Fresh Jobs at Deimos

Role Overview

• We are seeking a Senior Application Security Engineer to join our engineering team. Security is embedded in everything we do at Deimos. In this role you will shift security left - building tools, libraries, and automated guardrails that empower developers to move fast without compromising security. You will not be a gatekeeper; you will be an enabler, working closely with product and engineering teams to make secure coding the simplest, most efficient option.

What You Will Be Doing

• Defining the security standard for our product-team deployments and applications.
• Integrating and optimising security tools (SAST, SCA, Secret Detection) into developer workflows.
• Working with product teams to architect and build secure frameworks and patterns, reducing their future cognitive load.
• Automating remediation for common security issues across environments.
• Designing and deploying AI/LLM models and tooling for security-focused change reviews.
• Driving developer engagement with security through initiatives like Security Champions programmes, workshops, lunch-and-learns, and the security health score initiative.
• Collaborating with product teams on threat modelling and translating compliance requirements (ISO 27001, SOC 2) into clear technical specs.
• Hardening CI/CD pipelines and ensuring actionable, relevant security checks.
• Working with Security Operations Engineers to automate security incident triage, removing noise to prioritise high-signal alerting.

What You Must Have

• Bachelor's degree in Computer Science or a related Software Engineering field, or equivalent practical experience.
• A minimum of 5 years of experience in Software Engineering or DevOps, with at least 3 of those years specifically focused on application security.
• Strong communication skills to translate technical vulnerabilities into business and engineering impact.
• Experience with cloud security (AWS) and Infrastructure as Code (Terraform/CloudFormation).
• Proficient in architecting and developing secure applications (preferably in Java).
• Proficient in scripting (Python, Bash, Go) for automation of security tasks.
• Deep understanding of CI/CD systems and embedding security checks without slowing delivery.
• Proven ability to independently define security standards, drive adoption across engineering teams, and manage a Security Champions programme.
• Advantageous: AppSec fundamentals (OWASP Top 10, dependency management, OAuth2/OIDC), experience with SonarQube and CrowdStrike.

go to method of application »

Role Overview

• We are looking for an experienced Principal Software Engineer to join our Professional Services team. You will build software solutions across a multitude of domains, ensuring that each project is done with scalability, maintainability, performance, security, and operational excellence in mind. 
• You will be expected to fill the role of a technical lead while providing guidance and mentorship within the team. You will work closely with the Scrum POs, Engineering Managers and Directors to ensure quality across all projects Deimos participates in. You will collaborate with other leads to constantly improve our processes, technologies, and architectures.
• This role does not entail managing people directly, but it does entail managing the quality of the work output at Deimos. You will report to a Director of Software Engineering who is on a mission to deliver high-value projects built to the best of our ability.
   

What will this person be doing

• End-to-End System Ownership
  Own the architecture and lifecycle of critical systems—from design through production—ensuring they are scalable, resilient, observable, and operationally efficient. Drive long-term maintainability and reduce technical debt at a system-wide level.
• Cloud-Native & Distributed Systems Engineering
  Design and build high-scale, distributed services using modern .NET (6/7/8+), with strong emphasis on containerization (Docker), orchestration (e.g., Kubernetes), and cloud-native patterns (event-driven, asynchronous processing, fault tolerance).
• Architectural Leadership Across Domains
  Define and evolve system architecture across multiple teams and services. Lead the decomposition of monolithic systems into well-bounded, loosely coupled microservices aligned to business domains.
• Technical Strategy & Decision Authority
  Act as a technical authority in the organization—evaluating and introducing frameworks, tools, and engineering practices. Make high-impact decisions balancing trade-offs between scalability, cost, performance, and delivery speed.
• API & Integration Design
  Design robust, versioned, and well-governed APIs (REST/gRPC/event-driven), ensuring consistency, performance, and developer usability across internal and external consumers.
• Operational Excellence & Observability
  Drive best practices around logging, monitoring, tracing, and alerting. Ensure systems are production-ready with clear SLOs/SLAs and proactive incident management strategies.
• Engineering Quality & Standards
  Set the benchmark for code quality, testing strategy (unit, integration, contract, performance), and CI/CD practices. Actively review and guide implementation to maintain high engineering standards.
• Security & Compliance by Design
  Embed security best practices (authentication, authorization, data protection, secrets management) into system architecture and delivery pipelines.
• Mentorship & Technical Leadership
  Mentor senior and mid-level engineers, elevate team capability, and act as a force multiplier across squads. Lead through influence rather than authority.
• Cross-Functional & Executive Collaboration
  Partner with product, business, and executive stakeholders to align technical strategy with business outcomes. Translate complex technical concepts into actionable insights

What key KSAs (Knowledge, Skills, and Abilities) must this person have

Experience & Seniority Calibration

• 10+ years in software engineering, with clear evidence of operating at principal level
• Demonstrated impact across multiple teams/systems (not just a single codebase)
• Proven track record of architecting and scaling production systems

Deep .NET Expertise

• Expert-level proficiency in modern .NET (Core / .NET 6+)
• Strong understanding of CLR internals, async programming, performance tuning, and memory management
• Experience designing modular, testable, maintainable systems in C#

Distributed Systems & Architecture

• Strong experience with microservices, event-driven architecture, and eventual consistency
• Hands-on experience with messaging systems (e.g., Kafka, RabbitMQ, SQS/SNS)
• Proven ability to design for high availability, fault tolerance, and scalability

Cloud & Platform Engineering

• Deep experience in at least one primary cloud (AWS, Azure or GCP) and working knowledge of others
• Strong understanding of containerization (Docker) and orchestration (Kubernetes or equivalent)
• Experience designing cloud-native architectures (12-factor principles, autoscaling, resilience patterns)

Data Layer Expertise

• Strong experience with relational databases (PostgreSQL/MySQL) and NoSQL (e.g., DynamoDB)
• Ability to design for performance at scale (indexing strategies, query optimization, data modeling)

System Modernization

• Proven experience decomposing monoliths into scalable distributed systems
• Ability to manage transitional architectures (hybrid monolith + microservices)

Engineering Excellence

• Strong experience with CI/CD pipelines, automated testing strategies, and DevOps practices
• Deep understanding of observability (metrics, logs, tracing)

Leadership Without Authority

• Demonstrated ability to influence technical direction across teams
• Strong communication skills—able to align engineers, product, and leadership

What KSAs would be nice for this person to have:

• Domain-Driven Design (DDD): Deep experience applying both strategic and tactical DDD in production environments
• Multi-Cloud Exposure: Experience working across AWS, Azure, and GCP in different contexts
• High-Scale Systems: Experience operating systems at significant scale (e.g., high throughput, low latency systems)
• Community & Thought Leadership: Conference speaking, open-source contributions, or technical blogging
• Business Alignment: Experience shaping technical roadmaps aligned to measurable business outcomes