Attest • London

Platform Security Engineer

2 days/week at home

A little flex time

Dog friendly

Job Description

About Attest

Founded in 2015 and headquartered in London and New York, Attest is a consumer research SaaS platform for the world’s biggest and fastest growing brands. Attest’s easy-to-use, self-serve dashboard is coupled with on-demand research expertise, empowering anyone to quickly conduct high-quality research and be continuously tapped into the consumer.

Some of the notable brands leveraging continuous insights to put the consumer’s voice at the center of their business with Attest include Unilever, Santander, Walgreens/Boots, Klarna, Brew Dr. Kombucha, Trustpilot, JCDecaux among many others. To date, Attest has raised $90 million in venture capital with backing from investors such as Kismet, Schroders, and NEA. To learn more about Attest, visit www.askattest.com.

The mission for this role:

Attest’s platform squad exists to empower other engineers to deliver value with high efficiency, security and reliability, by empowering them with platforms, tooling and infrastructure and we are looking for a Platform Security Engineer to join us. The security aspect is of no less importance and extends beyond the Engineering team.

Along with this security focus, you will share responsibility for the stability, scalability and efficiency of Attest’s platform infrastructure. You will work in collaboration with platform team members, other engineers, and people across Attest to scope out, prioritise and deliver security and other enhancements to the Attest platform.

You will also participate in defining the best security tooling and configuration changes to meet ISO 27001 and other compliance/security requirements. You will work with a wider team on ISO certification, with your role remaining focused on security, from strategy to implementation.

Your focus will be to…

  • Plan, design, and improve infrastructure as code (IaC) relating to security. You may also be involved in developer tooling for security, while aiming to maintain developer velocity.
  • Deliver day to day tactical improvements, mostly for the security area. These typically include enhancing CI/CD pipelines, automating our AWS/EKS infrastructure with Terraform, and helping migrate to Pulumi and Golang, maintaining and improving our telemetry and logging infrastructure as well as maintaining documentation for all platform owned services and processes.
  • Develop technical solutions based on DevSecOps principles to help address security issues and automate repeatable tasks, along with implementation of security controls to protect cloud resources and data.
  • Partner with leaders across the business (Product, Engineering, Legal, IT and beyond) to define security direction and to provide security strategy, tooling advice and promote secure engineering practices. As part of a wider team, you will contribute to ensuring that our platform is compliant to security related regulations such as ISO 27001.
  • The culture of security awareness is not the job of the Platform Security Engineer alone! You will ensure that security policies and practices for cross-disciplinary teams and engineers remain relevant and impactful.

We’d love to hear from you if…

  • You have previous experience as a Platform Security Engineer, or may have had roles with “DevSecOps”, “DevOps”, “Platform”, “Security or “SRE” in the job title. You were working alongside others for compliance projects such as ISO 27001 or GDPR.
  • You have experience working with AWS, Kubernetes, cloud networking and Linux. It would be ideal if you have experience with Kubernetes manifests and Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, Pulumi, AWS CDK or CDKTF (Terraform CDK).
  • You have basic experience of programming for infrastructure using any procedural language beyond bash, and want to learn more - examples could be Golang, Python, JavaScript, Ruby or other languages.
  • You have experience of applying DevSecOps techniques and tools - these may include threat modelling, “shift left”, static analysis, dynamic analysis, policy as code, software supply chain security, tamper-proof audit trails, etc.
  • You are familiar with the main types of security tools and can advise on which types are most appropriate based on security goals, tech environment and business context. Such tools may include SIEM, SAST, DAST, vulnerability management, etc, and could involve a mix of open source and commercial components.
  • You have experience managing security incident responses including blameless postmortems.
  • You are able to see big picture goals and create actionable roadmaps for security programs, technology, and business initiatives.

Pay & Benefits:

We believe that everyone’s unique skills and experience are important and we celebrate every hire we make. Our pay and benefits programme is designed with a focus on the wellbeing, engagement and growth of our people.

  • A competitive salary that fairly recognises your experience and potential
  • We’re enthusiastic to offer all Attesters EMI share options in the company so that as the business succeeds, so do you!
  • 25 days (UK) paid holiday per year, increasing to 26 after 3 years service and 27 after 4 years service. This is in addition to local public holidays and an additional 2 days off around the festive season
  • To help you save for your retirement, you’ll be auto-enrolled to our group pension plan when you join
  • Support with remote and flexible working both whilst we navigate the world as it is now and in the long-term. We’ll even give you £300 to set up your home office
  • A career growth and development budget of £20 per month which can be accrued over the year.
  • A £40 a month wellness allowance to spend on things that matter to your physical and mental wellbeing. This can be spent on a monthly basis or saved up for larger purchases over the year.
  • Access to private and confidential coaching or counselling via Sanctus
  • Spend up to 2 paid days per month - 10% time - giving back to your community or supporting your favourite charity
  • 10 days paid sick leave a year - for your body and your mind
  • 24/7 Employee Assistance Programme by Care First
  • Your choice of equipment and access to great tools that support your productivity and impact
  • An open, inclusive and supportive team where everyone is valued and all ideas and suggestions are welcomed

In-person and remote working balance…

As a company, we aren’t fully remote and place strong emphasis on teams being able to meet, and spend time together in a safe and flexible environment regularly, as well as being able to travel to meet customers when rules and safety considerations permit. We always want to ensure that it is balanced against having a healthy approach to flexible working/working from home and nurturing your life outside of work as well as in work.

With that in mind, we have a permanent office location at 21-33 Great Eastern St, London EC2A 3EJ, where our team spend time together on a weekly basis. We don’t set specific rules, but expect folks to spend time with the team in the office on average 2 - 3 days per week.

Our Commitment to Diversity, Equity and Inclusion

The world’s best companies mirror the world around them. We are building an Attest that brings together, and actively celebrates, diversity in race, age, physical and mental ability, sexuality, gender identity and perspectives. Every Attester should feel they belong as their complete selves. We make an active choice to acknowledge and remove systematic inequality from our people and talent processes. We don't claim to have this all figured out yet, but it’s a journey we are fully accountable to.

With this in mind, data shows that individuals from minority groups typically only apply if they meet every criteria listed. Based upon this insight, we wanted to take this opportunity to encourage individuals who meet some, but not all criteria to still apply as you may be the right person for the role!

We want you to bring the best of you to the hiring process. Please contact us at talent@askattest.com if you’d like to discuss any adjustments to our process which might help you demonstrate your strengths and capabilities.

Company benefits

25 days annual leave + bank holidays
Volunteer days – 10% time- 2 days per month to volunteer
Wellbeing allowance – £40 per month
L&D budget – £20 per month
Salary sacrifice
Sabbaticals
Company shutdown periods
Work from anywhere scheme – spend up to 80 days per year working abroad +/-4 hours from London
Enhanced maternity leave – Primary careers receiving 18 weeks fully paid leave and secondary careers receiving 4 weeks full pay
Enhanced paternity leave – Primary careers receiving 18 weeks fully paid leave and secondary careers receiving 4 weeks full pay
Adoption leave
Enhanced sick pay
Health insurance – Vitality Moratorium Cover
Pregnancy loss leave
Fertility treatment leave
Dog friendly office
Share options
Work from home allowance
Employee assistance programme
Location
86%
Employees are very happy with their working location freedom
Hours
86%
Employees are very happy with the flexibility in the hours they work
Benefits
83%
Employees are very happy with the benefits their company offers
Work-life balance
83%
Employees feel that they can find the perfect balance of life and work
Role modelling
80%
Employees feel that most people work flexibly
Autonomy
88%
Employees feel they have complete autonomy over getting their work done

Additional employee ratings
(these do not contribute to the FlexScore®)

Diversity
60%
Employees feel like the diversity is ok and there are some efforts to improve
Inclusion
77%
Employees feel that the culture supports equity and inclusivity well
Culture
80%
Employees enjoy the working environment
Mission
72%
Employees feel quite excited about the company mission
Salary
73%
Employees feel that their salary is good and matches the value they bring

Working at Attest

Company employees

80

Gender diversity (male:female)

61:39

Office locations

London, UK, New York, USA

Funding levels

$90,000,000

Hiring Countries

United Kingdom

United States

Awards & Achievements

Most flexible companies

Most flexible companies

Flexa100 2024
DeepTech, Data & AI

DeepTech, Data & AI

Industry awards 2023
Most flexible companies

Most flexible companies

Flexa100 2023
Research & Data

Research & Data

Industry awards 2022