This website uses cookies to ensure you get the best experience.

Applied Computing and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor
Skip to main content
Finance · Remote UK · Fully Remote

Security Engineer

About Applied Computing

Applied Computing was founded in 2024 to build Orbital, a physics-informed foundation model for energy operations. We’re live across oil and gas,refineries, and petrochemicals, working towards our mission: sustainableabundance for a growing planet.

The hydrocarbon industry keeps the world running. But its complexity has left operators tied to legacy systems, making critical decisions on less than 10% of available data.

We built Orbital to change that. It’s a foundation model built specifically for energy that lets companies use AI at scale, harnessing all of their operational data and optimising in real time for any metric. Decisions get faster, operations get safer, and carbon intensity falls.

We’ve raised over $32 million, including one of the largest seed rounds for an AI company in the UK. We’re just getting started.

The Role

Security here is not a compliance function with a budget and a slide deck. We take compliance seriously and it is woven into how the team operates. It is an engineering problem that needs solving every day, by someone who gets stuck in.

Our security team is small and honest about it. A hands-on CISO, a Compliance Manager, a Lead Security Researcher who spends his time on the offensive side, and a junior engineer who was the IT lead six months ago and is now doing the best work of their career. We need someone to sit in the middle of that and pull it forward.

The work is real and the ambition is high. We are maturing our DevSecOps capability, driving continuous improvement across our cloud posture, and targeting SOC 2 Type 2 certification within three to six months. Nobody is going to hand you a roadmap. You will help build it.

If that sounds like the kind of problem you want to own, read on.

Key Responsibilities

DevSecOps & Secure SDLC

  • Design and implement security gates within CI/CD pipelines using GitHub Actions and related tooling

  • Define and enforce secure coding standards and automated checks across development workflows

  • Work closely with engineering teams to embed security early in the development lifecycle without becoming a blocker

  • Champion a shift-left security culture across the organisation

Cloud Security

  • Own and maintain the cloud security posture across AWS (primary),Azure (development), and M365

  • Use Wiz to continuously monitor, prioritise, and remediate cloud security findings

  • Develop and enforce cloud security standards, IAM policies, and guardrails

  • Identify and close gaps in cloud architecture before they become incidents

Vulnerability Management

  • Lead the vulnerability management programme, triage, prioritise, track and remediate across the estate

  • Manage the intake of security findings from internal and external sources and ensure nothing falls through the cracks

  • Produce clear, actionable remediation guidance for engineering and infrastructure teams and where needed, roll up your sleeves and raise the PR yourself

  • Track and report on risk reduction over time to the CISO

Mentoring & Team Development

  • Provide day-to-day mentoring and technical guidance to the junior security engineer

  • Review their work, share your thinking, and help them develop both technically and professionally

  • Contribute to a team culture where curiosity is valued and problems are solved collaboratively

Essential Experience

  • Hands-on experience with Terraform for infrastructure as code and security configuration management

  • Proficiency with Microsoft Sentinel - building detections, managing alerts, and investigating incidents

  • Working knowledge of Wiz or a comparable cloud security posture management tool

  • Strong understanding of DevSecOps principles and practical experience integrating security into GitHub-based CI/CD pipelines

  • Solid AWS security experience - IAM, security groups, logging,monitoring, and remediation

  • Familiarity with M365 and Azure security configurations

  • Experience delivering against SOC 2 and/or ISO 27001 requirements in a hands-on engineering capacity

  • Proven ability to manage and prioritise a vulnerability backlog under real-world constraint

What We Are Looking For

The technical skills matter. So does everything else. We need someone who does not wait to be told what the problem is. Someone who is curious enough to go looking, confident enough to say what they find, and grounded enough to triage a ticket pile on a Tuesday morning without treating it as beneath them. The role will move between housekeeping and high-stakes projects in the same week.

The junior engineer on the team needs more than a colleague. They need someone who will invest in them, not just review their work but help them think differently. If mentoring energises you, that matters here.

Our Lead Security Researcher already owns the offensive side of AI and ML security. What we need is someone who can hold the defensive line, securing model pipelines, understanding prompt injection risks, thinking about supply chain exposure in AI systems. It is not a requirement for this role.

But if youhave been in that space, you will hit the ground running.

What Success Looks Like

30 Days

You know where the bodies are buried. You have mapped the cloud posture,walked the pipelines, understood the compliance gap, and formed a view on what needs to happen first. You are not still finding your feet, you are alreadycontributing.

60 Days

Your mark is already visible. The DevSecOps capability is stronger, vulnerability management has a process that people follow, and the SOC 2 Type 2 workstream is moving with momentum. The junior engineer is already doing things they were not doing before you arrived.

6–12 Months

SOC 2 Type 2 is done. Not in progress, done. The cloud posture is measurably stronger, and you can prove it. Security is part of how the engineering team works, not something that happens to them after the fact. You have raised the floor, and you are still raising it.

Department
Finance
Locations
Remote UK
Remote status
Fully Remote

About Applied Computing

Applied computing is one of its kind revolution with a mission to deliver sustainable abundance for a growing planet,

through AI that works for the Energy Industry

Founded in 2023
Co-workers 10-50
Finance · Remote UK · Fully Remote

Security Engineer

Loading application form

Already working at Applied Computing?

Let’s recruit together and find your next colleague.

Applicant tracking system by Teamtailor