Senior Developer Experience Security Engineer

Department: Product

Location: London

Employment Type: FullTime

About Motorway

Motorway is the UK’s fastest-growing used car marketplace – our award winning, online-only platform connects private car sellers with over 7,500 verified dealers nationwide, who compete to offer the best price. Founded in 2017, our technology makes the process refreshingly easy, earning us an 'Excellent' Trustpilot rating with over 70,000 reviews. We're not just building a platform; we're changing how people sell cars.

Backed by leading investors like Index Ventures and ICONIQ Growth, and following a successful $190 million funding round, we're on a mission to transform the used car market.

About the role
Motorway is rapidly growing its technology team and business, and we are looking for a Developer Experience Security Engineer to help enable a secure, scalable, and frictionless developer experience across Motorway.

We have recently built and rolled out a new container platform on top of AWS Fargate, and are currently enhancing our observability, reliability, and developer-focused tooling, and developer-focused tooling. We will continue to build and evolve secure, standardised platform capabilities that reduce cognitive load and help teams ship faster with confidence.We will continue to build and evolve secure, standardised platform capabilities that reduce cognitive load and help teams ship faster with confidence.

This role will act as a bridge between the Developer Experience team and Security Operations team, ensuring security strategy is embedded into platform abstractions, tooling, and defaults.This role will act as a bridge between the Developer Experience team and Security Operations team, ensuring security strategy is embedded into platform abstractions, tooling, and defaults.

As a Security Developer Experience Security Developer Experience Security Engineer, you will ensure that security is built into how engineers build, deploy, and operate software, making the secure path the easiest path you will ensure that security is built into how engineers build, deploy, and operate software, making the secure path the easiest path

The role will involve:

• Design, implement, and maintain secure-by-default platform capabilities (e.g. IAM patterns, network primitives, secrets management, runtime protections, encryption) that are easy for product teams to adopt.Design, implement, and maintain secure-by-default platform capabilities (e.g. IAM patterns, network primitives, secrets management, runtime protections, encryption) that are easy for product teams to adopt.).

• Build automated security checks, guardrails, and visibility that continuously assess risk and reduce the need for manual security audits.

• Collaborate with engineering to embed secure software development practices into CI/CD pipelines, templates, and shared tooling s(Shift left and Secure by design principles).

• Reduce manual work (toil) for the technology and Security Operations Team using automation (e.g. scripting, workflows, tooling).

• Ensure platform-level security telemetry, logging, and monitoring are consistent, high-quality, and provided as a standard capability for all teams.

• Define and implement platform-wide security use cases (e.g. SIEM detections, alerts, and signals) that scale across teams without bespoke configuration

• Work as part of a virtual SOC with the Security Operations Team to support in security incident response.

• Stay up-to-date with the latest security trends and best practices.

• Enable secure engineering practices through documentation, examples, platform defaults, and targeted training where appropriate.

• Help translate security policies and standards into practical, enforceable platform patterns and guardrails..

Requirements

We encourage you to apply, even if you might not meet all the requirements. You’ll be directly reporting to an Engineering Manager, who will help mentor and guide you in your career.

• Proven experience as a Platform engineer, Developer Experience engineer, or similar role focused on enabling other engineers.

• Proven experience working with Containers and serverless with Infrastructure as code.

• Good knowledge of AWS cloud security best practices and tooling

• Technical knowledge of best practice security for networks, systems, web applications, APIs and databases.

• Good understanding of secure software development practices.

• Familiarity with security tools and technologies, such as SIEM, IDS/IPS, WAF and vulnerability scanners.

• Knowledge of common adversarial Tactics, Techniques and Procedures (Mitre Att&ck TTPs).

• Knowledge of security standards and frameworks (e.g. ISO27001, NIST CSF) is beneficial.

• Relevant security certifications (e.g. GCLD, Security+, AWS/GCP Security Certifications) are a plus.

• Excellent problem-solving and analytical skills.

• Strong communication and collaboration abilities

Benefits

• A competitive salary

• BUPA health insurance

• Discounted gym membership through BUPA

• OnHand volunteering membership and one paid volunteering day per year

• Hybrid working

• Pension scheme

• Motorway car leasing scheme - lease a zero-emissions electric vehicle at a significant discount

• Enhanced parental leave - We offer enhanced maternity pay (26 weeks of full pay) and enhanced paternity pay (4 weeks of full pay) to eligible employees.

• Workplace nursery scheme

• Regular social events

• Cycle to work scheme

Equal opportunities statement

We are committed to equality of opportunity for all employees. We work to provide a supportive and inclusive environment where people can maximise their full potential. We believe our workforce should reflect a variety of backgrounds, talents, perspectives and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing and advancing individuals based on their skills and talents.

We welcome applications from all individuals regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships.