Multiverse

Senior Platform Security Engineer

Multiverse

full-time

Posted on:

Location Type: Hybrid

Location: LondonUnited Kingdom

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureCloudElixirNode.jsPythonTerraformTypeScript

About the role

  • Architect Secure Foundations: You help the platform team to own the security of our developer platform. This includes designing, building, and maintaining security controls and services within our CI/CD pipelines.
  • Secure Our Infrastructure as Code (IaC): Partner with your Platform teammates to be the subject matter expert for securing our Terraform modules and cloud environments (AWS, Azure). You'll focus on preventing misconfigurations before they're deployed.
  • Incident Response and Operations: Participate in the team's on-call rotation, including out-of-hours coverage to support platform availability and security. We strive to keep our rotation sustainable and low-noise to respect your work-life balance. You will assist in troubleshooting critical issues, lead the response for security-specific incidents. Crucially, we believe in a blameless culture, so you will drive post-mortems focused on learning and preventing recurrence.
  • Build a Secure "Paved Road": Seamlessly integrate and orchestrate security testing (SAST, DAST, SCA, container scanning) into developer workflows. The goal is to make security testing a self-service, low-friction part of the development lifecycle.
  • Enable Vulnerability Remediation: Develop tools and processes to help engineering teams triage, prioritise, and remediate vulnerabilities. Your focus will be on automating discovery and providing clear, actionable context to developers.
  • Implement Platform-Level Detection: Leverage our cloud security and observability platforms to build robust, automated threat detection and response capabilities for the platform itself.
  • Be a Security Partner: In partnership with Infosec team, act as a primary security consultants for our developers. You'll provide expert guidance on secure coding (Elixir, TypeScript/Node, Python), secret management, and securing our event-driven architecture and AI services.
  • Govern Emerging Technologies: Help architect and implement our AI Management System, ensuring our innovative AI services are built on a secure foundation that meets governance standards like ISO42001.

Requirements

  • A "Builder" Mindset: You have strong coding and scripting skills (e.g., Python, TypeScript/Node) and a passion for automating *everything*.
  • Cloud & Infrastructure Experience: You have experience building and securing modern cloud-native infrastructure, including CI/CD pipelines (like GitHub Actions), cloud environments (AWS/Azure), and Infrastructure as Code (like Terraform).
  • Application Security Knowledge: You have a solid understanding of the AppSec landscape and practical experience integrating tools (SAST, DAST, SCA) into developer workflows.
  • A Collaborative Partner: You have excellent communication skills. You enjoy collaborating with engineering teams and translating complex security concepts into clear guidance.
  • Observability-Driven: You have experience using security and monitoring platforms (like Datadog) to detect and respond to threats.
Benefits
  • 27 days holiday, plus 5 additional days off: 1 life event day, 2 volunteer days, 2 company-wide wellbeing days (M-Powered Weekend) and 8 bank holidays per year
  • Private medical Insurance with Bupa, a medical cashback scheme, life insurance, gym membership & wellness resources through Wellhub and access to Spill - all in one mental health support
  • Hybrid work offering - for most roles we collaborate in the office three days per week with the exception of Coaches and Instructors who collaborate in the office once a month
  • Work-from-anywhere scheme - you'll have the opportunity to work from anywhere, up to 10 days per year
  • Space to connect: Beyond the desk, we make time for weekly catch-ups, seasonal celebrations, and have a kitchen that’s always stocked!
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
PythonTypeScriptNodeTerraformCI/CDSASTDASTSCAcloud securitythreat detection
Soft Skills
communicationcollaborationtroubleshootingleadershipblameless cultureproblem-solvingguidanceautomation mindsetpost-mortem analysisprioritization
Certifications
ISO42001