Security Engineer

Granola
London, GB
On-site

Who this role is best for

Best suited to mid-level security engineers with cloud security experience who thrive in fast-paced startup environments and prioritize in-person collaboration in London.

Best fit for

  • Builders who approach security with an attacker's mindset and enjoy zero-to-one phases.
    โ€” โ€œAre first and foremost a builder who thinks like an attackerโ€
  • Candidates comfortable with AI-assisted security tooling and cloud environments.
    โ€” โ€œLeverage AI-assisted tooling to conduct security assessmentsโ€
  • Those who value direct product impact and a strong security culture.
    โ€” โ€œThrive in a fast-paced environment where you can make a direct impact on product securityโ€

Things to consider

  • Full-time in-office work in London is expected, with limited remote flexibility.
    โ€” โ€œAre excited to work in-person from our office in London (most of the time)โ€
  • Startup environment demands comfort with rapid iteration and hands-on contributions.
    โ€” โ€œLove working in a startup environment (you either have experience working in a startup or are really drawn to the zero-to-one phase)โ€

How to stand out

  • Demonstrate concrete examples of integrating security into SDLC in past roles.
    โ€” โ€œWork closely with development teams to ensure secure coding practices are integrated throughout the SDLCโ€
  • Highlight experience with AWS security implementations and incident response.
    โ€” โ€œExperience with cloud and cloud security (we use AWS)โ€
  • Show how you've communicated complex security concepts to non-technical stakeholders.
    โ€” โ€œStrong communication skills with the ability to explain complex security issues to both technical and non-technical audiencesโ€
Pace ยท Fast PacedCollaboration ยท MediumAutonomy ยท MediumDecision Impact ยท TeamLevel ยท Mid

Derived from job-description analysis by Serendipath's career intelligence engine.

What success looks like

  • mitigating security vulnerabilities
  • integrating security throughout SDLC
Typical background
extensive experience in security-sensitive work

Skills & requirements

Required

Application SecurityAi-assisted Security ToolsSecure Coding PracticesCloud Security (aws)Communication Skills

Preferred

Threat ModelingRisk AssessmentsIncident ResponseStartup Experience

Stack & domain

TypeScriptPythonCloud-securityApplication-security

About the role

Original posting from Granola via Ashby

Hey! We're team Granola ๐Ÿ‘‹ If you haven't already, you should check out what we're building https://www.granola.ai/, and why you should work here https://www.granola.ai/jobs.

In this role, you will be responsible for identifying and mitigating security vulnerabilities within Granola's applications, building security tools, and working closely with our development teams to integrate security throughout our software development lifecycle. You'll help establish a robust security culture as we unlock Granola for the next 100x users.

IN THIS ROLE, YOU WILL:

  • Design and implement security features within the Granola app to protect user data and strengthen the product's security posture
  • Leverage AI-assisted tooling to conduct security assessments, code reviews, threat modeling and penetration testing to identify vulnerabilities in our applications
  • Work closely with development teams to ensure secure coding practices are integrated throughout the SDLC
  • Track, analyse, and manage application vulnerabilities, using AI-assisted triage and prioritisation to guide remediation efforts
  • Support incident response by investigating application-related security incidents
  • Stay current on the latest security threats, vulnerabilities, and technologies to enhance our security posture

YOUR BACKGROUND LOOKS SOMETHING LIKE:

  • Extensive experience building production software, with hands-on exposure to security-sensitive work (auth, data handling, API design, encryption or similar) and a genuine interest in going deeper into application security
  • Comfortable with secure coding practices and at least one of: threat modelling, risk assessments, or incident response, with appetite to grow across the rest
  • Proficiency in programming languages such as TypeScript, Python, or similar
  • Experience with cloud and cloud security (we use AWS)
  • Strong communication skills with the ability to explain complex security issues to both technical and non-technical audiences

AS A PERSON, YOUโ€ฆ

  • Are first and foremost a builder who thinks like an attacker
  • Are excited to work in-person from our office in London (most of the time)
  • Love working in a startup environment (you either have experience working in a startup or are really drawn to the zero-to-one phase)
  • Value working with people who are kind, ambitious, and pragmatic
  • Have a passion for protecting users and building secure systems
  • Thrive in a fast-paced environment where you can make a direct impact on product security

ABOUT THE OPPORTUNITY

We are living in the most exciting time for tool builders since Engelbart's demo https://en.wikipedia.org/wiki/The_Mother_of_All_Demos in 1968. We want to assemble the best crew to build this future together, here in London. Our compensation philosophy is to pay slightly above market on salary and above market on equity.

We do our best work in person, and so our team spends time together five days per week in our new, bright, and spacious office at Old Street. We are happy to offer relocation assistance to candidates who'll be moving to London to join us.

Lastly, we think amazing talent comes from all kinds of life journeys and experiences. If what is written above speaks to you, whether you look like a fit on paper or not, please reach out.

Source: Granola careers (Ashby)

Similar roles