Principal Security Engineer

<p><strong>Location:</strong> Remote UK/Euro<br><strong>Reporting line:</strong> Chief Risk Officer</p> <h3><strong>About Auros</strong></h3> <p>Auros is a global digital asset liquidity provider operating 24/7 across centralised and decentralised markets. We run high-availability, low-latency systems where resilience and risk discipline matter. Security is treated as a core engineering and risk function, with direct engagement from senior leadership.</p> <h3><strong>The Role</strong></h3> <p>We're hiring a hands-on principal security engineer to implement and operate security controls across our infrastructure. This is a technical execution role where you'll be writing code, configuring systems, and shipping security improvements, not writing policies or managing people.</p> <p>You'll work closely with Infrastructure and Engineering teams to harden our cloud environments, secure our CI/CD pipelines, and protect both corporate and production systems. The scope is broad, the environment is fast-paced, and you'll be expected to own problems end-to-end.</p> <p>We believe security should enable the business, not obstruct it. You'll design controls that are effective but unobtrusive, security that works in the background without creating friction for engineers or traders.</p> <h3><strong>What You'll Do</strong></h3> <ul> <li>Implement and maintain security controls across multi-cloud environments (primarily AWS and Azure, with some GCP and AliCloud) and on-prem infrastructure</li> <li>Own IAM strategy and implementation: design and enforce identity, access, and permissions models that are secure, scalable, and practical</li> <li>Design and operate key management and custody security controls such as HSMs, secrets management, and secure key handling for trading operations</li> <li>Harden CI/CD pipelines (GitLab) and secure the software delivery process</li> <li>Configure and operate corporate security tooling (endpoint protection, MDM/Jamf, DLP, identity management)</li> <li>Respond to security incidents: triage, investigate, contain, remediate</li> <li>Conduct security assessments of infrastructure and applications</li> <li>Automate security operations: detection, alerting, and response</li> <li>Work with Infrastructure to embed security into cloud provisioning and system configuration</li> </ul> <h3><strong>What We're Looking For</strong></h3> <ul> <li>8+ years' hands-on experience in security engineering or security operations</li> <li>Strong, opinionated views on IAM (you've designed and implemented identity and access management across cloud environments and have a clear philosophy on how it should work)</li> <li>Strong working knowledge of cloud security controls across multiple providers (AWS and Azure preferred)</li> <li>Experience securing CI/CD platforms, GitLab preferred</li> <li>Familiarity with corporate IT security tooling (Jamf, endpoint protection, DLP, SSO/IdP)</li> <li>Comfortable in Linux environments and scripting (Python, Bash, or similar)</li> <li>Experience with infrastructure-as-code (Terraform, Pulumi etc.) is a plus</li> <li>Exposure to financial services, crypto, or other regulated environments is a plus but not required</li> </ul> <p>We value demonstrated skills and practical experience over certifications.</p> <h3><strong>What You Get</strong></h3> <ul> <li>Direct ownership of security implementation</li> <li>A small, technical team where your work has immediate impact</li> <li>Exposure to low-latency trading infrastructure and the digital asset space</li> </ul>