Security Engineer

at  Octopus Deploy

Octopus Deploy sets the standard for Continuous Delivery, empowering software teams to deliver value in an agile way. Over 4,000 organizations globally – including Ubisoft, ASOS, Xero, monday.com, Stack Overflow, NASA, and Disney – rely on our Continuous Delivery, GitOps, and release orchestration solutions.
Founded in Australia in 2012, our team of over 270 Octonauts now spans the globe. We combine high growth and big ambitions with a sustainable, balanced working environment. Our revenue has grown consistently between 30–50% every year for the past 8 years, and we’ve been profitable for 10 out of the past 11 years. [In 2024, Octopus Deploy acquired Argo maintainers, Codefresh, the leaders in enterprise GitOps.] Octopus now provides the industry’s most comprehensive Continuous Delivery solution for organizations operating at scale.
We’ve been remote-first since 2015 and work with an uncommon level of transparency. You can read our public handbook to learn how we work. We have a transparent approach to compensation that ensures people doing the same work with the same skill get paid the same, with well-defined career pathways. We foster a supportive, collaborative, and high-trust environment. We leave our job titles at the door and focus on doing what’s best for our customers and team. Our leaders never shy away from answering the tough questions at our all-hands calls or in 1:1s. We conduct interviews and onboarding virtually as part of being a remote-first company.
We are seeking a dedicated Security Engineer to join our Security Operations team and contribute to our mission of ensuring the security and integrity of our systems and data. In this role, you will work closely with our Security Analysts to implement and maintain our security tools and systems. Additionally, you will participate in our Security Partner Program, collaborating with teams within our R&D organisation to design and implement secure systems and applications.
You will also be part of our Quick Reaction Force (QRF), responding to issues related to our security tools and systems during business hours only.

• Experience designing and implementing secure systems and applications.
• Familiarity with infrastructure as code (IaC) and containerisation and orchestration tools.
• Experience with security tools and systems such as intrusion detection/prevention systems and vulnerability management platforms.
• Proficiency in conducting security audits, risk assessments, and penetration testing.
• Familiarity with security frameworks and standards such as ISO 27001, Soc II Type 2, and CIS controls.
• Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams.