Senior Security Engineer

Are you passionate about implementation and strategy of securing systems? Become a Senior Security Engineer at Thredd! As a Senior Security Engineer at Thredd, you will be responsible for shaping and maintaining the organisation’s security posture. You will design, build, and operate automated security and compliance controls and to manage vulnerabilities and risk across our cloud and engineering environments. This role focuses on embedding security controls, guardrails and telemetry into AWS platforms and development workflows, enabling continuous assurance and resilience by design.

• Embed security-by-design across all initiatives, ensuring client trust, regulatory alignment, and strong collaboration with IT, business, legal, and external stakeholders.
• Design secure-by-default cloud and platform architectures, implementing automated security and compliance controls using policy-as-code and infrastructure-as-code to improve reliability and reduce manual effort.
• Build and maintain robust security telemetry, dashboards, and reporting to support data-driven risk assessments, vulnerability prioritisation, audit readiness, and alignment with frameworks (e.g., SOC 2, ISO 27001, NIST, CIS).
• Plan and execute complex initiatives, enhance guardrails and validation mechanisms across environments, and drive measurable improvements in security posture, compliance maturity, and operational resilience.
• Shape engineering best practices, identify systemic risks, and lead continuous improvement and change management efforts across systems and departments.
• Mentor and lead within the security architecture function, foster learning and leadership development, remove barriers to performance, and build a strong, future-ready security culture.
• Deliver reliable, well-documented security metrics and reporting aligned to business and regulatory needs; ensure controls are testable, monitored, and continuously enhanced through automation and engineering improvements.
• Influence engineering practices through technical leadership, identifying opportunities to reduce manual effort, improve reliability, and embed security-by-design across all technology initiatives.
• Work closely with IT and business stakeholders to integrate security requirements into project planning, manage organisational impact assessments, and ensure compliance without operational disruption.
• Maintain strong knowledge of cloud security, Dev Sec Ops , application security, and compliance automation practices.
• Design and implement secure-by-default cloud and platform architectures that embed preventative and detective controls, and build and maintain robust security controls, guardrails, and validation mechanisms across cloud, network, and application environments.
• Prioritise vulnerabilities, technical debt, and control improvements based on threat models and risk assessments.
• Build and maintain strategic relationships: with senior leadership, legal teams, and external regulatory bodies to ensure security strategies align with business and compliance requirements
• Shape talent development strategies to build a pipeline of future security leaders, ensuring a high standard of cybersecurity knowledge and capability across the team.

• Demonstrate experience designing, building, and operating automated security and compliance controls.
• Strong hands‑on experience with AWS security controls, including network security, vulnerability management, cloud security posture management (CSPM), runtime protection, logging and monitoring, and event‑driven response and remediation.
• Proficiency in Infrastructure‑as‑Code (IaC) and CI/CD tooling, with experience embedding security guardrails and policy enforcement.
• Solid understanding of application security (App Sec) principles, including secure SDLC practices, vulnerability management, and remediation.
• Experience integrating and operating core security tooling such as vulnerability scanners, log collection platforms, endpoint protection, and detection capabilities.
• Ability to design and maintain security telemetry pipelines, dashboards, and…