Product Engineer - Contract Engineering · Office ·

Location: Hybrid (London)
Contract Length: 6 months

At Natcap, we’re building the infrastructure that empowers sustainability decisions at scale. As we rapidly grow to meet enterprise demand, we’re investing in world-class engineering to strengthen our systems and unlock big opportunities. We’re looking for a hands-on Full-Stack Product Engineer to help us level up our infrastructure and security.

This is a high-impact role – perfect for someone who thrives on solving hard problems fast and shipping meaningful improvements.

In this role, you'll collaborate closely with our CTO, CISO, and product teams to deliver projects that directly support our enterprise readiness and ISO 27001 goals.

You’ll own or contribute to initiatives including:

• CI/CD expansion: Extend GitHub Actions pipelines and implement per-PR ephemeral environments

• Authentication upgrade: Migrate from custom auth to Auth0 (or similar), with social login + MFA

• Data governance: Apply labelling to Postgres, S3 and BigQuery data

• Web security hardening: Audit React, GraphQL and FastAPI layers to eliminate XSS/CSRF and strengthen CSP

• Static analysis remediation: Triage and address SAST findings

• RBAC rollout: Finalise and implement role-based access controls

• Audit logging: Structure and surface user action logs in the app

• Frontend: React, Apollo GraphQL

• Backend: FastAPI (Python)

• Infra/Security: GitHub Actions, SAST tools, Auth0 (or equivalent), RBAC, CSP

Must-haves:

• 5+ years building production-grade web apps (React + Python)

• CI/CD experience with microservices

• Hands-on with modern auth providers (Auth0, Kinde, Okta, Cognito), including RBAC

• Familiarity with GraphQL

• Strong understanding of OWASP Top 10, CSP, CSRF, and XSS mitigation

• Confident written communicator – clear documentation and stakeholder updates are a must

Bonus points for:

• Experience migrating to managed auth

• Exposure to Kubernetes, Terraform or Helm

• Working in early-stage, high-growth startups under security constraints

You’ll ship iteratively, demo weekly, and document your work for long-term sustainability. We value clean code, proactive ownership, and collaborative problem-solving.

If you’re a pragmatic engineer who enjoys solving gnarly security and infrastructure problems – and want to do it alongside a smart, ambitious team – we’d love to hear from you.