will work flexibly with a blend of remote (home) and co-located (office) work, with teams having the flexibility to decide which location best suits the outcomes they need to deliver.
Our diversity, equity, inclusion & belonging commitments
We believe diverse teams are better at solving problems and fostering a creative culture. Recruitment & retention: hiring and retaining diverse talent. Authenticity & belonging: promoting inclusive language and behaviours. Growth: supporting personal and professional development. We support DEIB through our inclusion forum (Belong at Redgate) and regular DEIB events. If you need accommodation, please let us know via our application process or email.
Learn more about our commitment to diversity on our diversity page. While we outline the qualities we typically seek, we recognise that you may possess additional attributes and skills that could make you an excellent fit for our team.
We do not discriminate based on race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Security/ Product Security Engineer in Cambridge
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Redgate Software, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through Redgate Software
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Redgate Software. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Cyber Security/ Product Security Engineer in Cambridge
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Redgate Software insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Redgate Software that you’re committed to staying ahead in the game.
How to prepare for a job interview at Redgate Software
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at Redgate Software to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Redgate Software.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.