ABOUT NETCRAFT

Netcraft is the global leader in cybercrime detection and disruption. We’re a trusted partner for three of the four largest companies in the world and many large country governments. We’ve blocked more than 200 million malicious sites and perform takedowns for around one-third of the world’s phishing sites.
Our purpose, passion, and expertise are focused on just one thing: protecting the world from cybercrime.
Our passion doesn’t stop at what we do—it shapes how we work, too. We’re proud of our talented team and the value each person brings. That’s why we’ve created a workplace where people feel supported and inspired, from great benefits and wellness programs to fun social events.

We are searching for a Security Engineer to join our growing engineering team. Based in either London, Manchester, or Bath, you’ll report to our Engineering Team Lead in the Security team, part of the Platform Engineering department. You will work within a team to build and maintain security tooling to help improve internal security capabilities across our platforms.
Netcraft’s Engineering division maintains a wide range of services, from modern Go-based applications that run in Kubernetes to twenty-year-old Perl-based systems that run directly on Linux servers. We use AWS for our customer-facing workloads, both directly on EC2 and on managed services such as RDS, EKS, ElastiCache, OpenSearch, S3, RabbitMQ, Security Lake, and more, running at scale with a high degree of automation: taking down a malicious site from the internet every 12 seconds, classifying 20 million URLs a day, and inspecting 1.2 billion sites every month.
This role will give you the opportunity to work collaboratively both within the Platform Engineering department and across the Engineering division to help us to continually improve our internal security and to enable teams to secure their systems. Your day-to-day work will involve developing internal security tooling and security-related CI/CD pipelines, supporting maintenance of security infrastructure in AWS, and investigating and responding to security incidents.

You’ll be:

• Designing, developing, and maintaining internal security tooling for use by both the Security team and the wider Engineering division.
• Taking ownership of security-related CI/CD pipelines, including SCA tooling (Black Duck) and SAST scanning.
• Collaborating with other Engineering teams to enable them to secure the systems they develop.
• Helping respond to security alerts and incident investigations, including as part of our on-call rota once you are familiar with our systems.
• Testing and documenting your work to a high standard.
• Working with cross-functional stakeholders to help propose, design and implement solutions to meet business needs, as well as to champion security best-practices.
• Advocating for and implementing improvements to the Netcraft developer experience, leveraging your skills and experience to add value that doesn’t necessarily relate to Security

What you need to be successful:

• A keen interest in cybersecurity and a love of automation.
• Commercial experience programming in Go or similar languages.
• Commercial experience deploying, using, and tuning DevSecOps tooling, such as SAST/DAST scanners and SCA tools.
• Experience with modern CI/CD pipeline development, ideally in developing and helping roll out pipelines that are designed to be used across multiple projects.
• Experience using cloud providers, such as AWS, including their infrastructure and managed services.
• Experience responding to security-related incidents and writing retrospectives.
• Strong technical communication skills; especially the ability to explain your reasoning to Engineers across the division.

Bonus points:

• Experience with the GitLab DevOps stack, especially in CI/CD.
• Exposure to Infrastructure-as-Code technologies, ideally Terraform.
• Exposure to configuration management tools such as Puppet.
• Exposure to Kubernetes (especially hosted on AWS EKS) and Docker or other containerization technologies, with even more bonus points if your exposure extends to cluster security.
• A keen interest in cybercrime disruption and internet security.
• Experience with AWS security tooling, such as Security Lake, GuardDuty, CloudTrail, CloudWatch, Config or similar.
• Exposure to Microsoft 365 security tooling, such Defender or Entra.
• Experience supporting external security audits (such as SOC 2 or ISO 27001) through evidence-gathering and walkthroughs.