Social network you want to login/join with:

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Security Engineer (f/m/f) with experience working in cloud-native product infrastructure and corporate environments. In this role, you will manage daily alerts and operations while leading broader collaborative initiatives such as architecture design collaboration, threat modeling, and vulnerability identification, to drive meaningful security improvements. Candidates should be skilled in cloud-native technologies with demonstrable proficiency in infrastructure as code and application development.

This hands-on role offers an opportunity to grow your expertise in cloud technologies and security tooling while making meaningful impact by embedding security practices and supporting secure third-party integrations in a fast-pacted software-as-a-service environment.

Required to be in our London office up to five (5) days per week.

What to expect

• Lead initiatives and partner with teams to embed practical security safeguards and champion a security-first mindset across the business.
• Lead security assessments and remediation for cloud-native applications, infrastructure, and vendor integrations to proactively identify and address risk.
• Support vulnerability management by identifying, tracking, and partnering with teams to drive remediation of security issues across product and corporate environments.
• Develop and maintain security solutions through custom development and effective tool management to enhance efficiency and operational effectiveness.
• Leverage industry standards to develop hardening requirements and monitoring mechanisms that enforce and strengthen security of systems and environments.
• Advance the development, customization, and maintenance of hardening standards, and monitoring mechanisms for systems and environments.
• Drive security and monitoring enhancements to containerized workloads and orchestration platforms.
• Participate actively in incident investigations through independent analysis, contributing to findings, root cause analysis, and remediation efforts.
• Collaborate in defining and monitoring evolving security compliance and regulatory requirements.
• Research and evaluate emerging threats, vulnerabilities, and security technologies to keep defenses up to date.

What you need to be successful

• 4+ years of security engineering, DevSecOps, or equivalent experience.
• Hands-on expertise with AWS architecture, services, and security features.
• Proficiency in Python to build and maintain security tools..
• Familiarity with Kubernetes and container security, including configuration and runtime protection.
• Experience using Terraform to build, deploy, and maintain infrastructure as code.
• Strong foundational networking knowledge covering cloud networking concepts, OSI model, TCP/IP, and routing fundamentals.
• Demonstrable ability to embed security considerations throughout the software development lifecycle.
• Hands-on involvement supporting vulnerability management and incident response functions.
• Familiarity with authentication and authorization protocols and mechanisms (OAuth, SAML, JWT, IAM)
• Experience identifying and mitigating OWASP Top 10 vulnerabilities in web applications and APIs.
• Clear and effective communication skills.
• Ability to articulate security risks and tradeoffs to both technical and semi-technical audiences.
• A proactive, growth-oriented mindset focused on continuous learning, innovation, and raising security standards.
• Passion designing and performing hands-on implementation work.
• Ability to work in a fast-paced environment, often juggling multiple projects.

What’s in it for you?

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
• We value Work-Life balance and You Time!A generous amount of paid time off, including vacation days, sick days, education days, compassion days for loss, and volunteer days
• Time off to care for and focus on your growing family
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties
• An annual wellbeing stipend to care for your physical, financial, or emotional health
• A monthly communication phone/internet stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.