At a Glance
- Tasks: Own cloud and product security, run pen tests, and embed security in engineering workflows.
- Company: Join StackOne, a fast-growing AI integration startup backed by top investors.
- Benefits: Enjoy share options, private health insurance, and a generous holiday allowance.
- Other info: Flexible hybrid working and a commitment to diversity and inclusion.
- Why this job: Make a real impact on security in a cutting-edge tech environment.
- Qualifications: 3+ years in security engineering with strong coding skills in TypeScript, Python, or Go.
The predicted salary is between 60000 - 80000 € per year.
About StackOne: StackOne is the AI Integration Gateway for SaaS products and AI Agents. Backed by GV and Workday Ventures ($24M raised), we help builders of SaaS platforms and AI Agents orchestrate hundreds of scalable, accurate, and enterprise-grade integrations. Our platform combines 25,000 pre-mapped actions on 200 connectors, an AI-powered integration development toolkit, plus security by design: a real‑time architecture, managed authentication and permissions, and end‑to‑end observability. Join us on our fast trajectory to build the future of agentic integrations.
About the role: We’re looking for a Security Engineer to be a key hire on our Engineering team and own our cloud and product security posture as we scale. You’ll work across our AWS and Cloudflare estate, harden our secure SDLC, run pen testing efforts end‑to‑end, and threat‑model the features powering our connectors, OAuth flows, and agent execution paths. It’s a hands‑on, DevSecOps‑heavy role: you write code, ship tooling, and embed security into how engineers work every day. You’ll report directly to the CTO and have broad scope across the platform (from CI/CD pipelines to multi‑tenant APIs to incident response on authentication flows).
Responsibilities:
- Own the secure SDLC: drive SAST, dependency scanning, secrets detection, and PR‑blocking standards across every repository.
- Harden our AWS and Cloudflare estate: IAM, secrets, network segmentation, KMS, WAF, GuardDuty, and zero‑trust patterns.
- Run pen testing end‑to‑end: scope and coordinate engagements with both AI‑driven scanners and human researchers, then drive findings through fix and retest.
- Threat‑model product features before they ship, new Auth provider, expanded multi‑tenant APIs, connector executions, agent tool‑calling paths etc.
- Build detection and response capability around credential and authentication flows, with observability that closes incidents fast.
- Partner with engineering to raise the bar day‑to‑day: architecture reviews, written standards, and security embedded in code review.
- Use LLMs and agents to accelerate security workflows (triage, code review, evidence gathering) with guardrails you trust and help secure and monitor the (code/application/device) fleet.
- Support compliance work where it intersects security engineering: SOC 2, ISO 27001, customer security reviews, and pen test responses.
What we’re looking for:
- 3+ years in security engineering with hands‑on AWS security: IAM, KMS, networking, secrets, GuardDuty / Security Hub.
- Strong coding ability in TypeScript or Python or Go comfortable shipping production code, not just configs and scripts.
- Application security fluency: OWASP Top 10, threat modeling, and code‑level reviews on real systems.
- Experience securing a B2B SaaS multi‑tenant production environment.
- Comfort owning end‑to‑end work: scope, ship, measure. You don’t wait for a queue.
- Clear communication with engineers, product, and non‑technical stakeholders.
- Bias toward automating security checks instead of running manual checklists.
- (Preferred) IaC fluency in AWS CDK or Terraform, comfortable reviewing infrastructure code for security misconfigs and writing custom scanning rules.
- (Preferred) Experience with Aikido, Drata, Cloudflare Workers, or pen testing in a compliance‑mature environment.
Our Stack:
- Cloud & infra: AWS (ECS, RDS, Lambda, KMS, GuardDuty, Security Hub, Inspector), Cloudflare (Workers, WAF, Zero Trust)
- IaC: AWS CDK, Terraform
- Security tooling: Aikido (SAST, DAST, container scanning, pen testing), 1Password, GitHub (org‑level enforcement, Advanced Security)
- Compliance & ops: Drata, Iru, EasyLlama
- Observability & IR: Datadog, Sentry, Logfire, Incident.io
- Languages: TypeScript (Node.js), Python
Benefits:
- Meaningful share options (EMI) - share in the company’s success as we grow
- 25 days holiday + 1 additional day per year of tenure
- Private health insurance - including dental & optical
- £15/day lunch budget when working from our London office, up to £120/month
- £1,000 for your home office set up + £500/year top‑up
- Annual team offsite to sunny spots (last ones were in Spain and Portugal)
- Join one of Europe’s fastest-growing startups
- Work with a veteran team of ex‑employees of Google, Microsoft, Oracle, Coinbase, JP Morgan and more
- Health, fitness and gift card discounts
- Cycle2Work and Electric Cars scheme
- Hybrid working friendly - typically 2 days/week in our London office. We’re open to discussing flexible arrangements—please share any preferences in your application
We believe diversity drives innovation. We encourage individuals from all backgrounds to apply. As an equal‑opportunity employer, we celebrate diversity and are committed to creating an inclusive environment for all employees.
Security Engineer in London employer: StackOne Technologies Limited
At StackOne, we pride ourselves on being an exceptional employer, offering a dynamic work culture that fosters innovation and collaboration. As a Security Engineer, you'll have the opportunity to work alongside a talented team of industry veterans in a fast-growing startup environment, with access to meaningful share options, generous holiday allowances, and a commitment to employee well-being through private health insurance and flexible working arrangements. Join us in shaping the future of AI integrations while enjoying unique benefits like annual team offsites and a supportive atmosphere that values diversity and personal growth.
Contact Detail:
StackOne Technologies Limited Recruiting Team
StudySmarter Expert Advice🤫
We think this is how you could land Security Engineer in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with current employees at StackOne. A friendly chat can sometimes lead to opportunities that aren’t even advertised!
✨Tip Number 2
Show off your skills! If you’ve got a GitHub or personal project showcasing your coding chops, make sure to highlight it during interviews. It’s a great way to demonstrate your hands-on experience with security engineering.
✨Tip Number 3
Prepare for technical interviews by brushing up on AWS security practices and coding challenges. We recommend practicing common security scenarios and being ready to discuss how you’d tackle real-world problems at StackOne.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who take the initiative to engage directly with us.
We think you need these skills to ace Security Engineer in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that align with the Security Engineer role. Highlight your hands-on AWS security experience and coding abilities in TypeScript, Python, or Go. We want to see how you can contribute to our cloud and product security!
Craft a Compelling Cover Letter:Your cover letter is your chance to show us your personality and passion for security engineering. Share specific examples of your past work, especially around securing B2B SaaS environments and automating security checks. Let us know why you're excited about joining StackOne!
Showcase Your Problem-Solving Skills:In your application, don’t just list your skills—demonstrate how you've used them to solve real-world problems. Talk about your experience with threat modelling, pen testing, and how you've improved security postures in previous roles. We love seeing proactive problem solvers!
Apply Through Our Website:We encourage you to apply directly through our website for the best chance of getting noticed. It’s super easy, and you’ll be able to attach all your documents in one go. Plus, it helps us keep track of your application better. We can’t wait to hear from you!
How to prepare for a job interview at StackOne Technologies Limited
✨Know Your Security Fundamentals
Make sure you brush up on your knowledge of AWS security, IAM, KMS, and the OWASP Top 10. StackOne is looking for someone who can demonstrate a solid understanding of these concepts, so be ready to discuss how you've applied them in real-world scenarios.
✨Showcase Your Coding Skills
Since this role involves writing production code, be prepared to showcase your coding abilities in TypeScript, Python, or Go. Bring examples of your work that highlight your experience with secure coding practices and how you've integrated security into your development process.
✨Prepare for Scenario-Based Questions
Expect questions that ask you to walk through your thought process on threat modelling or running pen tests. Think about specific challenges you've faced in previous roles and how you approached them, as this will demonstrate your hands-on experience and problem-solving skills.
✨Communicate Clearly and Confidently
You'll need to collaborate with engineers and non-technical stakeholders, so practice explaining complex security concepts in simple terms. Clear communication is key, so think about how you can convey your ideas effectively during the interview.
