About this role
As our next Security Engineer, you'll be the architect of how secure software gets built at Checkatrade, designing the platforms, guardrails, and paved paths that let engineering teams ship fast without ever trading off security. You'll embed modern AppSec practices directly into the developer workflow, harness AI agents to turn vulnerability noise into actionable signals, and make secure-by-default the cheapest, easiest option every time. If you want to build the rails and not just inspect the track, this is your role.
Forget long lists, here's what you'll actually spend your time on:
- Designing and implementing scalable security controls and platform-level guardrails across our multi-cloud estate. Build it once, make it the default everywhere.
- Driving a modern secure SDLC: threat modelling, SAST/DAST/SCA, secrets management, and dependency hygiene embedded into the developer workflow, not bolted on.
- Prototyping and deploying AI agents that review code, triage findings, suggest fixes, and turn vulnerability noise into signals developers actually act on.
- Owning the security of our IaC, CI/CD pipelines, and cloud platforms, making least privilege the default and not a project.
- Partnering with engineering to deliver paved paths, libraries, and tooling that make the secure way the easy way.
- Running technical security reviews for new applications and infrastructure changes, finding the issues that matter with the evidence to back it up.
It's not about ticking every box. It's about turning up curious, ready to crack on. You'll do well here if you bring:
- Demonstrable depth across application security, cloud security, and modern platform engineering. You've shipped things, not just assessed them.
- A strong, evidenced point of view on how agentic AI transforms code review, threat modelling, and developer enablement, with the receipts to back it up.
- Hands-on experience securing complex multi-cloud environments (AWS, GCP, Azure). GCP experience is a bonus.
- Deep, practical experience with Terraform, Kubernetes, CI/CD security, and infrastructure-as-code patterns, plus the developer empathy to build things engineers actually want to use.
We believe great work deserves great rewards. Here's just a taste:
- Competitive salary + annual bonus or commission (role dependent)
- Employee Share Programme
- Health, well-being and learning support
- Gym membership, Smart Tech Scheme and Cycle Scheme
- Birthday/Special day leave
- Buy & sell holiday scheme
- 1 week's paid charity leave and much more!
How we’ll get to know each other:
- Screening call with one of our Talent Acquisition Partners
- 1st stage interview with Hiring Manager - Head of InfoSec
- 2nd Stage interview with IT Manager & Director of Engineering
If this sounds like the place where you can do your best work, we’d love to hear from you, even if you don’t tick every box
Want to join our Talent Community and be one of the first to know about our vacancies? Register your interest on our Registration Form https://jobs.ashbyhq.com/checkatrade/form/register-interest
At the moment, this role isn’t open to visa sponsorship applications
About us
We’re Checkatrade – the UK’s leading platform for finding a tradesperson. With more than 50,000 trades listed and over 6 million reviews, we help homeowners get jobs done right and help tradespeople grow their business.
We’re growing fast, with big plans to become the go-to brand for home improvements. If you care about great work, take pride in the details, and want to make an impact, you’ll fit right in.
Forget long lists, here's what you'll actually spend your time on:
- Designing and implementing scalable security controls and platform-level guardrails across our multi-cloud estate. Build it once, make it the default everywhere.
- Driving a modern secure SDLC: threat modelling, SAST/DAST/SCA, secrets management, and dependency hygiene embedded into the developer workflow, not bolted on.
- Prototyping and deploying AI agents that review code, triage findings, suggest fixes, and turn vulnerability noise into signals developers actually act on.
- Owning the security of our IaC, CI/CD pipelines, and cloud platforms, making least privilege the default and not a project.
- Partnering with engineering to deliver paved paths, libraries, and tooling that make the secure way the easy way.
- Running technical security reviews for new applications and infrastructure changes, finding the issues that matter with the evidence to back it up.
It's not about ticking every box. It's about turning up curious, ready to crack on. You'll do well here if you bring:
- Demonstrable depth across application security, cloud security, and modern platform engineering. You've shipped things, not just assessed them.
- A strong, evidenced point of view on how agentic AI transforms code review, threat modelling, and developer enablement, with the receipts to back it up.
- Hands-on experience securing complex multi-cloud environments (AWS, GCP, Azure). GCP experience is a bonus.
- Deep, practical experience with Terraform, Kubernetes, CI/CD security, and infrastructure-as-code patterns, plus the developer empathy to build things engineers actually want to use.
We believe great work deserves great rewards. Here's just a taste:
- Competitive salary + annual bonus or commission (role dependent)
- Employee Share Programme
- Health, well-being and learning support
- Gym membership, Smart Tech Scheme and Cycle Scheme
- Birthday/Special day leave
- Buy & sell holiday scheme
- 1 week's paid charity leave and much more!
How we’ll get to know each other:
- Screening call with one of our Talent Acquisition Partners
- 1st stage interview with Hiring Manager - Head of InfoSec
- 2nd Stage interview with IT Manager & Director of Engineering
If this sounds like the place where you can do your best work, we’d love to hear from you, even if you don’t tick every box
Want to join our Talent Community and be one of the first to know about our vacancies? Register your interest on our Registration Form https://jobs.ashbyhq.com/checkatrade/form/register-interest
At the moment, this role isn’t open to visa sponsorship applications
About us
We’re Checkatrade – the UK’s leading platform for finding a tradesperson. With more than 50,000 trades listed and over 6 million reviews, we help homeowners get jobs done right and help tradespeople grow their business.
We’re growing fast, with big plans to become the go-to brand for home improvements. If you care about great work, take pride in the details, and want to make an impact, you’ll fit right in.
Tech stack
AWSGCPAzureTerraformKubernetes
About Vetted Limited
Vetted Limited is hiring for the senior security engineer role. NewJob aggregates active openings directly from Vetted Limited's applicant tracking system, so this listing is current.
More jobs at Vetted Limited →