Platform Security Engineer
Posted on 8/11/2023

51-200 employees

Consumer research & insight platform
Company Overview
Attest's mission is to empower each person within a business with confidence for every decision, with the right insight, at the right time. Attest's consumer research platform combines unparalleled speed and data quality with on-demand research expertise, making it simple for anyone to run regular research, achieve clear insight and continuously uncover opportunities with consumer data.
Consumer Goods
Data & Analytics

Company Stage

Series B

Total Funding





, United Kingdom

Growth & Insights

6 month growth


1 year growth


2 year growth

London, UK
Experience Level
Desired Skills
Development Operations (DevOps)
IT & Security
DevOps & Infrastructure
Software Engineering
  • You have previous experience as a Platform Security Engineer, or may have had roles with “DevSecOps”, “DevOps”, “Platform”, “Security or “SRE” in the job title. You were working alongside others for compliance projects such as ISO 27001 or GDPR
  • You have experience working with AWS, Kubernetes, cloud networking and Linux. It would be ideal if you have experience with Kubernetes manifests and Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, Pulumi, AWS CDK or CDKTF (Terraform CDK)
  • You have basic experience of programming for infrastructure using any procedural language beyond bash, and want to learn more - examples could be Golang, Python, JavaScript, Ruby or other languages
  • You have experience of applying DevSecOps techniques and tools - these may include threat modelling, “shift left”, static analysis, dynamic analysis, policy as code, software supply chain security, tamper-proof audit trails, etc
  • You are familiar with the main types of security tools and can advise on which types are most appropriate based on security goals, tech environment and business context. Such tools may include SIEM, SAST, DAST, vulnerability management, etc, and could involve a mix of open source and commercial components
  • You have experience managing security incident responses including blameless postmortems
  • You are able to see big picture goals and create actionable roadmaps for security programs, technology, and business initiatives
  • A competitive salary that fairly recognises your experience and potential
  • We're enthusiastic to offer all Attesters EMI share options in the company so that as the business succeeds, so do you!
  • 25 days (UK) paid holiday per year, increasing to 26 after 3 years service and 27 after 4 years service. This is in addition to local public holidays and an additional 2 days off around the festive season
  • To help you save for your retirement, you'll be auto-enrolled to our group pension plan when you join
  • Support with remote and flexible working both whilst we navigate the world as it is now and in the long-term. We'll even give you £300 to set up your home office
  • A career growth and development budget of £20 per month which can be accrued over the year
  • A £40 a month wellness allowance to spend on things that matter to your physical and mental wellbeing. This can be spent on a monthly basis or saved up for larger purchases over the year
  • Access to private and confidential coaching or counselling via Sanctus
  • Spend up to 2 paid days per month - 10% time - giving back to your community or supporting your favourite charity
  • 10 days paid sick leave a year - for your body and your mind
  • 24/7 Employee Assistance Programme by Care First
  • Your choice of equipment and access to great tools that support your productivity and impact
  • An open, inclusive and supportive team where everyone is valued and all ideas and suggestions are welcomed
  • Plan, design, and improve infrastructure as code (IaC) relating to security. You may also be involved in developer tooling for security, while aiming to maintain developer velocity
  • Deliver day to day tactical improvements, mostly for the security area. These typically include enhancing CI/CD pipelines, automating our AWS/EKS infrastructure with Terraform, and helping migrate to Pulumi and Golang, maintaining and improving our telemetry and logging infrastructure as well as maintaining documentation for all platform owned services and processes
  • Develop technical solutions based on DevSecOps principles to help address security issues and automate repeatable tasks, along with implementation of security controls to protect cloud resources and data
  • Partner with leaders across the business (Product, Engineering, Legal, IT and beyond) to define security direction and to provide security strategy, tooling advice and promote secure engineering practices. As part of a wider team, you will contribute to ensuring that our platform is compliant to security related regulations such as ISO 27001
  • The culture of security awareness is not the job of the Platform Security Engineer alone! You will ensure that security policies and practices for cross-disciplinary teams and engineers remain relevant and impactful