Senior Security Engineer
Role summary by JobGrid
Senior Security Engineer at checkatrade: London, United Kingdom; On-site. JobGrid adds normalized role facts, source context, and a path to the employer application page so candidates can compare the listing before applying.
- Location and workplace: London, United Kingdom, On-site
- Source freshness: checked by JobGrid on 2026-06-08.
- Application path: candidates continue to the employer application page with non-personal referral tags.
As our next Security Engineer, you'll be the architect of how secure software gets built at Checkatrade, designing the platforms, guardrails, and paved paths that let engineering teams ship fast without ever trading off security. You'll embed modern AppSec practices directly into the developer workflow, harness AI agents to turn vulnerability noise into actionable signals, and make secure-by-default the cheapest, easiest option every time. If you want to build the rails and not just inspect the track, this is your role.
Forget long lists, here's what you'll actually spend your time on:
Designing and implementing scalable security controls and platform-level guardrails across our multi-cloud estate. Build it once, make it the default everywhere.
Driving a modern secure SDLC: threat modelling, SAST/DAST/SCA, secrets management, and dependency hygiene embedded into the developer workflow, not bolted on.
Prototyping and deploying AI agents that review code, triage findings, suggest fixes, and turn vulnerability noise into signals developers actually act on.
Owning the security of our IaC, CI/CD pipelines, and cloud platforms, making least privilege the default and not a project.
Partnering with engineering to deliver paved paths, libraries, and tooling that make the secure way the easy way.
Running technical security reviews for new applications and infrastructure changes, finding the issues that matter with the evidence to back it up.
It's not about ticking every box. It's about turning up curious, ready to crack on. You'll do well here if you bring:
Demonstrable depth across application security, cloud security, and modern platform engineering. You've shipped things, not just assessed them.
A strong, evidenced point of view on how agentic AI transforms code review, threat modelling, and developer enablement, with the receipts to back it up.
Hands-on experience securing complex multi-cloud environments (AWS, GCP, Azure). GCP experience is a bonus.
Deep, practical experience with Terraform, Kubernetes, CI/CD security, and infrastructure-as-code patterns, plus the developer empathy to build things engineers actually want to use.
We believe great work deserves great rewards. Here's just a taste:
Competitive salary + annual bonus or commission (role dependent)
Employee Share Programme
Health, well-being and learning support
Gym membership, Smart Tech Scheme and Cycle Scheme
Birthday/Special day leave
Buy & sell holiday scheme
1 week's paid charity leave and much more!
How we’ll get to know each other:Screening call with one of our Talent Acquisition Partners
1st stage interview with Hiring Manager - Head of InfoSec
2nd Stage interview with IT Manager & Director of Engineering
If this sounds like the place where you can do your best work, we’d love to hear from you, even if you don’t tick every box
Want to join our Talent Community and be one of the first to know about our vacancies? Register your interest on our Registration Form
At the moment, this role isn’t open to visa sponsorship applications
About us
We’re Checkatrade – the UK’s leading platform for finding a tradesperson. With more than 50,000 trades listed and over 6 million reviews, we help homeowners get jobs done right and help tradespeople grow their business.
We’re growing fast, with big plans to become the go-to brand for home improvements. If you care about great work, take pride in the details, and want to make an impact, you’ll fit right in.