Principal Security Engineer

ABOUT AvolutionJoin Avolution, a prestigious global leader in Enterprise Architecture Software with over 20 years of experience. Our established presence spans across London, Sydney, Northern Virginia, and Singapore, and we are recognized in the Gartner Magic Quadrant as an industry frontrunner. Become part of our intelligent, friendly team, where your skills and initiative will drive our growth while enjoying a culture rated as collegial, collaborative, flexible, and supportive by our employees.Key ResponsibilitiesCloud & Infrastructure SecurityDesign, manage, and enhance security configurations across Azure and AWS environments, ensuring seamless integration with Office 365.Implement and enforce industry best practices for identity and access management (IAM) in Azure AD (Entra ID) and AWS IAM.Monitor cloud workloads for vulnerabilities, misconfigurations, and threats utilizing tools such as Microsoft Defender.Collaborate with DevOps/Engineering teams to embed security controls into CI/CD pipelines, advocating for DevSecOps principles.Conduct thorough security assessments, including aiding in penetration testing and risk evaluations to identify and mitigate potential vulnerabilities.Endpoint & Identity SecurityEnhance device posture, compliance, and management utilizing Microsoft Intune and Defender for Endpoint.Develop and maintain solid conditional access, multi-factor authentication (MFA), and endpoint protection policies.Oversee secure identity lifecycle processes, enforcing least-privilege access and zero-trust principles.Security OperationsRespond promptly to security alerts, incidents, and vulnerabilities with thorough investigations and remediation actions.Perform regular risk assessments, security reviews, and internal audits.Manage and optimize security tools, including SIEM, EDR, vulnerability scanners, and the Microsoft Defender suite.Lead incident response efforts and coordinate with cross-functional teams.Compliance & GovernanceSupport ISO 27001:2022 recertification and ongoing compliance activities, including internal audits.Prepare for and assist in obtaining additional compliance certifications (e.g., SOC 2, GDPR) to facilitate company growth.Develop, maintain, and enhance security policies, procedures, and technical documentation.Track, report on, and address audit findings or compliance gaps.Collaboration & CulturePartner with globally distributed teams across EMEA, AMER, and APAC regions.Educate internal teams on security best practices and cultivate a security-first culture through training and awareness initiatives.

Join Us at CommercetoolsAt commercetools, we believe that true innovation is built on a solid foundation. Our team embodies a unique blend of builders, explorers, and problem-solvers who are reshaping the future of commerce. We are not just pioneers in flexible commerce architecture, but also champions of a culture of experimentation that drives our industry forward. Together, we empower ambitious businesses to thrive in a rapidly changing landscape through AI-driven solutions and seamless integration of digital and physical shopping experiences.Your Role and ImpactAs the Principal Engineer for Product Security, you will be instrumental in addressing complex technical challenges that arise within our innovative product lines. Your expertise will enable our engineering teams to 'shift left', fostering secure service development across a multi-cloud infrastructure. Join us and make a significant impact on the future of commerce!

Methods is a leading IT Services Consultancy with a revenue exceeding £100M, dedicated to transforming the public sector in the UK. With over 30 years of experience, we partner with various central government departments and agencies to enhance operational efficiency and effectiveness.Our unique approach combines technology, data, and a human touch, which distinguishes us from other consultancies, system integrators, and software houses. We are committed to delivering sustainable and impactful solutions for our clients, staff, communities, and the environment.At Methods, we cultivate a collaborative atmosphere that fosters skill-sharing and problem-solving while enjoying our work. We embrace challenges, learn from our experiences, and strive for excellence.While primarily serving the public sector, we are actively expanding our portfolio to include significant private sector clients. Methods became part of the Alten Group in early 2022.Role Overview: As a prominent digital transformation consultancy, Methods collaborates with public and private organizations to provide innovative and secure solutions. Our focus on governance, risk, and compliance (GRC) empowers businesses to navigate intricate security landscapes while maintaining regulatory and operational resilience.We are currently looking for a Principal Cyber Security Risk & Audit Consultant to join our dynamic team. This position is perfect for a professional with extensive expertise in cyber security, risk management, and internal audit. Candidates should possess experience in both public and private sectors, ideally with a background in management consultancy. Strong leadership and team-building skills are highly preferred.

Join Ramboll as a Principal Electrical Engineer in our London office, where you'll lead innovative projects and collaborate with a talented team of engineers. This role offers an exciting opportunity to shape the future of electrical engineering in a dynamic environment.

Join our dynamic team at AFRY as a Principal Civil Engineer, where you will lead innovative projects and drive engineering excellence in the heart of London. We are looking for a talented professional who can demonstrate exceptional technical skills and a commitment to sustainability and infrastructure development.

Join Our Team as a Principal Geotechnical EngineerWe offer a competitive salary based on experience and qualifications, reaching up to £60,000 per annum, in addition to a comprehensive benefits package.Location: South East LondonOur esteemed consultancy firm is on the lookout for a Principal Geotechnical Engineer to bolster our Geotechnical National Service line at our London office. We seek individuals who are ideally Civil Engineers with a minimum of 4 years' experience. You will be stepping into a highly respected professional team known for its commitment to quality, technical expertise, and the delivery of commercially viable solutions for our clients.As the Principal Geotechnical Engineer, you will focus on ground movement analysis and collaborate closely with structural engineers on a portfolio of significant developments in London and across the nation. You will be responsible for delivering integrated ground investigations, preparing interpretative reports, and providing geotechnical design advice for a diverse array of projects, including tall towers, deep basements, retaining walls, ground improvement, and earthworks by leveraging both national and local resources. Your role will also involve sharing technical support across the business, enhancing the resilience and strength of our national virtual team.

Join AECOM as a Principal RAMS Engineer, where you will play a crucial role in ensuring the reliability, availability, maintainability, and safety of our engineering projects. You will be responsible for leading RAMS assessments, implementing innovative methodologies, and collaborating with multidisciplinary teams to deliver exceptional results.

Abound is changing how consumer lending works in the UK and beyond. By combining advanced AI with Open Banking data, the company looks at a person’s complete financial situation, not just a credit score, to make lending decisions that are fairer and more accurate. Since launch, Abound has issued over £1.3bn in loans, with a credit performance that outpaces industry averages. The company became profitable within 2.5 years and has backing from major investors, including Citi and Deutsche Bank. With over £2bn in funding, Abound is recognized as one of Europe’s fastest-growing fintechs. Role overview This Senior Security Engineer position is based in London and sits within the Platform team. The role blends DevSecOps responsibilities, serving as a bridge between product engineering and Corporate IT. As a hands-on contributor, the Senior Security Engineer critically reviews security architecture across both production and internal IT environments. During the first 6 to 12 months, the focus will be on designing and implementing next-generation cloud security architecture in AWS and GCP. The role also involves building and maturing internal SOC capabilities, particularly around detection and response. What you will do Manage Microsoft Sentinel to strengthen SIEM/SOAR capabilities Automate RBAC for identity and access management across AWS, Microsoft Entra, and internal systems Embed security controls into GitLab CI/CD pipelines, including scanning, infrastructure-as-code reviews, and automated policy enforcement Support a shift-left approach by integrating security throughout the software development lifecycle Technology stack Cloud & Compute: AWS, ECS Fargate, Aurora, Lambda, GCP Data Lake: S3, DMS, Glue Security & Identity: Microsoft Defender (XDR), Microsoft Sentinel (SIEM/SOAR), Defender for Cloud (CSPM), Microsoft 365, Entra, Intune Cloud Security Tooling: GuardDuty, Security Hub, Inspector, Security Command Center Code & Infrastructure: Terraform, GitLab CI/CD

airapps is hiring a Security Engineer to help safeguard digital assets and infrastructure in the London Metropolitan Area. This role centers on identifying weaknesses, managing security risks, and ensuring strong security measures are in place. Key responsibilities Identify vulnerabilities throughout information systems Reduce and address security risks as they arise Implement and maintain effective security protocols Support efforts to comply with relevant industry standards Help strengthen the company’s overall security posture Location This position is based in the London Metropolitan Area.

AECOM is seeking a Principal Electrical Engineer to lead and deliver innovative electrical engineering solutions in a dynamic environment. The selected candidate will be responsible for designing and implementing complex electrical systems, ensuring compliance with industry standards, and collaborating with interdisciplinary teams to complete projects on time and within budget.

Role Overview Aircall is looking for a Security Engineer focused on Product Security to help protect our products and platform. This role is based in our London office. What You Will Do Work with teams across engineering, product, and other functions to spot vulnerabilities and address them early in the development process. Implement security measures that fit our product development lifecycle. Lead security initiatives that strengthen customer trust and protect sensitive data. Support efforts to keep our security standards high as our platform evolves. Impact This role directly shapes the security of Aircall’s products and the safety of customer data. The work supports our commitment to strong security practices and helps maintain trust with our users.

About Anaplan Anaplan builds AI-powered scenario planning and analysis tools that help businesses make smarter decisions. Over 2,400 organizations worldwide, including Fortune 50 leaders like Coca-Cola, LinkedIn, Adobe, LVMH, and Bayer, rely on Anaplan’s platform to stay competitive. Our teams share a strong commitment to client success and a culture that values innovation, diverse perspectives, and celebrating achievements at every level. We focus on strategic goals, value-driven work, and disciplined execution, creating space for growth, recognition, and connection. Role Overview: Principal Infrastructure Engineer Anaplan is hiring a Principal Infrastructure Engineer to lead the design and deployment of a multi-region HashiCorp Vault platform. This role serves as the Subject Matter Expert for secrets management and governance, supporting hundreds of engineers and global clients. This is a hybrid role based in London, with at least two days per week in the office. What You Will Do Architect, design, and implement a new multi-region HashiCorp Vault platform on public cloud infrastructure. Own the solution architecture, maintaining high-quality design documents and Architecture Decision Records (ADRs). Develop and test strategies to ensure platform resilience, including performance, Disaster Recovery (DR), and High Availability (HA). Act as the primary SME for Vault and modern secrets management, promoting best practices across the organization. Work closely with stakeholders, platform teams, and software engineers to integrate their services securely with the Vault ecosystem. Partner with Security to define and meet control requirements for the Vault platform, covering policy standards, privileged access, audit/evidence, and compliance needs. Lead regular security discussions and maintain a proactive security posture within the company.

Join Us in Shaping the Future of Cyber Security.At Quantexa, we believe in the power of innovation and continuous improvement. Our mission is to forge meaningful relationships with our clients and drive impactful change across various industries. With a diverse workforce comprising over 50 nationalities and 20 languages spoken, we foster an inclusive environment where every voice matters. Here, you will find the autonomy and support needed to craft a career that aligns with your aspirations.The Role.We are seeking a proactive and technically skilled Cyber Security Engineer to join our Security Operations team. In this hands-on role, you will be instrumental in safeguarding Quantexa's digital assets. Your responsibilities will include the operational management, optimization, and monitoring of essential security platforms, focusing on Zscaler, cloud monitoring via Wiz, and endpoint detection and response through CrowdStrike.Collaborating closely with the broader Security Operations team, you will ensure that security alerts, findings, and detections are efficiently triaged, validated, documented, and remediated. Your contributions will directly enhance Quantexa's security posture by minimizing risk, bolstering detection capabilities, and ensuring timely responses to security incidents.This position is ideal for a curious and detail-oriented professional who thrives on working with cutting-edge security tools, embraces disciplined execution, and seeks opportunities for ongoing improvement.Your Responsibilities.Wiz (Cloud Security Posture Management)Daily monitoring and triaging of Wiz findings, validating alerts and assessing operational impact.Engaging in tuning and threat hunting within Wiz and other security tools.Identifying misconfigurations, excessive permissions, and exposed assets while escalating issues as necessary.Tracking remediation progress with engineering teams and ensuring the resolution of high-priority issues.Zscaler (Web Security Tunnel 2.0)Reviewing and triaging Zscaler alerts and policy violations according to documented response procedures.Investigating suspicious traffic, access attempts, and user activity to determine legitimacy.

Role Overview Intercom is hiring a Principal Engineer - Go-To-Market in London. This role influences product direction and turns market insights into practical engineering outcomes. The Principal Engineer works closely with teams across the company to help ensure products align with customer needs as they change.

Join our dynamic team as a Principal Electrical Engineer, where you will play a pivotal role in leading innovative electrical engineering projects. Your expertise will drive the development of cutting-edge solutions that enhance our infrastructure and contribute to sustainable engineering practices.As a Principal Electrical Engineer, you will collaborate with multidisciplinary teams, ensuring that all engineering designs meet the highest quality standards while adhering to safety regulations. Your leadership will inspire junior engineers and foster a culture of excellence within our engineering department.

About the Position Jane Street is seeking a skilled Identity Security Engineer with expertise in engineering hybrid Windows platforms to become a vital member of our expanding team. Our IT Security team is committed to safeguarding access to Jane Street's IT systems. In this role, you will be instrumental in enhancing the organization's security posture through a blend of hands-on technical work and collaborative efforts with cross-functional engineering teams to initiate transformative security projects. Key Responsibilities: Serve as a technical security authority, offering insights on EntraID, M365, Azure tools, and security best practices. Lead the implementation and validation of robust security controls to minimize attack pathways between on-premises and external platforms. Identify security vulnerabilities and recommend operational improvements to meet our security standards. Provide technical guidance and influence cross-functional technology teams to facilitate cloud adoption. We are looking for an individual ready to make an immediate impact, capable of prioritizing work in a fast-paced environment. This position is more than just execution; we will rely on your judgment and quick thinking to guide our remediation and mitigation strategies for our Windows infrastructure. Your decisions will have far-reaching implications across the firm. About You: Possess a solid understanding of Microsoft security policies and configurations across Microsoft cloud services (SaaS/PaaS), IAM, and Privilege Access Management. Exhibit a strong grasp of industry-standard SSO technologies and authentication protocols (OpenID Connect, SAML, OAuth, Kerberos, LDAP, etc.). Have experience designing, implementing, and supporting Microsoft security infrastructure in live environments. Provide security recommendations regarding certificate policies, templates, and key sizes to uphold secure cryptographic standards. Manage and secure Azure resources utilizing a code-driven methodology. Be eager to develop scalable and repeatable security practices through automation, including certificate enrollment and renewal processes. Fluent in English. If you are a recruiting agency interested in partnering with us, please reach out to agency-partnerships@janestreet.com.

Join our dynamic team at Lendable as a Cyber Security Engineer, where you will play a pivotal role in safeguarding our digital assets and ensuring the integrity of our systems. In this position, you will be responsible for the design, implementation, and maintenance of security protocols across our network and applications. You will work closely with cross-functional teams to identify vulnerabilities and develop strategies to mitigate risks.

Join CoreWeave as a Principal Engineer!At CoreWeave, we are redefining the cloud landscape for AI innovation. Our platform is tailored for trailblazers, offering cutting-edge technology and a collaborative environment designed to empower innovators to construct and expand AI solutions with assuredness. Serving leading AI labs, startups, and global corporations, we blend exceptional infrastructure performance with extensive technical know-how to expedite breakthroughs and transform compute power into actionable capabilities. Since our founding in 2017, we have proudly transitioned to a publicly traded entity (Nasdaq: CRWV) as of March 2025. Discover more at www.coreweave.com.As a Living Wage accredited Employer, we prioritize fair compensation for all our employees.

Application Deadline: We are actively conducting interviews and aim to fill this position promptly as soon as we find the right candidate.THE OPPORTUNITYApollo Research is searching for a Senior Security Engineer to take full ownership of security protocols and practices within our organization. As the first dedicated security hire, you will play a crucial role in maintaining the trust of our innovative AI lab partners and supporting our research mission. This position is embedded within the engineering team and reports directly to the CEO.YOUR RESPONSIBILITIES WILL INCLUDE- Establishing and leading Apollo's security program. You will create and manage the security roadmap, perform risk assessments, and adapt the program as the organization evolves, defining the security posture in relation to our size, threat model, and partner relationships.- Fostering trust with our AI lab partners. You will be the primary contact for security teams of our partners, building relationships with their CISOs, and ensuring our security practices are documented and meet the necessary standards for our partnerships.- Setting security strategies for engineering. You will define security principles and an AppSec strategy that the engineering team will adopt, creating efficient pathways for secure development.- Defining the use of AI tools and integrations at Apollo. You will determine approved tools, data handling procedures, and vetting processes for new technologies, ensuring a balance between security and the need for cutting-edge research tools.- Managing our security tooling stack and automating operations. You will select, implement, and oversee security controls such as EDR/MDR, endpoint management, email protection, and identity management, while automating processes wherever feasible.- Leading compliance and certification efforts. You will spearhead certification initiatives (ISO 27001, SOC 2) as required, integrating compliance into our security practices.- Managing IT administration across the organization. You will oversee Google Workspace and other IT resources.