Security Engineer - Detection and Response (UK)

About Our TeamAt OpenAI, security serves as the cornerstone of our commitment to harnessing artificial general intelligence for the betterment of humanity. Our dedicated Security team safeguards our innovative technologies, talented personnel, and exceptional products. With a strong focus on impactful solutions, we prioritize enabling our researchers, anticipating future technological advancements, and nurturing a robust security culture.About the PositionWe are seeking a proactive Security Engineer to join our dynamic team of engineers and researchers in developing, operating, and securing groundbreaking AI technologies. This role will specialize in Detection & Response, encompassing infrastructure and operational responsibilities, while also contributing as a versatile team member across our Security initiatives. Your key responsibilities will include:Leading projects across essential security domains such as Application Security, Infrastructure Security, Offensive Security, and Detection & Response.Creating innovative solutions to address unique security challenges.Collaborating on pioneering AI research and utilizing AI technologies to enhance OpenAI's security framework.This position is based in London, UK, employing a hybrid work model that includes three days in the office per week. We also provide relocation assistance for new hires.Your Responsibilities Will Include:Innovating within the Detection and Response infrastructure.Developing tools for managing the lifecycle of detection rules.Creating, evaluating, and fine-tuning detection rules to ensure effective, sustainable operations.Automating manual incident response processes.Ensuring comprehensive visibility and control of OpenAI’s endpoint fleet (macOS, Windows).Enhancing identity access management (IAM), device management, productivity tools, and public cloud environments (e.g., AWS, Microsoft Azure).You Are a Great Fit if You Have:Experience in security or a related field.Familiarity with Microsoft Azure and/or other cloud infrastructure platforms.Knowledge of contemporary adversary tactics, techniques, and procedures.

Join Canva as a Senior Security Engineer specializing in Incident Response, where your expertise will play a crucial role in safeguarding our digital assets. You will lead the charge in investigating security incidents, implementing security measures, and collaborating with cross-functional teams to strengthen our overall security posture. Your analytical skills and proactive approach will ensure that Canva remains a safe and secure platform for our users.

ASOS is looking for a Security Specialist in London with experience in Security Operations Center (SOC) activities and incident response. This role helps protect the company’s digital assets by monitoring for threats and managing security incidents as they arise. Main responsibilities Monitor company systems and networks to identify potential security threats and unusual activity. Respond to security incidents, coordinating with teams across the business to contain and resolve issues. Contribute to the development and maintenance of security policies, procedures, and incident response plans. Keep up to date with the latest security threats, vulnerabilities, and trends. Collaboration This position works closely with teams from different parts of the business to help safeguard ASOS’s systems and data.

Join Our Team as a Security EngineerAt incident.io, we are transforming incident response with our cutting-edge AI platform, dedicated to minimizing response times and enhancing reliability. Our comprehensive solution integrates on-call management, incident response, AI SRE, and status updates into one seamless platform, empowering teams to act swiftly, reduce outages, and keep their customers informed.Since our inception in 2021, we have successfully assisted over 1,500 organizations, including renowned names like Netflix, Airbnb, and Block, in managing over 500,000 incidents. Each month, thousands of engineers, product managers, and support staff rely on incident.io to restore services efficiently, maintain alignment during high-pressure situations, and focus on what truly matters.We are a rapidly expanding, ambitious team that values our customers, the quality of our product, and the magic we create together. With $100M raised from prestigious investors like Index Ventures, Insight Partners, and Point Nine, along with contributions from top executives in the tech industry, we’re poised for significant growth.Your RoleAs our inaugural Security Engineer, you will play a vital role in our product teams, ensuring application security is integrated from the foundational stages. Collaborating closely with engineers, you will identify vulnerabilities before they progress to production, mentor your peers on secure coding practices, and foster a culture where security is a primary focus.This position offers a unique opportunity to work at the intersection of security and engineering, contributing to the design and development of secure systems that align with our commitment to customer satisfaction.

Position: Security EngineerLocation: London, Bristol, or Edinburgh (Hybrid options available)Salary Range: £63,000 - £93,000Team: Security Engineering TeamReporting To: Security Engineering ManagerThis role requires existing right to work in the UK. Please note that we currently do not offer visa sponsorship for this position.Kaluza is at the forefront of the energy transition, transforming energy complexity into seamless coordination. Our mission is to assist energy companies in navigating today’s challenges while accelerating the shift towards a cleaner, electrified future.Our platform enables millions of real-time decisions across homes, devices, markets, and grids. By merging predictive algorithms with human-centered design, Kaluza ensures that clean energy is dependable, affordable, and adaptable to everyday life.With teams strategically located across Europe, North America, Asia, and Australia, and a joint venture with Mitsubishi Corporation in Japan, we empower leading organizations including OVO, AGL, and ENGIE, alongside innovators like Volvo and Volkswagen.Your Role:Implement security platforms and tools to proactively prevent, accurately detect, and efficiently respond to emerging security threats.Collaborate with Platform Engineering and IAM teams to integrate Zero Trust architecture and enforce robust privileged access management (PAM) controls.Support Kaluza’s product teams in delivering secure systems rapidly while promoting a culture of collaboration and security best practices.

AJ Bell seeks a Senior Information Security Engineer to strengthen the protection of company information systems and support compliance initiatives. The position is offered as a hybrid role, with the option to work from either the Manchester or London office and some flexibility for remote work. Key responsibilities Identify and assess security vulnerabilities within company systems Implement and maintain security controls to protect data and infrastructure Collaborate with teams across the business to promote effective security practices Assist in maintaining compliance with relevant regulations and internal policies Location This role is based in Manchester or London with a hybrid work arrangement, allowing for both office presence and remote work.

Blockchain.com is at the forefront of revolutionizing the financial landscape. As a leading global cryptocurrency platform, we empower millions to securely engage with digital assets. Since our launch in 2011, we have garnered the trust of over 90 million wallet holders and facilitated more than $1 trillion in crypto transactions.Blockchain.com is the premier software platform for digital assets, providing the world's most extensive production blockchain platform. Our mission is to drive innovation, foster creativity, and build a transparent and equitable financial future through cutting-edge software development.We are seeking talented software engineers from diverse technical backgrounds with a solid history of designing scalable, reliable, and high-performance systems. In this pivotal role as a Senior Back-End Engineer, you will lead technical discussions, influence strategic decisions, and contribute to the team's growth by championing exemplary engineering practices.

Recorded Future brings together over 1,000 intelligence professionals to support more than 1,900 clients worldwide. The company focuses on providing intelligence solutions at a global scale. Role overview The Incident Response Analyst joins the Incident Response Team in the Enterprise Security division based in London. This position covers several key areas: security operations, incident response, risk management, compliance, and security training. The team works to protect the organization and its clients by responding to security incidents and strengthening overall security posture. What you will do Assist with day-to-day security operations and incident response tasks Support ongoing risk management and compliance activities Contribute to security awareness and training programs Requirements Strong foundational understanding of security principles across multiple areas Genuine interest in building a career in cybersecurity Proactive mindset for problem-solving and continuous learning This position is a good fit for junior professionals who want to develop their skills and grow within the cybersecurity sector.

Isomorphic Labs is looking for a Platform Security Engineer based in London. The focus of this role is to safeguard the company’s technology infrastructure and help secure its main platforms. Key responsibilities Apply security controls and measures throughout company systems and services Carry out vulnerability assessments to find and address potential risks Collaborate with colleagues from various disciplines to strengthen platform security This position centers on practical security work, hands-on risk assessment, and cross-team collaboration to keep Isomorphic Labs' platforms protected.

About WRITERWRITER is at the forefront of empowering the world's leading enterprises with AI-driven solutions. Our mission is to enhance human capabilities through superintelligence, proving that transformative, reliable AI is achievable. By bridging IT and business teams, we enable organizations to undergo enterprise-wide transformations. Hundreds of renowned companies, including Mars, Marriott, Uber, and Vanguard, utilize WRITER's comprehensive platform to build and deploy AI agents based on their unique data, powered by our enterprise-grade LLMs. With a valuation of $1.9B and support from top-tier investors like Premji Invest, Radical Ventures, and ICONIQ Growth, WRITER is solidifying its role as a pioneer in enterprise generative AI.Founded in 2020, and with offices in San Francisco, New York City, Austin, Chicago, and London, our dynamic team is dedicated to innovative thinking and swift action. We invite talented, dedicated builders and visionaries to join us in shaping the future of work through AI. About the RoleJoin us as a Security Engineer specializing in Application Security at WRITER, where security innovation meets enterprise-scale challenges. You will lay the foundational security measures to safeguard the AI systems that support some of the most recognizable brands globally. Collaborating closely with engineering teams, your role will be pivotal in integrating security into every aspect of our coding processes, ensuring our platform remains robust and trustworthy.This is a tremendous opportunity to shape the security landscape for enterprise AI applications, from threat modeling our LLM architectures to creating scalable automated security controls across our growing platform. Embrace the challenge of discovering creative solutions that allow us to proceed securely. You will encounter unique hurdles that most security engineers may never face, including securing AI agents, shielding training data pipelines, and designing controls for systems that are still in their infancy.This position offers the flexibility of remote work within the US or a hybrid model from our San Francisco or New York City offices, with direct reporting to the Head of Security Engineering.

Menlo Security helps organizations around the world connect, communicate, and collaborate securely. The company supports a wide range of clients, including Fortune 500 firms, nine of the ten largest global banks, and the Department of Defense. The shift in work patterns since COVID-19 has only increased the importance of Menlo’s mission. Menlo Security is entering a new phase of growth, expanding beyond its current team of 400. The company values empathy, adaptability, and a commitment to results. Team members are expected to work ethically, stay organized, focus on service, and contribute to a culture that values both giving and receiving feedback. Menlo is backed by investors such as Vista Equity Partners, General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures. Role Overview The Senior Engineer I - Web Isolation (UK Region) will join the UK-based Web Isolation team. This group builds and maintains Menlo’s remote browser technology, which protects millions of users worldwide through the company’s cloud platform. The work spans desktop and mobile, with a focus on security at every layer. Key technical areas include: Chromium internals Networking Video and audio integration Advanced HTML5 (such as WebGL and WebRTC) Containerization Load balancing and scalability The team values strong design, thorough code reviews, and a collaborative approach. Engineers with deep systems-level experience outside of browsers are encouraged to apply if they are ready for new technical challenges. For more about the kind of work involved, see the Menlo blog: Mobile Isolation Era Begins. What You Bring Extensive understanding of browser technology Hands-on experience with Chromium internals Background in networking, video, and audio technologies Familiarity with advanced HTML5 features (WebGL, WebRTC) Proficient C++ programming skills Ability to use modern AI tools in development workflows Knowledge of Python, Rust, and JavaScript is a strong plus Location Role based in the UK region (EMEA).

Technical Account Manager with UK Security ClearanceLocation: London, UK (Hybrid – typically 1+ days in-office/client-site per week)Contract: Permanent, Full-timePackage: £100,000-£120,000 + 30% Bonus + 10% Shares + Benefits (see more below)Clearance: UK Security Clearance eligibility required.About UsAt Appvia, we specialize in cloud-native solutions and consultancy, empowering organizations to effectively build, secure, and scale in the cloud. Our services include self-service platforms, governance frameworks, cost optimization strategies, and AI acceleration tools.By collaborating with public cloud providers, we serve both public and private sectors, guiding clients in developing modern cloud platforms, embedding best practices in platform engineering, enhancing governance, and optimizing costs to boost developer productivity and accelerate delivery processes, making cloud a strategic advantage.As we expand our client portfolio and tackle increasingly complex transformation projects, we are looking for a Client Principal / Technical Engagement Manager to lead our major strategic accounts. You will act as the senior liaison between our technical teams and our clients’ executive stakeholders, ensuring value realization, account growth, and successful project delivery.Interview Process - 4 Stages:Discovery conversation with our Talent Acquisition team.General Interview with Hiring Manager.Technical Interview deep dive with Head of Engineering.Culture and Revenue focused Interview with CEO.Important:To be considered, you must either hold active Security Clearance or be eligible for it:British Passport or Indefinite Leave to RemainResided in the UK for a minimum of the last 5 years.No criminal records.No financial irregularities.About the RoleThis is a senior, client-facing leadership role responsible for driving account success, ensuring delivery quality, and fostering commercial growth across Appvia's prominent cloud transformation projects.You will manage relationships with one or more strategic accounts, overseeing various initiatives from cloud migration to automation and platform engineering to AI enablement, ensuring that Appvia is recognized as a trusted, long-term strategic partner.This multifaceted post-sales role integrates technical account leadership, delivery oversight, stakeholder engagement, and commercial accountability. You will collaborate closely with our CEO, Head of Cloud Solutions, Head of Solutions Engineering, and practice leaders, ensuring clients derive measurable value from our efforts while identifying opportunities to deepen and expand partnerships. This role is also billable and will play a pivotal role in shaping Appvia’s future client engagement model.

Role overview Xero Limited is seeking a Senior Engineer to join its UK Regional Team, based in London at 7 Devonshire Square. This position focuses on shaping features for the UK market, connecting technical work directly to customer needs and business outcomes. Senior Engineers at Xero handle complex challenges that span multiple products, balancing regional requirements alongside global strategy. Team structure and collaboration The team includes an Engineering Manager, Lead Engineers, and Engineers, all reporting to the General Manager of Engineering for the UK. Collaboration is a core part of the role. Senior Engineers work closely with product owners and peers across Xero, designing, building, and delivering solutions that have real impact. Projects and technical scope Current projects span the full Xero platform, including Payments, Accounting, and Payroll. This role provides exposure to a broad range of products and technical domains within Xero’s suite. Work environment Xero holds a Great Place to Work UK accreditation. Flexible work arrangements are available: choose remote, hybrid, or office-based work in London, Milton Keynes, or Manchester. Offices are designed to support collaboration and connection. Some travel may be needed to coordinate with global teams and support international partnerships. Requirements Curiosity and drive to solve customer problems, delivering clear business value across technical areas Adaptability in learning new domains and navigating unfamiliar codebases Ability to work with stakeholders and build consensus across distributed teams Commitment to high-quality engineering practices, producing scalable and maintainable code Comfort in high-visibility situations, using strong communication to engage stakeholders and broaden influence Experience with modern programming languages and frameworks, along with a solid understanding of software engineering fundamentals

Role overview Three UK is seeking a Regulatory Manager to join the team in London. The position centers on ensuring the company meets all relevant regulatory obligations and helps the business stay aligned with current compliance standards. Key responsibilities Oversee compliance activities throughout the organization Maintain communication with regulatory authorities when required Create and apply policies that support regulatory compliance Promote sound business practices by implementing effective compliance measures Location This role is based in London.

Abound is changing how consumer lending works in the UK and beyond. By combining advanced AI with Open Banking data, the company looks at a person’s complete financial situation, not just a credit score, to make lending decisions that are fairer and more accurate. Since launch, Abound has issued over £1.3bn in loans, with a credit performance that outpaces industry averages. The company became profitable within 2.5 years and has backing from major investors, including Citi and Deutsche Bank. With over £2bn in funding, Abound is recognized as one of Europe’s fastest-growing fintechs. Role overview This Senior Security Engineer position is based in London and sits within the Platform team. The role blends DevSecOps responsibilities, serving as a bridge between product engineering and Corporate IT. As a hands-on contributor, the Senior Security Engineer critically reviews security architecture across both production and internal IT environments. During the first 6 to 12 months, the focus will be on designing and implementing next-generation cloud security architecture in AWS and GCP. The role also involves building and maturing internal SOC capabilities, particularly around detection and response. What you will do Manage Microsoft Sentinel to strengthen SIEM/SOAR capabilities Automate RBAC for identity and access management across AWS, Microsoft Entra, and internal systems Embed security controls into GitLab CI/CD pipelines, including scanning, infrastructure-as-code reviews, and automated policy enforcement Support a shift-left approach by integrating security throughout the software development lifecycle Technology stack Cloud & Compute: AWS, ECS Fargate, Aurora, Lambda, GCP Data Lake: S3, DMS, Glue Security & Identity: Microsoft Defender (XDR), Microsoft Sentinel (SIEM/SOAR), Defender for Cloud (CSPM), Microsoft 365, Entra, Intune Cloud Security Tooling: GuardDuty, Security Hub, Inspector, Security Command Center Code & Infrastructure: Terraform, GitLab CI/CD

airapps is hiring a Security Engineer to help safeguard digital assets and infrastructure in the London Metropolitan Area. This role centers on identifying weaknesses, managing security risks, and ensuring strong security measures are in place. Key responsibilities Identify vulnerabilities throughout information systems Reduce and address security risks as they arise Implement and maintain effective security protocols Support efforts to comply with relevant industry standards Help strengthen the company’s overall security posture Location This position is based in the London Metropolitan Area.

At Menlo Security, we are dedicated to empowering secure connections, communication, and collaboration across the globe. Our mission has become increasingly vital in the wake of COVID-19, as we serve a diverse clientele that includes Fortune 500 companies, 9 out of the 10 largest global banks, and the Department of Defense.As we evolve from 400 employees, we seek passionate and agile individuals who resonate with our mission. The ideal candidate is ethical, exceptionally organized, dedicated to completion, service-oriented, and open to feedback while confidently providing guidance to others.With robust financial backing from top-tier investors including Vista Equity Partners, General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures, Menlo Security is poised for significant growth.Role OverviewWe invite skilled engineers to join our Web Isolation team, focusing on our cutting-edge remote browser technology utilized on desktop and mobile platforms, catering to millions globally via Menlo's cloud services. Your work will encompass areas such as Chromium internals, networking, video/audio, advanced HTML5 features, containerization, load balancing, scaling, and cost-efficiency, all while maintaining a strong emphasis on security. Our team fosters a collegial environment with a robust culture of design and code review. We welcome applicants possessing deep systems-level expertise from non-browser domains to tackle innovative challenges. For a glimpse into our challenges, visit our blog: here.Candidate ProfileThe ideal candidate will possess a profound understanding of browsers and relevant technologies. You should have experience (or be willing to gain experience) in areas such as Chromium internals, networking, video/audio processing, and advanced HTML5 features including WebGL and WebRTC.

Join Three UK as a Regulatory Lead and play a pivotal role in shaping our regulatory strategies. You will be at the forefront of navigating complex regulatory landscapes, ensuring compliance, and advocating for our interests in the telecommunications sector.

ABOUT AvolutionJoin Avolution, a prestigious global leader in Enterprise Architecture Software with over 20 years of experience. Our established presence spans across London, Sydney, Northern Virginia, and Singapore, and we are recognized in the Gartner Magic Quadrant as an industry frontrunner. Become part of our intelligent, friendly team, where your skills and initiative will drive our growth while enjoying a culture rated as collegial, collaborative, flexible, and supportive by our employees.Key ResponsibilitiesCloud & Infrastructure SecurityDesign, manage, and enhance security configurations across Azure and AWS environments, ensuring seamless integration with Office 365.Implement and enforce industry best practices for identity and access management (IAM) in Azure AD (Entra ID) and AWS IAM.Monitor cloud workloads for vulnerabilities, misconfigurations, and threats utilizing tools such as Microsoft Defender.Collaborate with DevOps/Engineering teams to embed security controls into CI/CD pipelines, advocating for DevSecOps principles.Conduct thorough security assessments, including aiding in penetration testing and risk evaluations to identify and mitigate potential vulnerabilities.Endpoint & Identity SecurityEnhance device posture, compliance, and management utilizing Microsoft Intune and Defender for Endpoint.Develop and maintain solid conditional access, multi-factor authentication (MFA), and endpoint protection policies.Oversee secure identity lifecycle processes, enforcing least-privilege access and zero-trust principles.Security OperationsRespond promptly to security alerts, incidents, and vulnerabilities with thorough investigations and remediation actions.Perform regular risk assessments, security reviews, and internal audits.Manage and optimize security tools, including SIEM, EDR, vulnerability scanners, and the Microsoft Defender suite.Lead incident response efforts and coordinate with cross-functional teams.Compliance & GovernanceSupport ISO 27001:2022 recertification and ongoing compliance activities, including internal audits.Prepare for and assist in obtaining additional compliance certifications (e.g., SOC 2, GDPR) to facilitate company growth.Develop, maintain, and enhance security policies, procedures, and technical documentation.Track, report on, and address audit findings or compliance gaps.Collaboration & CulturePartner with globally distributed teams across EMEA, AMER, and APAC regions.Educate internal teams on security best practices and cultivate a security-first culture through training and awareness initiatives.