Staff Security Engineer

The Role

In 2025 we are investing in enhancing security capabilities to our Engineering & Data group. We are looking for a security engineer to guide our engineering practices, enhance security in our software delivery lifecycle, and work closely with our Information Security team.

As a Security Engineer at Depop, you will be responsible for providing security guidance and support, building capabilities which strengthen our security, and support the InfoSec team with our current security policies and processes.

Responsibilities:

1. Perform code/design reviews and security testing
2. Identifying and working with our engineers to mitigate vulnerabilities in our codebases
3. Working with our engineers to integrate security into the SDLC
4. Propose solutions for paved paths to solve problems at scale
5. Help foster a culture of secure engineering
6. Assess and address risks in our cloud-based platform
7. Identify insecure patterns in our infrastructure and networks
8. Help establish and implement infrastructure and network policies
9. Support and facilitate our vulnerability management program
10. Be part of our on-call rotation for security incidents

Requirements:

1. Deep knowledge of at least one major cloud provider (AWS specifically is advantageous)
2. Strong networking foundations
3. Experience architecting systems at scale
4. Expertise with infrastructure as code (Terraform as an advantage)
5. Experience securing Kubernetes clusters and docker containers
6. Experience with vulnerability scanning and software patching at scale
7. Experience with software development
8. A strong understanding of industry best practices for secure engineering
9. Be comfortable working independently, with a high degree of trust and autonomy.
10. A proven track record of role-modelling a pragmatic security culture
11. Strong interpersonal and collaboration skills.

Additional information:

Health + Mental Wellbeing: PMI and cash plan healthcare access with Bupa, subsidised counselling and coaching with Self Space, Cycle to Work scheme with options from Evans or the Green Commute Initiative, Employee Assistance Programme (EAP) for 24/7 confidential support, Mental Health First Aiders across the business for support and signposting.

Work/Life Balance: 25 days annual leave with the option to carry over up to 5 days, 1 company-wide day off per quarter, Impact hours: Up to 2 days additional paid leave per year for volunteering, Fully paid 4-week sabbatical after completion of 5 years of consecutive service with Depop, to give you a chance to recharge or do something you love.

Flexible Working: MyMode hybrid-working model with Flex, Office Based, and Remote options (role dependent), all offices are dog-friendly, Ability to work abroad for 4 weeks per year in UK tax treaty countries.

Family Life: 18 weeks of paid parental leave for full-time regular employees, IVF leave, shared parental leave, and paid emergency parent/carer leave.

Learn + Grow: Budgets for conferences, learning subscriptions, and more, Mentorship and programmes to upskill employees.

Your Future: Life Insurance (financial compensation of 3x your salary), Pension matching up to 6% of qualifying earnings.

Depop Extras: Employees enjoy free shipping on their Depop sales within the UK. Special milestones are celebrated with gifts and rewards!