Security Engineer

OVO Energy ,
London, Greater London

Overview

Job Description

What's it like to work at OVO? You will be joining the Orion Security Engineering team whose purpose is to ensure OVO's greenfield Energy Platform is secure for all our customers while enabling our product teams to ship awesome features. This is a varied role where you'll be exposed to the full stack and will work across technologies including GCP, AWS, Kubernetes and Kafka. You'll be focusing on projects spanning infrastructure, release engineering and security monitoring. As part of the Security Engineering team we want to create solutions and insights that will allow us to meet a very high security calibre, while maintaining a fast delivery pace expected in a modern software system. We believe this happens through tight collaboration between Security Engineering and Software Engineering. You will have a strong focus on building relationships across various teams, including design feedback and coaching but most importantly building security improvements in our products. Diverse teams are the best teams. We're keen to meet people with varied backgrounds: the more inclusive we are the better our work will be. We understand some people may not apply to jobs unless they tick every box. And we know 'normal' office hours don't work for everyone, so we're open to discussing flexible working requests. If you're excited about joining us and think you have much of what we're looking for, even if you're not 100% sure... we'd love to hear from you. In our London tech hub we have almost 150 Software Engineers all with varying backgrounds and levels of experience. One key thing that all of our engineers have in common is a desire to develop brilliant, industry disrupting products as well as their own skills. What will you be doing? You will be building tools and fostering our security culture to help OVO's product teams rapidly deliver secure systems. Providing those teams with clear actionable advice on what risks and threats they have to their systems. You will also be responsible for defining and evolving security best practices for our greenfield system. Helping teams take action on those practices through your expert training or automation will be key to your success. Do I have what it takes? We are looking for excellent security engineers and whilst experience is important, ultimately less so than your demonstrated abilities and attitude. The following skills and experience would be beneficial: * Knowledge and experience in secure software practices * Scripting and software engineering skills; we don't mind what language! (Python, Scala, Clojure, Java etc.) * Awareness of common software security flaws and web application security best practices (OWASP top 10, CWE/SANS Top 25) * Code static analysis * AWS/GCP security best practices * Container vulnerability scanning * Open Source dependency scanning * Web application firewalls * Logging, monitoring and alerting on security incidents * Thorough knowledge of CI/CD and DevOps principles Additional skills * An inquisitive and curious approach, with confidence to tackle difficult problems * Rapid adoptee of merit-proven new approaches & technologies * Problem solver / structured thinker * Always happy to help and a natural sharer of knowledge Want to check out more? Working in Tech at OVO Energy See how we work on our blog and our Tech Blog OVO tech github: A handful of our benefits... * We give you an additional 4% of your salary to buy benefits that suit you; we offer tech for your home, health care, ISA investment, cycle to work, taste & culture cards, additional holiday & more. * Flexible working hours * 25 days' holiday & day off on your birthday * Free breakfast every day & subsidised Lunch from Friska * Lots of social events * The opportunity to get involved in teaching kids to code * Training budget - this includes joining our up/cross-skilling OVO Bootcamp or videos, books & courses from O'REILLY Safari online * Matched volunteering and matched fundraising * You'd be working for an accredited Top Employer