Job Description
£50,000 to 67,000 GBP
Bonus
Hybrid WORKING
Location: Manchester, North West - United Kingdom Type: Permanent
Security Engineer - API, IAM & Automation Locations: Glasgow, Greater Manchester or Northampton (Hybrid) Salary: Up to £67,000 base + bonus (DOE)
The Role We're looking for a Security Engineer to join a growing security engineering function, helping to design and build secure, scalable systems with a strong focus on API security, automation, and identity.
This role suits someone from a Security Engineering, DevSecOps, Platform Engineering or Cloud Engineering background who enjoys working close to code and infrastructure, and embedding security into the software development lifecycle.
Key Responsibilities
* Design and secure APIs, including authentication, authorisation, and secure communication patterns.
* Develop and maintain automation and security tooling using Python and Bash.
* Build and operate Identity & Access Management (IAM) and secrets management solutions.
* Work closely with software and platform teams to embed security into CI/CD pipelines.
* Perform vulnerability assessments and support remediation across cloud and application layers.
* Define and implement security engineering standards, patterns, and best practices.
* Contribute to audits, risk assessments, and continuous improvement of security controls.
Required Experience
* Strong experience with API development and API security (REST, OAuth, authentication, secure design).
* Solid programming / scripting skills in Python and Bash.
* Hands-on experience with IAM (e.g. cloud IAM, SSO, RBAC, secrets management).
* Cloud experience with AWS and/or Azure.
* Background in Security Engineering, DevSecOps, SRE, or Platform Engineering.
Desirable
* Experience integrating security into CI/CD pipelines.
* Knowledge of vulnerability scanning (SAST, DAST, SCA).
* Familiarity with container and Kubernetes security.
This is an opportunity to play a key role in shaping secure-by-design engineering practices across a modern cloud and API-driven environment, with real technical ownership and influence.