Senior Security Operations Engineer

About Us Risk Ledger is developing a network of connected organisations, all working together to defend against cybersecurity attacks in the supply chain. Organisations rely on us to establish trust, through sharing their security maturity and visualising the risks posed by their supply chain ecosystem. And we’re already trusted by customers like ASOS, Snyk, BAE Systems and the NHS. We are putting together an amazing and talented team from a diverse set of backgrounds and skillsets to drive us towards our vision. Risk Ledger is built on the respect we have for one another and our users, united by our shared values and mission. Every one of us is still learning: it’s how we grow as individuals. We’re curious. We’re ambitious. And we’re humble and honest. At Risk Ledger, we aim high to find the best solutions we can and always put our users first. The team: You’ll join the Head of Information Security supporting and collaborating with all parts of the business to deliver a secure environment enabling impactful outcomes for Risk Ledger and our customers. This role: As our Senior SecOps Engineer you’ll be playing a critical part in maintaining and improving the security of our product, business tools, people and organisation. This is an opportunity to have a huge long-standing impact through improving our technical security strategy, which will lead to even greater success for our business and our customers. From day one, you'll shape opportunities to empower our team by maintaining and improving the security of our tools and working practices for peak performance, all while safeguarding the confidentiality of our customers' data. Success hinges on collaboration, as you forge strong, trusted relationships across teams. In this role you will: Drive technical security health and productivity. By continuously seeking opportunities to improve our IT operations estate, evolving our ways of working with simplification and automation to remove friction for people to achieve pragmatic secure outcomes that balance risk. Support, coach and inform our people. Ensuring individuals needs are listened to and valued; informing them of security risks, controls and options in language that helps them understand; and putting them on a path to achieving their goals safely. Constructively contribute. By asking the right questions at the right time, challenging assumptions, encouraging learning and driving positive impact through influence and respect. Manage a dynamic and diverse portfolio. Flexible planning of in-flight work, technical developments and prioritisation of opportunities, alongside the Information Security Manager. Grow your own skills and knowledge. You’ll identify opportunities to learn and apply the necessary skills to meet our business needs your goals to develop your security expertise. Have an impact. We're a growing scale-up, so expect to have a hand in everything from administering systems to delivering projects contributing to product and service resilience. You’ll have: An operational focus and prioritise security over compliance. Prior experience of deploying and maintaining Google Workspace, Jamf MDM, AWS and a variety of SaaS. Applied a broad knowledge of technical security operations and fundamental best practices to support others, and provide ways to help them achieve their goals. An innate sense of curiosity and flair for creativity, with a keen interest in getting the best security value from the tools available that support the operations of the wider business. Excellent communication skills, both written and verbal, with a strong collaborative mindset and a calm, controlled demeanour in the heat of an incident. Demonstrated experience in actively mentoring and guiding more junior colleagues, taking satisfaction in their professional growth Extensive experience navigating and technically managing security and operational incidents Proven ability to thrive and deliver in the high-paced, resource-conscious environment of a startup or scale-up What you might have: A strong understanding and ability to implement effective security controls throughout the entire Software Development Lifecycle (SDLC) Experience in the engineering, building, and maintenance of secure infrastructure and services within Google Cloud Platform (GCP) Experience in SIEM engineering, including the deployment, optimisation, and tuning of monitoring platforms Experience leading and conducting product security threat modelilng sessions across development teams Behavioural competencies: High EQ & resilient: optimistic & solution focused when faced with setbacks - works quickly to diagnose the situation, both independently and with others. Identifies practical, realistic solutions that deliver the best value within given constraints, and focuses efforts on achievable, high-impact tasks. Can operate confidently and calmly under pressure, taking a considered approach. Ensures decisions are backed by clear, objective analysis. Results, Quality and Impact Focused: Manages their time effectively to meet deadlines and diligent in their work to ensure errors are picked up promptly. Aims to minimise mistakes but takes responsibility for them, resolves the situation and learns from it. Seeks impactful outcomes that make the most effective improvement. Growth Mindset: Desire to continuously acquire new knowledge and skills. Embrace challenges as they arise and use them as an opportunity to expand their capabilities technically and professionally. Problem Solving & Critical Thinking: Continuously aware to identify potential issues and can think rationally to offer best possible improvements. Thinks creatively and can examine operational context and identify problems, taking multiple perspectives into consideration. Remains objective and constructive in pressured situations. Salary range £75,000 - £85,000 GBP The perks: 💰Competitive base salary 📈Generous EMI equity package 👌Private pension ✈️25 days annual leave + bank holidays 🏖Additional 30 days of unpaid leave per year to use as you wish 🎆Ad-hoc companywide time off - last year we gave everyone 'rest leave' in August and over the festive period 🏥Private healthcare with AXA Insurance - including enhanced mental wellbeing coverage 🏠Hybrid working policy, typically 2-3 days in the office 👶Enhanced family (parental) leave - gender-neutral policy, 12 weeks paid leave 👪5 days Caretaker's leave 😷Enhanced occupational sick pay 💻£500 WFH budget 📚All the learning resources and books you want to aid in your personal development 🎉 Regular socials to unwind and have some fun