Staff Security Engineer
PPRO
Seniority
Senior
Model
In-Office
Sector
Salary
Undisclosed
Contract
Full-Time
As Staff Security Engineer at PPRO, you'll act as the technical lead for the Security Engineering team, driving technical and operational excellence while coaching and developing your colleagues. You'll serve as the primary technical interface for the wider organisation, influencing architecture and guiding engineering teams to embed a "secure by design" philosophy in everything we build.
What you'll do
- Act as technical lead for the Security Engineering team, setting technical direction and coaching and mentoring engineers.
- Serve as the external interface for the team, partnering with Engineering and Product teams to unblock them and embed security into all stages of the software development lifecycle.
- Design and build reusable Security as Code artifacts and patterns that reduce developer friction while improving security outcomes.
- Own the security of our cloud environment across AWS and GCP: conduct risk assessments and architecture reviews, design secure solutions, and write hardening standards and security guidelines.
- Maintain and expand our Infrastructure as Code codebases and CI/CD pipelines, and develop automations for cloud security posture management (CSPM) and our Cloud Native Application Protection Platform (CNAPP).
- Conduct threat modelling across applications, services and cloud systems, and create detection rules for our SIEM.
- Provide expert application, product and cloud security guidance, and drive security assessments and penetration testing initiatives.
- Establish and share security standards and best practices across teams, consulting stakeholders and making data-driven decisions.
What you'll need
- Deep experience across both application/product security and cloud security, with a strong background in software development.
- Experience designing and building scalable security controls, architecture and services, taking strategic decisions and having a wide impact.
- Strong expertise in cloud (preferably AWS, and GCP) and container security (Kubernetes, Docker).
- Deep understanding of DevSecOps and CI/CD security controls, with hands-on experience in Infrastructure as Code (preferably Terraform), CI/CD pipelines (preferably GitHub Actions) and scripting (Python, bash).
- A natural technical leader: able to guide, coach and mentor engineers, lead cross-team collaborations, and act as a trusted interface between security and the wider engineering organization.
- Strong interpersonal and communication skills, able to unblock teams and foster security awareness throughout the company.
- Developer mindset and empathetic approach to find innovative "win-win" solutions.
- Fluent proficient in English.
Nice to have
- Fluency with AI coding tools and curiosity about applying AI to security problems.
- Security qualifications.

