Listing Description

The Opportunity

We're on an impressive journey to make the world a better place for pet-parents.  We're expanding our Engineering, Product and Design ("EPD") team and looking to hire our first ever Cloud Security Engineer to support our global business. We have ambitious growth goals and as such, this role will be a pivotal part of our continued success as a crucial enabler for our growth in the UK, Sweden, the US and beyond. 

As our new Cloud Security Engineer, you’ll be responsible for facilitating an approach that allows security to be introduced earlier in the lifecycle of the app development process. This role requires advanced skills in securing CI/CD pipelines in both legacy and modernised application environments. We'll look to you to share your knowledge and expertise across our squads, so we make sure our engineering environments are the very best (and most secure) that it can be. You'll collaborate with our Cloud Engineers, Architects, Developers, external partners and other business functions - to provide secure and resilient applications that will be the key to our success.

Your Focus

• Automation of security process flows and security tests.


• Designing, creating and supporting security tests in CI/CD pipelines -including IAST, SAST, DAST, static scanning, API scanning, and secret detection.


• Developing code for collecting and injecting data from security vendors APIs.


• Developing tools to assist and support developers on securing Git Workflows.


• Defining and implementing metrics to provide visibility risks and security controls.


• Building out a SIEM that is the "eyes and ears" into our infrastructure.


• Maintaining contact with vendors, industry peers, and professional associations - keeping informed of existing and evolving industry standards, technologies, and cyber threats.


• Identifying, evaluating, and conducting proof-of-concept for new technologies - which enable the secure development of core architectural components.

What Leads to Success

Here are a few of the skills we are looking for in this position. Don’t worry if you don’t tick every box as it’s important for us to support you in your role and help you to develop along the way.

• Engineering is your heart and soul. You're the sort of person who needs to know that everything is organised, optimised and humming along beautifully.


• You have the mindset of "secure by default" and you like to get things right first time around.


• You value diversity and are sensitive to different environments and cultures.


• You've got nose for problems: you have a sixth sense for issues before they happen.


• Your colleagues say you're the sort of person who likes to move fast, pragmatically seeking problems and thinking about the wider Impact to the business.


• You make changes happen by working with others.

What's Important

• Significant commercial experience working in a security focused role - ideally, you’ll have secured cloud applications in Financial Services or Insurance and understand a regulated business.


• You're able to code in one or more programming languages: ideally Python or JavaScript/TypeScript and you have proven experience with secure coding best practices.


• Strong foundation in security technologies and OWASP top 10 standards, including secure authentication, secure data storage etc.


• Experience with IAST, SAST, DAST, container scanning, API scanning, and secret detection tools.


• Familiarity with Information Security frameworks/standards (i.e., CIS, NIST, RFC2196, etc.)


• Ability to understand and create security threat models.


• Expertise in cloud infrastructure automation to include AWS, GCP, or Azure.


• CISM, CISSP or other Security Certifications.