Cyber Security/ Product Security Engineer

ScreenedHybridFull TimeJust posted
Cambridge, Cambridgeshire, Cambridgeshire; East of England; England
£60,000 - £75,000
Posted 1 day ago
Apply Now

About the role

Job Description hackajob is collaborating with Redgate Software to connect them with exceptional professionals for this role. \Redgate Software \Redgate creates ingeniously simple software to help data professionals get the most value out of any database. Our solutions solve complex database management challenges across the DevOps lifecycle, making life easier for IT leaders, development, and operations teams by increasing efficiency, reducing errors, and protecting business-critical data. The data community trusts Redgate to balance speed to market, team collaboration, and data protection. \Redgate Software – Culture \As a Product Security Engineer, you’ll embed security into the software development lifecycle across multiple product teams. You’ll help teams build, ship, and operate secure software by defining requirements, improving detection and prevention (SAST/DAST), assisting teams with application security governance, and running threat modelling. \nPartner with engineering and product teams to define and operationalise security requirements across the SDLC (from design to release).\nOwn or co-own application security governance practices: secure-by-default standards, patterns, guardrails, and exceptions/risk acceptance.\nDrive SAST/DAST adoption and quality: tool tuning, triage workflows, severity calibration, and “fix-forward” enablement.\nSupport adoption of threat modelling for new features, architectural changes, and high-risk services—turning findings into actionable engineering work.\nProvide product security guidance for cloud-native environments (AWS + containerised workloads), with an emphasis on secure service design and deployment practices.\nBuild strong relationships with product teams through clear communication, coaching, and security enablement.\nReview and assist in the development of engineering policies aligned with security best practices\n \nContribute secure shared libraries/paved-road components or perform targeted security testing/pentesting to validate controls.\nWork with product teams to support implementation of AI, including LLMs, SLMs, and MCP. \nHands-on product/application security experience supporting engineering teams in a modern SDLC (requirements, design review, secure coding guidance, release support).\nWorking understanding of cloud and container security fundamentals in an environment using AWS and Docker (and related CI/CD practices).\nComfort working across a primarily C# ecosystem (with some Java/Python), including the ability to review code and explain security issues clearly to developers.\nAbility to translate security risk into actionable engineering priorities—balancing risk, delivery timelines, and operational realities.\nYou’re pragmatic: you care about real risk reduction, not checkbox compliance or perfect theoretical security.\NET (primary engineering ecosystem), React\n \nJava (J2EE), TypeScript, and Python\n \you’ll help tune and operationalise them)\n \nGet access to core systems and security tooling; nShadow the Product Security Architect and sit in on a handful of ceremonies (planning/refinement/retro) to understand team dynamics and where security naturally fits.\nStart building a knowledge base: common app patterns, approved controls, “how we do security here,” and where to find the right people.\nBegin owning a defined slice of AppSec work with supervision (e.g., nStart contributing to security reviews for new features or higher-risk changes—initially as a second set of eyes, then independently for scoped areas.\nSupport lightweight threat modelling sessions alongside the Architect (prep, note-taking, translating outcomes into engineering actions).\nDemonstrate steady throughput on findings: consistent triage quality, meaningful developer support, and reduced turnaround time for the scoped area.\Benefits include competitive salary, comprehensive health coverage, monthly wellbeing allowance, flexible working arrangements, generous paid time off, employee assistance program, community and social events. Redgate has adopted a flexible-hybrid model. This means that people will work flexibly with a blend of remote (home) and co-located (office) work, with teams having the flexibility to decide which location best suits the outcomes they need to deliver. \Our diversity, equity, inclusion & belonging commitments \We believe diverse teams are better at solving problems and fostering a creative culture. nRecruitment & retention: hiring and retaining diverse talent.\nAuthenticity & belonging: promoting inclusive language and behaviours.\nGrowth: supporting personal and professional development.\We support DEIB through our inclusion forum (Belong at Redgate) and regular DEIB events. If you need accommodation, please let us know via our application process or email careers@red-gate.com. \Learn more about our commitment to diversity on our diversity page. \While we outline the qualities we typically seek, we recognise that you may possess additional attributes and skills that could make you an excellent fit for our team. We do not discriminate based on race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

About this listing

Screened by Joboru

This role passed our automated spam and quality filters and was active in our feed when last checked. Joboru is an aggregator — here is how we screen listings. If anything looks off, tell us.