Security Engineer
Top focus
A little about us incident.io is the leading AI incident response platform, relied on by some of the best engineering teams in the world when things go wrong. Since launching in 2021, we've helped over 2,000 companies, including OpenAI, Netflix, and Airbnb, run more than 1 million incidents.
The stakes are real, the talent is insane, and somehow it's a genuinely lovely place to work. We all pull our weight, go the extra mile, and put in the bit of magic most companies don't have time for, all while having fun and never taking ourselves too seriously.
We've raised $96 million from Index Ventures, Insight Partners, and Point Nine, and we're growing fast. There's never been a better time to join. The role in one line You'll build incident.io 's security function from the ground up, creating a product secure enough to support some of the best engineering teams in the world when things are going wrong.
What that looks like day to day We're looking for our second Security Engineer, someone with a real passion for application security who thrives embedded within product teams rather than sitting apart from them. You'll work side by side with engineers to design and build secure systems from the start, not swoop in at the end with a checklist.
You'll spot vulnerabilities before they reach production, coach engineers on secure coding, and help shape a culture where security is second nature rather than a bolt on. You'll partner closely with product teams to review features with security built in from day one, and collaborate heavily with Infrastructure to help secure our infrastructure, CI/CD, and internal tooling.
You'll use both white box techniques, code review, architecture analysis, and black box techniques, penetration testing, fuzzing, to find and mitigate vulnerabilities across our applications, APIs, and infrastructure. We move fast and avoid process wherever we can, so a big part of the job is figuring out how to build a genuinely secure product without slowing our engineers down.
That means introducing pragmatic tooling and automation that strengthens our defences quietly, rather than getting in the way. We're heavy adopters of AI, and this role sits right in the middle of that. You'll use AI tools to speed up your own work, review, testing, threat modelling, and you'll also be responsible for securing the AI features and AI-driven workflows we're shipping into the product.
This is a genuinely new function you get to shape from scratch, and your fingerprints will be on how incident.io does security for years to come. Who you are You've got a track record of finding and fixing application security vulnerabilities, whether that's through security research, penetration testing, or red teaming.
You know your way around modern web stacks (React, Go, TypeScript, Postgres or similar) well enough to spot where things go wrong before they do. You're genuinely comfortable embedding inside a product team and influencing design decisions, not just reviewing them after the fact.
You've got real cloud security experience, ideally GCP, and you know how to focus on what actually reduces risk rather than chasing every theoretical issue. You communicate well. You can deliver a hard piece of feedback to an engineer and have them thank you for it.
You've got grit. You're building this function from nothing, and the hard days, the scary find in production, the process that doesn't exist yet, don't put you off. You live and breathe security. This isn't just the day job for you, it's something you genuinely geek out on.
Supporting you We work hard and we think life outside work matters just as much. Our benefits pack is built to support both. Private medical insurance. Seriously good cover - we want you and the people you love to be looked after. Competitive annual leave.
Showing up at your best requires switching off, and we make sure you have time to do that. First Friday of every month off. Yes, seriously. Enhanced pension. We put real money in, because future-you deserves better than an afterthought. Meaningful equity.
We're rapidly scaling, and everyone who helps shape the outcome should share in it. Unlimited AI spend. For everyone, not just engineers. We're all-in on AI across the company, and we expect you to be too. Generous parental leave. The early days with a new baby matter more than anything we're doing here, and we want you to be present for them.
Two budgets that have your back. £1000 to invest in your setup, £500 a year to invest in yourself.