Security Engineer

  • Full Time
  • Bristol

    What’s it like to work at OVO?

    You will be joining the Orion Security Engineering team whose purpose is to ensure OVO’s greenfield Energy Platform is secure for all our customers while enabling our product teams to ship awesome features.

    This is a varied role where you’ll be exposed to the full stack and will work across technologies including GCP, AWS, Kubernetes and Kafka. You’ll be focusing on projects spanning infrastructure, release engineering and security monitoring.

    As part of the Security Engineering team we want to create solutions and insights that will allow us to meet a very high security calibre, while maintaining a fast delivery pace expected in a modern software system. We believe this happens through tight collaboration between Security Engineering and Software Engineering. You will have a strong focus on building relationships across various teams, including design feedback and coaching but most importantly building security improvements in our products.


    What will you be doing?

    You will be building tools and fostering our security culture to help OVO’s product teams rapidly deliver secure systems. Providing those teams with clear actionable advice on what risks and threats they have to their systems. You will also be responsible for defining and evolving security best practices for our greenfield system. Helping teams take action on those practices through your expert training or automation will be key to your success.


    Do I have what it takes?

    We are looking for excellent security engineers and whilst experience is important, ultimately less so than your demonstrated abilities and attitude.

    The following skills and experience would be beneficial:

    • Knowledge and experience in secure software practices
    • Scripting and software engineering skills; we don’t mind what language! (Python, Scala, Clojure, Java etc.)
    • Awareness of common software security flaws and web application security best practices (OWASP top 10, CWE/SANS Top 25)
    • Code static analysis
    • AWS/GCP security best practices
    • Container vulnerability scanning
    • Open Source dependency scanning
    • Web application firewalls
    • Logging, monitoring and alerting on security incidents
    • Thorough knowledge of CI/CD and DevOps principles


    Additional skills

    • An inquisitive and curious approach, with confidence to tackle difficult problems
    • Rapid adoptee of merit-proven new approaches & technologies
    • Problem solver / structured thinker
    • Always happy to help and a natural sharer of knowledge


    Want to check out more?

    Working in Tech at OVO Energy

    See how we work on our blog and our Tech Blog

    OVO tech github:


    A handful of our benefits…

    • We give you an additional 4% of your salary to buy benefits that suit you; we offer tech for your home, health care, ISA investment, cycle to work, taste & culture cards, additional holiday & more.
    • Flexible working hours
    • 25 days’ holiday & day off on your birthday
    • Free breakfast every day & subsidised Lunch from Friska
    • Lots of social events
    • The opportunity to get involved in teaching kids to code
    • Training budget – this includes joining our up/cross-skilling OVO Bootcamp or videos, books & courses from O’REILLY Safari online
    • Matched volunteering and matched fundraising
    • You’d be working for an accredited Top Employer


    We celebrate diversity and value equal opportunity: the more inclusive we are, the better our work will be. We want to build a team which represents a variety of backgrounds, perspectives, and skills, and we decide employment on the basis of merit and potential.

    Job details


    Skills required

    Perks & benefits

    Free Food
    Employee Discounts
    Performance Bonus
    Free Discounted Lunch
    Flexible Working
    Work From Home
    Free Gym
    Free Coffee
    Subsidised Learning