Senior Platform Engineer (DevSecOps)

TL;DR

Senior Platform Engineer (DevSecOps): Designing and implementing security guardrails across AWS multi-account environment with an accent on IAM, networking, data protection, and logging. Focus on building policy-as-code and infrastructure-as-code tooling, improving software supply chain security, and embedding secure development practices into engineering workflows.

Location: London

Company

hirify.global is the AI platform powering global debt markets, centralising proprietary credit data, analysis, and workflows for institutions worldwide.

What you will do

• Design and implement security guardrails in AWS multi-account environment including IAM, networking, data protection, and logging.
• Build and maintain policy-as-code and infrastructure-as-code using Terraform to enforce secure defaults.
• Improve software supply chain security through dependency scanning, build integrity, and secrets management.
• Embed secure development practices into engineering workflows with CI/CD, GitHub Actions, and code review patterns.
• Drive visibility and detection via logging, monitoring, and alerting.
• Partner with engineering teams to threat model new systems and ensure secure design.
• Collaborate with Head of IT & Information Security on SOC 2 controls and security strategy.

Requirements

• Experience owning or improving security posture of a cloud-based platform, ideally AWS.
• Comfortable designing systems beyond just configuring tools.
• Strong experience with Infrastructure as Code (Terraform) and CI/CD systems (e.g. GitHub Actions).
• Understanding of modern application and supply chain security with pragmatic implementation.
• Opinionated on balancing security with developer experience.
• Clear communication to influence engineers organisation-wide and end-to-end ownership of problems.

Nice to have

• Experience in regulated environments like SOC 2.
• Experience in fintech or data-heavy platforms.

Culture & Benefits

• Equal opportunities employer committed to diverse and inclusive workplace.
• Hands-on role focused on building secure-by-default systems.
• Close collaboration with engineering teams and leadership.