Job Description

This role is internally titled "Senior Platform Security Engineer (DevSecOps)

55,000 - 75,000

|

UK -Remote

Are you a developer with a passion for secure coding practices and a curiosity for security engineering?

We're on the lookout for an ex-developer (or current developer ready to pivot) who can bring a strong software engineering foundation into the world of application security. If you're experienced in CI/CD, have touched SAST/DAST, and want to dive deeper into secure development practices, this role is a great fit. across Azure, AWS, and internal systems -- embedding security from code to cloud.

About Tribal

Tribal is a leading EdTech business providing market-leading software solutions to the global education market. We research, develop, and deliver the products, services, and solutions needed by education institutions worldwide to support their core mission: educating students, delivering optimum learning experiences, and achieving successful outcomes.

We're currently strengthening our security function and are looking for a technical specialist to help shift-left across our development lifecycle -- integrating security earlier and deeper into our pipelines, codebases, and release processes.

The Role

As a Senior Platform Security Engineer (DevSecOps), you will work closely with development, DevOps, and infrastructure teams to embed secure coding practices, integrate automated security tooling, and ensure code and environments meet compliance and security expectations.

This is not an infrastructure/cloud-focused role -- we're looking for someone with a developer mindset who understands how software is built and wants to influence how it's secured.

You'll be involved in:

Integrating SAST/DAST tools into CI/CD pipelines Performing secure code reviews and advising on coding best practices Championing security in agile product teams Collaborating on threat modelling and secure design discussions Supporting incident response and code-level triage when required Identifying and remediating code vulnerabilities early in the lifecycle Driving adoption of security automation across developer workflows
This is a full-time, fully remote role with occasional travel. Some out-of-hours work may be required under Tribal's On-Call and Out of Hours Working Policy, with appropriate compensation.

What you'll bring

A background in software development (e.g., C#, Java, Python, JavaScript) Working knowledge of CI/CD pipelines (Azure DevOps, GitLab CI, GitHub Actions, Jenkins) Hands-on exposure to tools such as SonarQube, Checkmarx, Veracode, OWASP ZAP, Snyk, or similar Understanding of SAST, DAST, and dependency scanning A strong interest in secure development and application security Experience collaborating with engineers in agile, fast-paced environments

It would be great if you also had:

Familiarity with secure SDLC practices Experience in cloud-based environments (Azure or AWS) Certifications such as AZ-500, AWS Security, or CISSP (not essential) Exposure to IaC scanning tools like Checkov, TFSec, or Terraform-compliance

What can Tribal offer you?

We offer a range of exceptional benefits to support your wellbeing and work-life balance, including a comprehensive Health Cash Plan, Private Medical Insurance, and Wellbeing Days. You'll also have access to E-Learning Opportunities to enhance your skills, Volunteer Days to give back to your community, and Employee Engagement Activities to connect with your colleagues. Our flexible working options and Achievers awards ensure that you can thrive both personally and professionally in a supportive, rewarding environment.

Even though the role is full-time, we offer flexible work arrangements to enhance work-life balance, motivation, productivity, and performance. If you need flexibility, apply and discuss your needs with us.

Job Types: Full-time, Permanent

Pay: 55,000.00-75,000.00 per year

Benefits:

Work from home
Work Location: Remote