SecOps Engineer
In this role you will lead the charge in securing and scaling our infrastructure and CI/CD pipelines for regulated clinical software. Working cross-functionally with engineering, QA, product, and regulatory teams, you'll design, implement, and monitor secure, traceable DevOps workflows. You enable rapid, compliant delivery of Software as a Medical Device (SaMD) products.
Please note: this role requires in office presence for 3 days a week. Our office is in Farringdon, London. If you can't commit to this, please don't apply.
Responsibilities
3 months
Have deep expertise in:
Competitive salary
Share options package - all our employees have ownership in the company
Private healthcare
25 days annual leave (5 day company shutdown in August + bank holidays)
Enhanced parental leave - includes adoption & foster
Bike to work scheme
Training budget
Weekly catch-ups, monthly meetings to talk about you, your ambitions and make plans
Lots of fun social activities including company offsite!
Our Values
Building a Strong Foundation
Always Learning
Lead from the Front
Tough and Resilient
The Real Stuff
Skin Analytics embraces and is committed to diversity and equal opportunities. We are dedicated to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.
Please note: this role requires in office presence for 3 days a week. Our office is in Farringdon, London. If you can't commit to this, please don't apply.
Responsibilities
- Own AWS infrastructure security using least-privilege and zero-trust principles
- Build and maintain secure CI/CD pipelines with automated security gates (Snyk, SonarQube, OWASP ZAP)
- Conduct and coordinate penetration testing (internal and third-party); triage and drive remediation
- Deploy runtime threat detection (GuardDuty, Falco, Wazuh)
- Manage secrets detection and scanning (GitLeaks, Vault)
- Build observability with ELK stack, Elastic agents, and anomaly alerting
3 months
- Deploy SAST tooling (SonarQube) across all repositories with automated PR scanning
- Implement DAST scanning (OWASP ZAP) for staging environments with scheduled scans
- Deploy secrets detection tooling (e.g., GitLeaks, TruffleHog) across all repositories
- Establish a baseline security posture through initial penetration test; document and prioritise remediation backlog
- Complete remediation of all critical/high findings from initial pen test
- Achieve automated security gate coverage (SAST, DAST, dependency scanning) across 100% of production services
- Implement full-stack observability using the ELK stack with Elastic agents deployed across all infrastructure for centralised security and performance monitoring
- Configure anomaly detection dashboards and real-time alerting for security events and reliability metrics
- Establish cadence of quarterly pen tests with trend reporting to leadership
Have deep expertise in:
- AWS (EC2, S3, RDS, IAM, VPC, CloudTrail, GuardDuty, Lambda)
- CI/CD (Bitbucket Pipelines or similar), gated deployments
- Security tooling: Snyk, SonarQube, OWASP ZAP, Burp Suite, Kali Linux
- Pen testing coordination and vulnerability management
- Terraform, Ansible, Docker
- ELK stack / SIEM
- Compliance: IEC 62304, ISO 27001, HIPAA, MDR
- Strong networking: VPCs, security groups, NACLs, load balancers
- Takes ownership: full accountability for infra, tooling, and controls; sees it through to completion.
- Bias for automation: believes manual work should be temporary, builds repeatable pipelines and workflows.
- Detail obsessed: doesn't miss the small stuff. Every commit, config, and policy matters in regulated software
- Clear communicator: explains risks, trade-offs, and technical plans to both engineers and non-tech stakeholders.
- Collaborative & pragmatic: works well across disciplines and adapts to real-world constraints
Competitive salary
Share options package - all our employees have ownership in the company
Private healthcare
25 days annual leave (5 day company shutdown in August + bank holidays)
Enhanced parental leave - includes adoption & foster
Bike to work scheme
Training budget
Weekly catch-ups, monthly meetings to talk about you, your ambitions and make plans
Lots of fun social activities including company offsite!
Our Values
Building a Strong Foundation
Always Learning
Lead from the Front
Tough and Resilient
The Real Stuff
Skin Analytics embraces and is committed to diversity and equal opportunities. We are dedicated to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.