Senior Security Engineer in London

Location: London

Office attendance: 4 days per week in-office (Paddington)

About the company

Vega is unlocking scale for alternative asset managers. Private markets are shaping into one of the most important forces in the global economy over the coming decades, with more than $20 trillion in AuM today and expected to already triple by 2032. Today, the industry is at an inflexion point as it enters an era of hypergrowth, increased complexity, and brand new demands. To competitively service and scale their client base across the entire investment lifecycle, managers need a technological transformation. Vega is delivering the industry’s purpose-built infrastructure with AltOS – the client & distribution operating system for alternatives.

Vega’s founding team consists of alternatives specialists from KKR, Blackstone, Elliott, and Goldman Sachs, along with top product and engineering talent from successful fintech scale-ups like Revolut and Trade Republic. Vega has raised over $28M in funding from Apollo, Motive Ventures, Picus Capital, and 60 senior executives from the alternative investment industry.

Responsibilities

• Own Vega’s security posture across cloud, application, and data
• Design and evolve security architecture aligned with our SaaS, multi-tenant platform
• Work directly in the codebase to:

• Implement and improve authentication, authorization, and access controls
• Address application-level vulnerabilities and security flaws
• Support secure patterns in backend services and APIs
• Partner with backend engineers to embed security best practices into everyday development
• Secure AWS infrastructure across compute, storage, networking, IAM, and KMS
• Work alongside platform engineers on Kubernetes and container security
• Improve secrets management, access controls, and environment isolation
• Integrate security into CI/CD pipelines (SAST, dependency scanning, IaC checks)
• Improve monitoring, alerting, and incident readiness from a security perspective
• Ensure evidence, controls, and processes remain aligned as the platform evolves
• Translate compliance requirements into concrete technical controls
• Help shape engineering standards with security built in by default

Technical Qualifications

• 7+ years of experience in security engineering
• Proven hands-on experience securing cloud-native SaaS platforms
• Strong background in application security and infrastructure security (Java experience is a plus, but not required)
• Solid experience with AWS (IAM, EC2, RDS, S3, KMS, networking)
• Familiarity with Kubernetes and containerized environments
• Experience integrating security into CI/CD pipelines
• Good understanding of modern authentication and authorization patterns
• Excellent analytical and problem-solving skills with a focus on delivering scalable solutions
• Strong communication skills with the ability to articulate complex technical concepts to non-technical stakeholders

Technologies

• Back-end: Java 21, Spring Boot, REST, Postgres (Jooq, Flyway), JUnit, Testcontainers
• Cloud & Platform: AWS (EC2, RDS, Cognito, S3, KMS), Docker, Kubernetes
• CI/CD & Ops: GitHub Actions, Terraform, monitoring and alerting tooling
• Front-end: TypeScript, React, Tailwind CSS

Why join us?

• An opportunity to shape the trajectory of a high-growth company with world-class investors
• High autonomy and trust, with a direct impact on how Vega delivers value for clients
• Competitive salary and equity package
• Benefits include private health insurance, sports allowance, L&D budget, and more