Senior Security Engineer

You will be helping us realise and steer a cloud presence that enables our builder teams technologists and users to safely securely rapidly and easily leverage the cloud services they need in order to accelerate patient care in our virtual ward.

Youll work in partnership with the business to help us elevate and automate our security posture for complex workloads that support our engineering data and core tooling pipelines.

Our vision is a platform that epitomises the best of modern cloud practices - leveraging immutable infrastructure zero trust and effective pipelines to allow our teams to quickly operationalise workloads that have compliance security observability logging and alerting baked in and were growing a team passionate to deliver it.

Were looking for someone who genuinely cares about and enjoys helping users while balancing their needs with both business and security priorities. You pursue tangible outcomes but bring an exceptional eye for detail and you pair excellent interpersonal skills and emotional intelligence with a low-ego collaborative approach to learning and sharing knowledge. You take pride in working closely with the entire team and have a proven track record in technical delivery architecting developing and maintaining security capabilities that empower builder teams to do their best work.

Your mission should you choose to accept it:

• Bringing a strong technical security skill set to the overall strategy and direction of the cloud platform the team are building to enable Mews to operate with a best possible security posture in the cloud
• Building out an effective modular security posture that is tightly integrated to our cloud platform leveraging modern infrastructure as code patterns
• Enabling capabilities like zero trust supply chain (SLSA) least privilege and taking a modern security lens to our operations
• Embedding security throughout our delivery pipelines so that users can focus on doing the job. with appropriate automated guardrails to elevate security throughout delivery
• Ensuring that identity and access management deliver a secure and minimal platform while continuing to enable users.
• Working cross functionally with the wider organisation to migrate existing infrastructure to the new platform.
• Building out processes tooling and most importantly culture around high security systems across our product teams
• Creating secure by default approaches on the platform so that out of the box teams are already enabled with an effective security and compliance posture.
• Helping us to amplify best practice in the cloud through education awareness raising and evangelising both without and outside the company
• Analysing and assessing the threat landscape around our products and delivering approaches to minimise our attack surface

Youll be a great fit if you bring a few of the below with you:

• Hands on security implementation in any of the cloud platforms (We operate in Azure) and automating security provisioning and continuous integration/delivery using Infrastructure as Code (we use Pulumi but you may not have).
• Modern CI/CD pipelines and gitops workflows
• Alerting and monitoring tooling and building a sustainable SIEM process
• Development & Scripting
• Running post-mortems and teaching the culture of security to non-ops engineers
• Disaster response resilient systems engineering and security automation
• Cloud security and systems hardening
• A bias towards action and a desire for mission-driven work
• Excellent communication skills including communication with less-technical staff
• Experience working in and contributing to an environment that supports a diverse team
• A desire to mentor junior teammates and to build a team
• Comfortable both with pair working and with independent work managing their own projects; but is also confident with sense-checks and check-ins to avoid chasing too many issues down rabbit holes.

Required Experience:

Senior IC