Security Engineer

About StackOne: StackOne is the AI Integration Gateway for SaaS products and AI Agents. Backed by GV and Workday Ventures ($24M raised), we help builders of SaaS platforms and AI Agents orchestrate hundreds of scalable, accurate, and enterprise-grade integrations. Our platform combines 25,000 pre-mapped actions on 200 connectors, an AI-powered integration development toolkit, plus security by design: a real‑time architecture, managed authentication and permissions, and end‑to‑end observability. Join us on our fast trajectory to build the future of agentic integrations.

About the role: We’re looking for a Security Engineer to be a key hire on our Engineering team and own our cloud and product security posture as we scale. You’ll work across our AWS and Cloudflare estate, harden our secure SDLC, run pen testing efforts end‑to‑end, and threat‑model the features powering our connectors, OAuth flows, and agent execution paths. It’s a hands‑on, DevSecOps‑heavy role: you write code, ship tooling, and embed security into how engineers work every day. You’ll report directly to the CTO and have broad scope across the platform (from CI/CD pipelines to multi‑tenant APIs to incident response on authentication flows).

Responsibilities:

• Own the secure SDLC: drive SAST, dependency scanning, secrets detection, and PR‑blocking standards across every repository.
• Harden our AWS and Cloudflare estate: IAM, secrets, network segmentation, KMS, WAF, GuardDuty, and zero‑trust patterns.
• Run pen testing end‑to‑end: scope and coordinate engagements with both AI‑driven scanners and human researchers, then drive findings through fix and retest.
• Threat‑model product features before they ship, new Auth provider, expanded multi‑tenant APIs, connector executions, agent tool‑calling paths etc.
• Build detection and response capability around credential and authentication flows, with observability that closes incidents fast.
• Partner with engineering to raise the bar day‑to‑day: architecture reviews, written standards, and security embedded in code review.
• Use LLMs and agents to accelerate security workflows (triage, code review, evidence gathering) with guardrails you trust and help secure and monitor the (code/application/device) fleet.
• Support compliance work where it intersects security engineering: SOC 2, ISO 27001, customer security reviews, and pen test responses.

What we’re looking for:

• 3+ years in security engineering with hands‑on AWS security: IAM, KMS, networking, secrets, GuardDuty / Security Hub.
• Strong coding ability in TypeScript or Python or Go comfortable shipping production code, not just configs and scripts.
• Application security fluency: OWASP Top 10, threat modeling, and code‑level reviews on real systems.
• Experience securing a B2B SaaS multi‑tenant production environment.
• Comfort owning end‑to‑end work: scope, ship, measure. You don’t wait for a queue.
• Clear communication with engineers, product, and non‑technical stakeholders.
• Bias toward automating security checks instead of running manual checklists.
• (Preferred) IaC fluency in AWS CDK or Terraform, comfortable reviewing infrastructure code for security misconfigs and writing custom scanning rules.
• (Preferred) Experience with Aikido, Drata, Cloudflare Workers, or pen testing in a compliance‑mature environment.

Our Stack:

• Cloud & infra: AWS (ECS, RDS, Lambda, KMS, GuardDuty, Security Hub, Inspector), Cloudflare (Workers, WAF, Zero Trust)
• IaC: AWS CDK, Terraform
• Security tooling: Aikido (SAST, DAST, container scanning, pen testing), 1Password, GitHub (org‑level enforcement, Advanced Security)
• Compliance & ops: Drata, Iru, EasyLlama
• Observability & IR: Datadog, Sentry, Logfire, Incident.io
• Languages: TypeScript (Node.js), Python

Benefits:

• Meaningful share options (EMI) - share in the company’s success as we grow
• 25 days holiday + 1 additional day per year of tenure
• Private health insurance - including dental & optical
• £15/day lunch budget when working from our London office, up to £120/month
• £1,000 for your home office set up + £500/year top‑up
• Annual team offsite to sunny spots (last ones were in Spain and Portugal)
• Join one of Europe’s fastest-growing startups
• Work with a veteran team of ex‑employees of Google, Microsoft, Oracle, Coinbase, JP Morgan and more
• Health, fitness and gift card discounts
• Cycle2Work and Electric Cars scheme
• Hybrid working friendly - typically 2 days/week in our London office. We’re open to discussing flexible arrangements—please share any preferences in your application

We believe diversity drives innovation. We encourage individuals from all backgrounds to apply. As an equal‑opportunity employer, we celebrate diversity and are committed to creating an inclusive environment for all employees.