We're looking for an experienced security engineer with expertise in cloud-native architecture, legacy system hardening, and modern DevSecOps/SRE practices. You'll collaborate across engineering teams to embed security into platforms and applications from design to production, driving continuous improvement and resilience.

Responsibilities :

- As a Cyber Security Engineer, you will join our team to strengthen and scale our e-commerce systems, collaborating with product and engineering teams from day one to proactively secure our software and infrastructure.

- Security Monitoring and Incident Handling : Continuously monitor and investigate system logs for potential threats, conduct root cause analysis, incident response and drive effective containment and remediation actions.

- Detection Engineering and Threat Hunting : Design and implement detection rules, alerts, and monitoring systems to identify emerging threats. Proactively hunt for indicators of compromise, analyse attacker techniques, and enhance detection capabilities across the environment.

- Automation and Orchestration : Build and maintain automated workflows and integrations across security tools to enable faster detection, triage, and response. Develop custom scripts and SOAR playbooks that improve analyst productivity and strengthen SOC efficiency.

- Adversary Emulation / Offensive Assessments : Design and execute offensive security operations, including red teaming, penetration testing, and exploit development. Emulate threat actor behaviours to assess detection capabilities and drive improvements across security posture and incident response.

- Vulnerability Management : Build and operationalise a vulnerability management program, defining processes, metrics, vulnerability detection, assessment, and remediation in collaboration with cross-functional teams.

- Participate in a shared on-call schedule.

- Mentor new hires and other engineers by example, tech talks, paired programming, and other avenues to increase technical efficiency across the organisation.

Requirements :

- 7 to 10 years of experience working in security operations, incident response, detection engineering and red/offensive security.

- Hands-on experience with one or more SIEM platforms (e. g. - Splunk, Sentinel, Qradar, Google Secops) and EDR / XDR Solutions (e. g. - CrowdStrike, Sentinel One)

- Proficiency in Scripting in Python, Go, Java, Bash, etc, for automation and tooling.

- Experience creating automated SOAR playbooks or managing orchestration workflows (e. g., Demisto, SOAR modules, custom automation)

- Practical Offensive skills : Experience with building and executing adversary Emulation, C2 frameworks, red team tools and engagement and purple team exercises.

- Experience with cloud platforms GCP, AWS, Azure, and containerization technologies (e. g. Docker, Kubernetes).

- Design experience with distributed systems, microservices architecture, and related technologies.

- Knowledge of CI/CD pipelines and version control systems (e. g., Git).

- Excellent communication skills across engineers, product managers, and business stakeholders alike.

- Ample experience gathering and balancing requirements from technical and business stakeholders, and reaching consensus on prioritisation.

- Experience mentoring engineers and leading code reviews.

- Certifications : OSCP, CISSP, GCIH, GCTI, or similar certifications.

- Knowledge of configuration management tools (e. g. Puppet, Ansible, Chef, Terraform).