This job was posted more than 40 days ago and might be expired.
Encord logo

Security Engineer

Posted about 2 months ago

OfficeLondon

About us

Encord is the universal data layer for AI that helps 300+ AI teams train and run models on the right data. Our platform indexes, curates, annotates, and evaluates data across the full AI lifecycle, from development through production.

 

Trusted by Woven by Toyota, AXA, UiPath, Zipline, and more. We're an ambitious team of 100+ working at the frontier of AI and have raised $60M in Series C funding from Wellington Management, CRV, Next47 and Y Combinator.

 

The role

We are looking for a Security Engineer with 3+4 years of experience to join our growing engineering team. You will be a key contributor to securing Encord's cloud infrastructure, product, and internal systems as we scale from 150 to hundreds of employees and expand into new global markets. You will work closely with engineering, infrastructure, and product teams to embed security at every layer of the stack.

 

What You'll Do

  • Application & Product Security

  • Conduct threat modelling, security design reviews, and code reviews for new product features and platform changes.

  • Identify, triage, and track vulnerabilities across Encord's web application and APIs; work with engineering teams to drive remediation.

  • Champion secure development practices (SAST, DAST, dependency scanning) and integrate them into the CI/CD pipeline.

 

Cloud & Infrastructure Security

  • Help secure Encord's cloud-native infrastructure, including access policies, network segmentation, storage access controls, and container security.

  • Monitor for misconfigurations and assist in hardening our Kubernetes and microservices environments.

  • Support data security controls for the petabyte-scale multimodal data sets that customers entrust to our platform.

 

Incident Response & Operations

  • Participate in incident response activities, including investigation, containment, and recovery efforts

  • Provide technical expertise and guidance to IT and network engineering teams to ensure security controls are effectively implemented and maintained

 

Compliance & Risk 

  • Support Encord's SOC 2 Type II, ISO 27001, and customer compliance programmes, including evidence collection and control implementation.

  • Contribute to third-party vendor and supply-chain risk assessments.

  • Help maintain and improve security policies, runbooks, and documentation.

 

Reporting & Documentation

  • Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancements

  • Stay up-to-date with the latest information security technologies and advancements

  • Train staff on network and information security procedures

 

What we're looking for

  • Hands-on and thorough — you have 3–4 years of experience in a security engineering, application security, or cloud security role and are comfortable owning work end-to-end

  • Cloud-native mindset — you have strong working knowledge of cloud security on AWS or GCP 

  • Security-first engineer — you understand application security concepts including OWASP Top 10, common API vulnerabilities, and authentication/authorisation flaws

  •  Technically grounded — you’re comfortable reading and reviewing code in at least one programming language (Python or TypeScript preferred) 

  • Clear communicator — you can translate technical risk into business impact for non- security audiences

  • Bonus: experience securing containerised environments, familiarity with AI/ML security concepts, or certifications such as OSCP, AWS Security Specialty, CCSP, or CEH

Experience requirements

  • 3–4 years of hands-on experience in a security engineering, application security, or cloud security role

  • Strong working knowledge of cloud security on AWS or GCP

  • Experience with application security concepts: OWASP Top 10, common API vulnerabilities, authentication/authorisation flaws

  • Practical experience with security tooling: SAST/DAST scanners and vulnerability management platforms

  • Comfortable reading and reviewing code in at least one programming language (Python
    or TypeScript preferred)

  • Bonus: experience securing containerised environments (Docker, Kubernetes) and CI/CD pipelines, familiarity with data security or privacy regulations relevant to AI/ML workloads, or security certifications such as OSCP, AWS Security Specialty, CCSP, or CEH

Why Encord

  • Competitive salary, commission, and meaningful equity in a high-growth startup

  • Strong in-person culture — most of the team works from our London office 4+ days/week

  • 25 days annual leave + UK public holidays

  • Annual learning & development budget

  • Travel for customer visits, events, and conferences across the UK and Europe

  • Company lunches twice a week

  • Monthly socials & bi-annual team offsites

Job details
Workplace
Office
Location
London

Encord is the multimodal data layer for physical AI. Manage, curate, annotate, and align petabytes of data - from sensor streams to video to text. Trusted by 300+ AI teams including Woven by Toyota, AXA, UiPath, Zipline, and more.

Employees
184
Industry
Software Development
Headquarters
San Francisco, California
Founded
2021
Company location
San Francisco, California, US
Specialties
Active Learning, Data Engine, Artificial Intelligence, Computer Vision, Machine Learning, Data Annotation, Image Annotation, Video Annotation, Automated Labeling, Ground Truth Data, Model Training, Model Performance, SAAS, and Software-as-a-service

Key team members

Scott Sage

Scott Sage

Benjamin Junior

Benjamin Junior

Christian Kabrich

Christian Kabrich

Ali Raza

Ali Raza

Apply smarter with Jobr

Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.

Direct from company career pages
AI-personalised cover letters
Human review before every submit
Application tracking & follow-ups