Head of Engineering

Bob's Business is a leading provider of cybersecurity awareness training, helping organisations across the UK and beyond build a security first culture through engaging e-learning and simulated phishing. Our platform delivers training to hundreds of thousands of end-users, supported by a sophisticated technical estate spanning modern and legacy applications, large scale containerised infrastructure, and integrated third-party tooling.

As the Head of Engineering, you will be the most senior technical figure in the business and our primary technical driving force.

You will be stepping into an environment with a mature, revenue-generating product suite, a robust but complex infrastructure, and a business ready for a definitive technical leader to take ownership of the estate. While you will initially be the primary hands-on engineer, you will have the full support and resources of the wider business to succeed.

Taking over the day to day operations from the CTO, your mandate is two-fold: maintain momentum on our current deliverables, and strategically build the internal engineering function of tomorrow.

You will inherit a broad and varied stack with Svelte/PHP/Laravel/GatsbyJS/Node applications, Dockerised platforms, AWS-hosted services, and deeply integrated open source tooling and infrastructure.

This is an excellent role for an experienced technical leader looking to shape an entire technical ecosystem, free from heavy bureaucracy, with clear accountability and the opportunity to build and mentor a team over time.

This role requires a versatile technical leader who thrives on a broad scope of work. You must be as comfortable reviewing a pull request as you are troubleshooting infrastructure, reviewing security protocols, or planning your first hire.

• Technical Authority: Taking ownership of architectural, infrastructure, and security decisions. You will be the primary technical decision-maker, supported by the business but trusted to guide our technical direction.
• Strategic Roadmapping: Defining the technical roadmap in alignment with business objectives and acting as the key technical translator for the CEO and non-technical stakeholders.
• Build vs. Buy: Evaluating tools, frameworks, and external agencies to ensure pragmatic, cost-effective scaling.

• Full-Stack Execution: Hands-on development across multiple stacks (Svelte/SvelteKit, Node.js, Laravel/PHP).
• Codebase Stewardship: Maintaining, extending, and pragmatically modernising legacy code while ensuring steady feature delivery.
• Quality Assurance: Promoting code quality, establishing CI/CD best practices, and developing internal automation tooling.

• AWS Management: Managing and optimising our AWS environment (EC2, S3, RDS, CloudFront, Route 53, IAM).
• Container Orchestration: Overseeing a large-scale Docker infrastructure.
• Reliability & Cloud Operations: Managing deployment pipelines, monitoring, alerting, incident response, and effectively managing cloud spend.

Given our industry, security is at the core of our business and underpins everything we do.

• Posture Management: Overseeing the security posture of the entire technical estate (vulnerability scanning, patching, dependency audits).
• Compliance & Client Relations: Ensuring compliance with data protection requirements (GDPR, ISO 27001) and assisting the business with client-facing security assessments and pen-test remediations.

• Building the Function: Laying the groundwork for the internal engineering function: defining culture, scoping roles, interviewing, and hiring.
• Vendor Management: Managing and auditing external development agencies and contractors (including code review of third-party deliverables).
• Mentorship: Establishing scalable ways of working and mentoring the engineers you bring on board.

• Senior Hands-On Experience: 5+ years as a software engineer, with a significant portion in Lead, Principal, or Head of Engineering roles.
• Autonomous Execution & Collaboration: Proven ability to operate independently and drive solutions forward, while remaining a highly collaborative partner to the wider business.
• True Full-Stack & DevOps: Strong experience across frontend, backend, and infrastructure.
• AWS & Docker Proficiency: Confident ability to architect, manage, and debug production workloads in AWS and handle Docker orchestration at scale.
• Stack Adaptability: Experience with modern frameworks (Svelte/React/Vue/Laravel) and the pragmatism required to work effectively across multiple frameworks.
• Security Mindset: A strong working understanding of application and infrastructure security principles.
• Exceptional Communication: The ability to articulate complex technical trade-offs to non-technical stakeholders clearly and effectively.

• Experience in a B2B SaaS, e-learning/EdTech, or Cybersecurity environment.
• Hands-on experience with open source tooling and integrations.
• Experience with SCIM provisioning, SSO, SCORM/xAPI and LMS platforms.
• Experience with both Microsoft 365 and Google Workspace environments, especially around implementation and integrations.
• A track record of successfully transitioning a company from outsourced/agency development to an in-house engineering team.
• Understanding of UK data protection and compliance frameworks (GDPR, Cyber Essentials, ISO 27001).

This role demands a versatile and adaptable professional. You need to be comfortable with ambiguity and genuinely enjoy a varied workload.

On any given day, you might be writing application code, troubleshooting a DNS routing issue, reviewing a vulnerability patch, or presenting a technical hiring roadmap to the board. If you thrive in a dynamic environment where you can make a tangible impact across multiple disciplines and eventually build a team to support that vision, we would love to speak with you.

• Strategic Impact: The opportunity to shape the entire technical direction of an established, profitable business.
• Leadership: The freedom to make strategic decisions, set standards, and build a team in your image.
• Flexibility: Remote working arrangements that respect your life outside of work.