Senior Developer Experience Security Engineer

TL;DR

Senior Developer Experience Security Engineer: Designing, implementing, and maintaining secure-by-default platform capabilities for a rapidly growing used car marketplace with an accent on embedding security strategy into platform abstractions, tooling, and defaults. Focus on building automated security checks, guardrails, and secure software development practices into CI/CD pipelines.

Location: On-site, London

Company

hirify.global is the UK’s fastest-growing used car marketplace connecting private car sellers with over 7,500 verified dealers nationwide.

What you will do

• Design, implement, and maintain secure-by-default platform capabilities (e.g., IAM patterns, network primitives, secrets management, runtime protections, encryption).
• Build automated security checks, guardrails, and visibility to continuously assess risk.
• Collaborate with engineering to embed secure software development practices into CI/CD pipelines, templates, and shared tooling.
• Reduce manual work (toil) for technology and Security Operations Team using automation.
• Ensure platform-level security telemetry, logging, and monitoring are consistent and high-quality.
• Define and implement platform-wide security use cases (e.g., SIEM detections, alerts, and signals).
• Work as part of a virtual SOC with the Security Operations Team to support in security incident response.
• Help translate security policies and standards into practical, enforceable platform patterns and guardrails.

Requirements

• Proven experience as a Platform engineer, Developer Experience engineer, or similar role focused on enabling other engineers.
• Proven experience working with Containers and serverless with Infrastructure as Code.
• Good knowledge of AWS cloud security best practices and tooling.
• Technical knowledge of best practice security for networks, systems, web applications, APIs, and databases.
• Good understanding of secure software development practices.
• Familiarity with security tools and technologies, such as SIEM, IDS/IPS, WAF, and vulnerability scanners.
• Knowledge of common adversarial Tactics, Techniques and Procedures (Mitre Att&ck TTPs).
• Strong communication and collaboration abilities.

Nice to have

• Knowledge of security standards and frameworks (e.g., ISO27001, NIST CSF).
• Relevant security certifications (e.g., GCLD, Security+, AWS/GCP Security Certifications).

Culture & Benefits

• Rapidly growing technology team and business.
• Opportunity to enhance observability, reliability, and developer-focused tooling.
• Part of a mission to transform the used car market.
• Backed by leading investors like Index Ventures and ICONIQ Growth.
• Environment focused on building secure, standardised platform capabilities that reduce cognitive load.