
Senior Security Engineer
Posted Jun 9

Posted Jun 9
This is a fully remote position, open to applicants in United Kingdom.
• You will play a crucial role in securing Prolific’s applications from end to end, engaging in hands-on testing, code reviews, threat modeling, and CI/CD security.
• Collaborating closely with engineers, you will identify and rectify vulnerabilities, develop and optimize security tools, and integrate secure development practices throughout the software development lifecycle (SDLC).
• Your responsibilities will include conducting penetration tests, enhancing detection coverage, and proactively addressing emerging threats to continuously bolster our security posture.
• A few years of experience in application/product security along with a background in software engineering.
• In-depth understanding of the OWASP Top 10 (Web & API) and contemporary attack vectors (such as authentication flaws, SSRF, injection, business logic abuse, and supply chain vulnerabilities).
• Proven experience with complex, large-scale systems and modern architectures.
• Hands-on experience in security testing, particularly with Burp Suite, across web applications and APIs.
• Proficiency in Python for developing security tools, automation, or custom detection (experience with Django is a plus).
• Familiarity with implementing and fine-tuning SAST, SCA, DAST, and secret scanning within CI/CD environments.
• Practical experience in threat modeling, including leading concise sessions.
• Strong collaboration skills with the ability to clearly communicate issues and drive remediation efforts.
• A builder mindset, with a focus on automation wherever feasible.
• Experience with Django, Vue.js, MongoDB, and Google Cloud Platform (GCP).
• Involvement in security champions or bug bounty programs.
• Knowledge of supply chain security (including SCA, SBOMs, and dependency reviews).
• Familiarity with Infrastructure as Code (IaC) security (for example, Terraform and policy-as-code).
• Possession of hands-on certifications (such as OSCP, GWAPT, or BSCP).
• Experience in scaling environments while establishing security practices.
• Competitive salary.
• A variety of benefits, perks, and additional compensation options.
DATAGROUP
CrowdStrike
GitLab
CrowdStrike
Get handpicked remote jobs straight to your inbox weekly.