Principal Security Engineer
Job Description
Orgvue, a leading organizational design and planning platform headquartered in London, is seeking a Principal Security Engineer to lead their security engineering strategy. This strategic role reports directly to the CTO and involves evaluating, evolving, and executing security measures across the entire application development and cloud-hosting infrastructure. The position demands expertise in cloud security, particularly AWS, and requires implementing secure-by-design principles throughout the software development lifecycle. The ideal candidate will champion modern DevSecOps practices, lead security initiatives, and work closely with Information Security, Engineering, and Product teams. Key responsibilities include defining security roadmaps, implementing robust cloud controls, managing IAM strategies, and fostering a security-first culture. The role offers comprehensive benefits including hybrid working, health insurance, and various wellness programs. This is an excellent opportunity for a security leader to make a significant impact in a growing enterprise SaaS company that serves major global organizations.
Responsibilities For Principal Security Engineer
- Define and refine technical security roadmap aligned with business objectives and industry best practices
- Build and maintain security guardrails for static/dynamic analysis, container and IaC scanning
- Design and implement robust controls for AWS, Azure/GCP
- Own enterprise IAM strategy including RBAC, least-privilege provisioning, SSO
- Define audit logging, metrics, and telemetry requirements
- Conduct architecture and code-level reviews
- Evaluate and integrate security tooling
- Mentor senior engineers on security practices
- Partner with InfoSec and Legal for compliance and audits
- Work with engineering squads to improve secure coding practices
Requirements For Principal Security Engineer
- Extensive experience in security engineering with demonstrated leadership
- Expert-level knowledge of AWS and its native security services
- Experience with microservice, container, and serverless architectures
- Proficiency with Infrastructure-as-Code and Kubernetes security
- Strong software engineering background
- Experience in high-sensitivity data environments
- Knowledge of ISO27001 and SOC2 compliance standards
- Experience in threat modelling and vulnerability management
- Deep understanding of IAM concepts and secure network design
- Excellent communication skills
Benefits For Principal Security Engineer
- Hybrid working - 1+ days a week in London office
- Sanctus Coaching
- Virtual fitness sessions
- Wellbeing webinars
- Annual Wellbeing day
- Subsidised Gym Membership
- Private Medical Insurance including Dental and Vision
- Life Assurance
- 25 days holiday (increasing to 30 days)
- Summer Fridays
- 5% employer pension contribution
- Season ticket Loan
- Cycle to Work Scheme
- Annual Discretionary Bonus
Related Jobs
