Senior Security Engineer

Flo Health, a leading female health app with over 75M monthly users, is seeking a Senior Security Engineer to join their Security team in London. This role is crucial for supporting Flo Health’s overall security posture and protecting applications and infrastructure. The Senior Security Engineer will manage vulnerabilities, respond to incidents, and implement security measures at scale. They will also contribute to developing custom tooling and embedding security best practices into the product lifecycle.

What this role involves:

• Developing regular touchpoints with key stakeholders.
• Managing and triaging newly discovered vulnerabilities.
• Implementing security measures such as WAF rules and rate limits.
• Developing custom security tooling to enhance security capabilities.
• Assisting in security assessments, threat modeling, and penetration testing.
• Helping implement and improve security gates within the SDLC.
• Investigating and triaging security alerts and managing security incidents.
• Gathering, curating, and communicating threat intelligence.
• Supporting and advising business stakeholders on cybersecurity issues.
• Generating reports for both technical and non-technical staff and stakeholders.

Requirements:

• At least 7 years of experience in the information security field.
• Hands-on experience with AWS (or similar cloud platforms) and Cloudflare.
• Proficiency with Terraform or similar IaC tools.
• Solid understanding of common vulnerability classes and the OWASP Top 10.
• Proficient in reading code (e.g., Python, Scala) and using Git.
• Experience with industry-standard SIEM and vulnerability scanning tools.

What Flo Health offers:

• Competitive salary and annual reviews.
• Opportunity to participate in Flo’s performance incentive scheme.
• Paid holiday, sick leave, and female health leave.
• Flexible office + home working, up to 2 months a year working abroad.