Security Engineer

Roles

Tillo

Security Engineer

Explore roles

Tillo

Security Engineer

£57k - £80k

Hove

Hybrid

Description

Hybrid requirements: 2 days per week in the office.

Who we’re looking for: A Security Engineer with experience designing, implementing and maintaining security procedures

The challenge: To protect Tillo’s systems through implementing and maintaining robust security procedures while ensuring compliance and meeting partner security requirements

Where you’ll work: This role will be based in our Hove office 1/2 days a week

Day to day this role will look after

Application Security: Driving security by design principles, implement privacy-preserving features, and ensuring secure coding practices are followed throughout the development lifecycle

Risk Assessment: Conducting regular security assessments and vulnerability scans to identify weaknesses in applications, systems and networks, ensuring alignment with ISO 27001 requirements

Monitoring and Reporting: Continuously monitoring security systems and generate reports on security incidents, breaches, and compliance. Maintaining documentation for ISO 27001 audits

Implementation of Security Solutions: Working with relevant engineering teams and other departments on implementing security measures and resolving vulnerabilities

Incident Response: Developing and managing incident response plans, including investigating security breaches and coordinating recovery efforts

Policy Development: Updating security procedures, and standards to comply with industry regulations, including ISO 27001, PCI DSS, and GDPR requirements

Collaboration: Working with engineering teams to integrate security into system architectures and software development processes

Education and Training: Providing training and support to engineers on security best practices, awareness, and ISO 27001 requirements

Research: Staying current with emerging security trends, threats, and technology

Compliance Management: Maintaining and improving Engineering-related aspects of ISO 27001 certification, ensuring all controls are effectively implemented and documented

What we’re looking for

Proficiency in security tools and technologies, such as SIEM, firewalls, and antivirus software

Good understanding of software development processes, ideally with PHP/Laravel

Experience with AWS

Understanding of Linux, Docker and Kubernetes

Experience with ISO 27001 or SOC 2 implementation and maintenance

Knowledge of payment security standards (PCI DSS)

Experience with security automation and DevSecOps practices

Strong problem-solving abilities and attention to detail

It’s not essential, but we’d love to hear about it if you have experience with/certifications in

Cyber Security tools

ISO 27001 Lead Implementer/Auditor

CISSP, CEH, or equivalent

Role tech stack

Life at

Tillo

Browse all roles

Culture overview

It’s our team that makes us great at what we do. Whether we’re working from our fantastic head office in Hove or remotely, the team loves to collaborate. Together, we’re a motivated and innovative bunch who work hard to find new ways to push Tillo forward every day. Trust and empowerment are important to us. Our team encourages flexibility and autonomy while offering a supportive work environment. Whatever your role here, you’ll experience a great work-life balance that helps you reach your potential.

Employee benefits

Cycle To Work

Free Food

Laptop

Learning Allowance

Pension

Private Healthcare

Share Options

Wellbeing Programme

Office vibe

City Centre

Open Plan

Social Events

Location

Tech at

Tillo

Go to profile

Leadership

Michael Norris

VP of Engineering

Tech overview

We're a team of creative problem solvers, and we work collaboratively and openly to find the best solution. Although there's a lot of expertise within the company, we're willing to be challenged and open to a new way of doing things. We tend to work in two-week sprints where we're laser-focused on a particular project or solution. We encourage continuous learning and improvement. We give our team members real responsibility, autonomy and the opportunity to develop their skills and take ownership.