125 Application Security jobs in London

**Summary:**
Meta's Privacy Engineering team is seeking a Privacy Engineer with experience in applying an adversarial mindset to identify, scope, contain, and eradicate real-world privacy threats to products and infrastructure. Your primary responsibility will be to deal with privacy vulnerabilities by designing and guiding Software Engineers through remediations, learning from security/privacy incidents, and identifying vulnerabilities across our codebase at scale. Your skills will be the foundation of security initiatives that protect the security and privacy of billions of people. You will advance Meta's mission of making the world more open and connected by identifying and neutralizing threats that aim to collect sensitive information or disrupt our systems.
**Required Skills:**
Application Security Engineer, Privacy Responsibilities:
1. Incident triage & fact identification: Get the right people involved to understand what has happened and assess impact
2. Follow the facts uncovered in triage to mitigate and remediate the vulnerability
3. Review and understand what happened and ensure that the root cause and contributing factors are identified, documented, and remediated
4. Apply technical understanding to ensure Meta learns from each incident to ensure it doesn't resurface
5. Employ adversarial mindset to proactively identify vulnerabilities across Meta's products
**Minimum Qualifications:**
Minimum Qualifications:
6. 5+ years work experience in technical privacy, security, or security software engineering domains, including incident response, application privacy/security, and/or offensive security
7. Experience identifying, analyzing, and remediating real-world privacy/security threats
8. Software engineering proficiency equivalent to 1+ years work experience coding in Python, PHP, Java, C/C++ (or equivalent language) including code maintenance and review
**Preferred Qualifications:**
Preferred Qualifications:
9. Experience within a corporate environment communicating technical issues and their implications to other areas of the business.
10. Experience managing large-scale incidents with broad, public visibility.
11. Technical contributions to the privacy or security community (e.g., public research, blogging, presentations).
12. B.S. or M.S. in Computer Science or a related field, or equivalent work experience.
13. Technical experience across other Privacy or Security disciplines, e.g., Application Security/Privacy.
**Industry:** Internet

Description
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
As a Security Engineer, you will work closely with software development teams to help design, build, and review secure services. You will support efforts such as identifying security issues in code and architecture, implementing security tooling, and contributing to frameworks that enable secure software development at scale.
This role is ideal for someone with strong technical fundamentals in application security and a desire to grow their expertise across security domains. You should be comfortable diving deep into technical problems, collaborating with engineers across teams, and applying your knowledge to real-world security challenges. You will be encouraged to continuously learn and develop your skills.
Key job responsibilities
- Creating, updating, and maintaining threat models for a wide variety of software projects.
- Manual and Automated Secure Code Review, primarily in Java, Python and Javascript.
- Assist in building and maintaining security automation tools to improve coverage and reduce manual efforts.
- Adversarial security analysis through tooling and manual techniques to identify security issues
- Security training and outreach for internal development teams.
- Security architecture and design guidance.
- Investigate and help resolve security issues, proposing creative solutions where standard approaches may not apply.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
#Joinstoresappsec
Basic Qualifications
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Experience applying threat modeling or other risk identification techniques or equivalent
- Experience with programming languages such as Python, Java, C+- Bachelor's degree in computer science or equivalent, or equivalent years of engineering experience.
Preferred Qualifications
- Information security professional certifications.
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP.
- Have experience building and securing complex AWS architecture.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and

Description
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
As a Security Engineer, you will work closely with software development teams to help design, build, and review secure services. You will support efforts such as identifying security issues in code and architecture, implementing security tooling, and contributing to frameworks that enable secure software development at scale.
This role is ideal for someone with strong technical fundamentals in application security and a desire to grow their expertise across security domains. You should be comfortable diving deep into technical problems, collaborating with engineers across teams, and applying your knowledge to real-world security challenges. You will be encouraged to continuously learn and develop your skills.
Key job responsibilities
- Creating, updating, and maintaining threat models for a wide variety of software projects.
- Manual and Automated Secure Code Review, primarily in Java, Python and Javascript.
- Assist in building and maintaining security automation tools to improve coverage and reduce manual efforts.
- Adversarial security analysis through tooling and manual techniques to identify vulnerabilities
- Security training and outreach for internal development teams.
- Security architecture and design guidance.
- Investigate and help resolve security issues, proposing creative solutions where standard approaches may not apply.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
#Joinstoresappsec
Basic Qualifications
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Experience applying threat modeling or other risk identification techniques or equivalent
- Experience with programming languages such as Python, Java, C+- Bachelor's degree in computer science or equivalent, or equivalent years of engineering experience.
Preferred Qualifications
- Information security professional certifications.
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP.
- Have experience building and securing complex AWS architecture.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and

Description
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
As a Security Engineer, you will collaborate with software development teams to ensure we keep our customers safe while developing these novel services. In a given day, you might be inspecting an application's code for security issues, building a new framework to help our software developers build faster and more securely, or fine-tuning the design for a new service alongside its software developers.
The ideal candidate combines technical acumen with an ability to lead by influence and communicate clearly. Technically, this person will be a security generalist with one or more areas of deep expertise. In their communication, they will clearly articulate risks to technical and non-technical audiences alike. Interpersonally, successful candidates will effectively harmonize disparate opinions while effectively prioritizing risks to guide their partners towards secure solutions.
Key job responsibilities
- Creating, updating, and maintaining threat models for a wide variety of software projects.
- Manual and Automated Secure Code Review, primarily in Java, Python and Javascript.
- Development of security automation tools
- Adversarial security analysis using tools to augment manual effort.
- Security training and outreach for internal development teams.
- Security architecture and design guidance.
- Independently solve security problems that require novel methods or approaches.
- Influence your team's and partners' process, priorities, and choices to improve outcomes.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
#Joinstoresappsec
Basic Qualifications
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Experience applying threat modeling or other risk identification techniques or equivalent
- Experience with programming languages such as Python, Java, C+- Bachelor's degree in computer science or equivalent, or equivalent years of engineering experience.
Preferred Qualifications
- Information security professional certification
- Experience with AWS products and services
- Knowledge of penetration testing and the development of exploits or equivalent
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and

Description
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
As a Security Engineer, you will work closely with software development teams to help design, build, and review secure services. You will support efforts such as identifying security issues in code and architecture, implementing security tooling, and contributing to frameworks that enable secure software development at scale.
This role is ideal for someone with strong technical fundamentals in application security and a desire to grow their expertise across security domains. You should be comfortable diving deep into technical problems, collaborating with engineers across teams, and applying your knowledge to real-world security challenges. You will be encouraged to continuously learn and develop your skills.
Key job responsibilities
- Creating, updating, and maintaining threat models for a wide variety of software projects.
- Manual and Automated Secure Code Review, primarily in Java, Python and Javascript.
- Assist in building and maintaining security automation tools to improve coverage and reduce manual efforts.
- Adversarial security analysis through tooling and manual techniques to identify vulnerabilities.
- Security training and outreach for internal development teams.
- Security architecture and design guidance.
- Investigate and help resolve security issues, proposing creative solutions where standard approaches may not apply.
About the team
Diverse Experiences
Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why Amazon Security?
At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores.
Inclusive Team Culture
In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices.
Training & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
#Joinstoresappsec
Basic Qualifications
- Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Experience applying threat modeling or other risk identification techniques or equivalent
- Experience with programming languages such as Python, Java, C+- Bachelor's degree in computer science or equivalent, or equivalent years of engineering experience.
Preferred Qualifications
- Information security professional certifications
- Knowledge of networking protocols such as HTTP, DNS and TCP/IP
- Have experience building and securing complex AWS architecture.
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start **Caring. Connecting. Growing together.**
**About the Role:**
As a Fortune 5 business, we're one of the world's leading healthcare companies. There are no limits here on the resources you'll have or the challenges you'll encounter.
We have been supporting global healthcare systems from Ireland and the UK for more than 20 years, building a dynamic and diverse team of more than 2,100 talented individuals. With a continued record of growth and stability, we're on the constant lookout for fresh talent to join our expanding teams.
A Security Logging Engineer partners with ESRO Cyber Defense Teams to build, customize and distribute Security Log Solutions for on-prem and in the cloud systems. Work alongside the top Google SecOps engineers in the company to ensure our pipelines feeding SecOps are as efficient, reliable and cost effective as possible. ESRO Security Logging Team and ESRO Cyber-Defense teams both utilize the same workload software which produces a seamless workflow, a quicker time-to-deliver, and partnerships that offer focused value. We work with platform owners across the enterprise to provide support and education around the security events their platforms produce. We deliver world-class event pipelines tailored for each owner's platform.
_Careers with Optum offer flexible work arrangements and individuals who live and work in the Republic of Ireland will have the opportunity to split their monthly work hours between our Ireland Offices_ _and telecommuting from a home-based office in a hybrid work model._
**Primary Responsibilities of the Senior Security Software Engineer:**
+ Design & develop log solutions technologies with a key focus on Google SecOps, BindPlane, Beats, LogStash and Kafka
+ Build, design and develop new Log Collection systems for on-prem and cloud environments, AWS, Azure & GCP
+ Build and support pipeline monitoring and alerting tools like GCP Monitoring and ECE Monitoring as needed
+ Respond and troubleshoot platform alerts and high priority incidents and on-call alert pages
+ Facilitation of Change Requests (pipeline deployments, upgrades, breakfixes etc.)
+ Create a training plan to enhance your understanding of cloud key focus technologies like Terraform and AWS Lambda serverless computing as well as other key cloud technologies for AWS, Azure and GCP
_You will be rewarded and recognised for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role, as well as providing development for other roles you may be interested in._
**Required Qualifications:**
+ Bachelor of Science Degree in Computer Science or similar OR equivalent experience
+ Proven experience working within log collection setup and development
+ Proven experience with RHEL Linux Server OS
+ Experience working with Google SecOps basic search queries
+ Experience with BindPlane, LogStash, Kafka, and GitHub Operations
+ Proficiency in Scripting/Programming with Python and Go
**Preferred Qualifications:**
+ Proven ability to work on high and low-level designing
+ Experience with Cloud Solution designs and setup for AWS, GCP and Azure
+ Excellent understanding of Amazon Kinesis Data Streams
+ Advanced Experience with RHEL Linux OS Commands
+ Advanced Experience with Go & Python Scripting/Programming
**Soft Skills:**
+ Good communication skills
+ Good problem-solving attitude
+ Ability to work independently or as a team
**Please note you must currently be eligible to work and remain indefinitely without any restrictions in the country to which you are making an application. Proof will be required to support your application.**
_All telecommuters will be required to adhere to the UnitedHealth Group's Telecommuter Policy._
_At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalised groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission._
_Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, sexual orientation, or any other characteristic protected by law. UnitedHealth Group is a drug-free workplace. © 2025 UnitedHealth Group. All rights reserved._
#RPO #BBMEMEA

Optum is a global organisation that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start **Caring. Connecting. Growing together.**
A Security Logging Engineer partners with ESRO Cyber Defense Teams to build, customize and distribute Security Log Solutions for on-prem and in the cloud systems. Work alongside the top Google SecOps engineers in the company to ensure our pipelines feeding SecOps are as efficient, reliable and cost effective as possible. ESRO Security Logging Team and ESRO Cyber-Defense teams both utilize the same workload software which produces a seamless workflow, a quicker time-to-deliver, and partnerships that offer focused value. We work with platform owners across the enterprise to provide support and education around the security events their platforms produce. We deliver world-class event pipelines tailored for each owner's platform.
_Careers with Optum offer flexible work arrangements and individuals who live and work in the Republic of Ireland will have the opportunity to split their monthly work hours between our London office_ _and telecommuting from a home-based office in a hybrid work model._
**Primary Responsibilities:**
+ Design & develop log solutions technologies with a key focus on Google SecOps, BindPlane, Beats, LogStash and Kafka
+ Build, design and develop new Log Collection systems for on-prem and cloud environments, AWS, Azure & GCP
+ Build and support pipeline monitoring and alerting tools like GCP Monitoring and ECE Monitoring as needed
+ Respond and troubleshoot platform alerts and high priority incidents and on-call alert pages
+ Facilitation of Change Requests (pipeline deployments, upgrades, breakfixes etc.)
+ Create a training plan to enhance your understanding of cloud key focus technologies like Terraform and AWS Lambda serverless computing as well as other key cloud technologies for AWS, Azure and GCP
_You will be rewarded and recognised for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role, as well as providing development for other roles you may be interested in_
**Required Qualifications:**
+ Bachelor's in Computer Science or similar. or equivalent experience
+ Proven experience working within log collection setup and development
+ Proven experience with RHEL Linux Server OS
+ Experience working with Google SecOps basic search queries
+ Experience with BindPlane, LogStash, Kafka, and GitHub Operations
+ Proficiency in Scripting/Programming with Python and Go
**Preferred Qualifications:**
+ Proven ability to work on high and low-level designing
+ Experience with Cloud Solution designs and setup for AWS, GCP and Azure
+ Excellent understanding of Amazon Kinesis Data Streams
+ Advanced Experience with RHEL Linux OS Commands
+ Advanced Experience with Go & Python Scripting/Programming
**Soft Skills:**
+ Proven good communications skills
+ Proven good problem-solving attitude
+ Proven ability to work independently or as a team
**Please note you must currently be eligible to work and remain indefinitely without any restrictions in the country to which you are making an application. Proof will be required to support your application.**
_All telecommuters will be required to adhere to the UnitedHealth Group's Telecommuter Policy._
_At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically_ _marginalised_ _groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission._
_Diversity creates a healthier atmosphere: UnitedHealth Group is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, sexual orientation, or any other characteristic protected by law. UnitedHealth Group is a drug-free workplace. © 2025 UnitedHealth Group. All rights reserved._
#RPO #BBMEMEA

Our team of hundreds of skilled experts keep Formula 1 moving. We’re on the lookout for a Security Engineer. Reporting to the Cyber Security Manager, the main purpose of this role is to support the development and management of security technologies across F1’s growing technology landscape.

Main Duties & Responsibilities:

• Assess and maintain high standards of security maturity across Formula 1’s cloud infrastructure
li>Focus on new and existing infrastructure, managing technical vulnerabilities, support continued system maintenance, and minimise technical debt
• Ensure visibility and reporting of Cloud infrastructure against Formula 1’s compliance and security standards (such as ISO 27001 and CIS)
< i>Main duties to be carried out include, but not limited to:
• Vulnerability Management and reporting across Formula 1’s cloud environment(s), including:
< i>Development of requirements, design, and implementation of cloud security tools (E.g. compliance and host security)
• A key focus on threat detection and risks across cloud environments
• Identification, remediation, and reporting of security vulnerabilities
• Reporting on compliance to F1’s security standards
< i>Support in the delivery and management of security design and architecture reviews
• Working closely with Infrastructure teams on security design and control strategies to reduce risks
• The definition and operation of secure development / operations (DevOps) practices, inc. code scanning, Kubernetes, container security.
• System and device hardening policies and reporting
• Technology focused threat assessments to identify threats/risks
• Documentation of security requirements, patterns, and processes
• Liaising closely with Formula 1’s cyber security, infrastructure, and digital teams on new and existing initiatives.

About You:

< i>Extensive hands-on experience with AWS cloud infrastructure – inc. AWS Security Services (CloudTrail, Guard Duty, WAF, IAM, Security Hub etc.) < i>Knowledge of CI/CD including DevSecOps patterns and principles
• Infrastructure as code experience utilising Terraform
• Knowledge of container technologies
• Extensive experience with AWS Security Services & Governance and Information Security Best Practices
• Experience with other enterprise cloud platforms e.g. Azure
• Kubernetes experience
• Identity & Access Management deployment and administration (e.g. Okta, Entra ID)
• Web application security technologies – WAF, Bot Protection, DDOS Protection, etc.
< i>Adaptable, passionate and a team-player

Division:

Technical

Our team of hundreds of skilled experts keep Formula 1 moving. We’re on the lookout for a Security Engineer. Reporting to the Cyber Security Manager, the main purpose of this role is to support the development and management of security technologies across F1’s growing technology landscape.

Main Duties & Responsibilities:

• Assess and maintain high standards of security maturity across Formula 1’s cloud infrastructure
li>Focus on new and existing infrastructure, managing technical vulnerabilities, support continued system maintenance, and minimise technical debt
• Ensure visibility and reporting of Cloud infrastructure against Formula 1’s compliance and security standards (such as ISO 27001 and CIS)
< i>Main duties to be carried out include, but not limited to:
• Vulnerability Management and reporting across Formula 1’s cloud environment(s), including:
< i>Development of requirements, design, and implementation of cloud security tools (E.g. compliance and host security)
• A key focus on threat detection and risks across cloud environments
• Identification, remediation, and reporting of security vulnerabilities
• Reporting on compliance to F1’s security standards
< i>Support in the delivery and management of security design and architecture reviews
• Working closely with Infrastructure teams on security design and control strategies to reduce risks
• The definition and operation of secure development / operations (DevOps) practices, inc. code scanning, Kubernetes, container security.
• System and device hardening policies and reporting
• Technology focused threat assessments to identify threats/risks
• Documentation of security requirements, patterns, and processes
• Liaising closely with Formula 1’s cyber security, infrastructure, and digital teams on new and existing initiatives.

About You:

< i>Extensive hands-on experience with AWS cloud infrastructure – inc. AWS Security Services (CloudTrail, Guard Duty, WAF, IAM, Security Hub etc.) < i>Knowledge of CI/CD including DevSecOps patterns and principles
• Infrastructure as code experience utilising Terraform
• Knowledge of container technologies
• Extensive experience with AWS Security Services & Governance and Information Security Best Practices
• Experience with other enterprise cloud platforms e.g. Azure
• Kubernetes experience
• Identity & Access Management deployment and administration (e.g. Okta, Entra ID)
• Web application security technologies – WAF, Bot Protection, DDOS Protection, etc.
< i>Adaptable, passionate and a team-player

Division:

Technical