Senior Security Engineer - Security Operations
As our next Security Engineer, you'll shape how secure software gets built at Checkatrade. You'll design the platforms, paved paths, and guardrails that let engineering teams ship fast without trading off security and use AI and automation to make secure-by-default the cheapest, easiest option every time. This isn't a checkbox security role. It's about building the rails so every team rolls forward securely.
Forget long lists, here’s what you’ll actually spend your time on :
- Design and implement scalable security controls and platform-level guardrails across our multi-cloud estate: build it once, make it the default everywhere.
- Drive a modern secure SDLC by embedding threat modelling, SAST/DAST/SCA, secrets management, and dependency hygiene directly into the developer workflow, not bolted on as an afterthought.
- Prototype and deploy AI agents that review code, triage findings, and turn vulnerability noise into actionable signals, becoming the assistant every developer wishes they had.
- Own the security of our IaC, CI/CD pipelines, and cloud platforms, making least privilege the default rather than a project.
- Partner with engineering to deliver paved paths, libraries, and tooling that make the secure way the easy way.
- Run technical security reviews for new applications and infrastructure changes, finding the issues that matter with the evidence to back it up.
We’re Checkatrade – the UK’s leading platform for finding a tradesperson. With more than 50,000 trades listed and over 6 million reviews, we help homeowners get jobs done right and help tradespeople grow their business.
We’re growing fast, with big plans to become the go-to brand for home improvements. If you care about great work, take pride in the details, and want to make an impact, you’ll fit right in.
We believe great work deserves great rewards. Here’s just a taste:
- Competitive salary + annual bonus
- Employee Share Programme
- Health, well-being and learning support
- Gym membership, Smart Tech Scheme and Cycle Scheme
- Birthday/Special day leave
- Buy & sell holiday scheme
- 1 week’s paid charity leave and much more!
It’s not about ticking every box. It’s about turning up curious, ready to crack on. You’ll do well here if you bring:
- Demonstrable experience across application security, cloud security, and modern platform engineering. You've built things, not just reviewed them.
- A strong, evidenced point of view on how agentic AI transforms code review, threat modelling, and developer enablement, with the receipts to back it up.
- Extensive hands-on experience securing complex multi-cloud environments (AWS, GCP, Azure), plus deep familiarity with Terraform, Kubernetes, and CI/CD security patterns.
- A genuine sense of developer empathy, built from sitting with engineers, watching them work, and shipping things they actually want to use.
