Product Security Engineer

We're hiring a hands-on Product Security Engineer to secure modern, cloud-native platforms at a large-scale financial services environment.

You'll own product and application security end-to-end, embedding controls into the Secure SDLC, automating security in CI/CD, and partnering directly with engineers to reduce real-world risk across services, APIs, and supply chains.

What you'll work on:

  • Secure SDLC ownership: design reviews, threat modelling, release criteria
  • AppSec automation: SAST, DAST, SCA, secrets, IaC/container security
  • Security code reviews (authn/authz, crypto, sessions, data protection, business logic)
  • API security (OAuth/OIDC, token handling, schema validation, rate limiting, abuse prevention)
  • Dependency & supply-chain security (SCA, SBOMs, provenance)
  • Vulnerability life cycle: triage, SLAs, metrics, and targeted exploit validation

You should have:

  • 6+ years in Product/Application Security
  • Strong OWASP Web & API risk knowledge and modern attack paths
  • Experience securing microservices, containers, CI/CD pipelines
  • Ability to read and review Back End code (Java, Go, Python, Node.js, etc.)
  • A practical, engineering-first security mindset

High-impact role | Real ownership | Modern attack surface

Apply Now
Apply Now

Job Details

Company
Optimus E2E
Location
London, United Kingdom
Employment Type
Permanent
Salary
GBP 95,000 Annual
Posted