Job title: Security Engineer
Location: London, Bristol or Edinburgh (Including hybrid)
Salary: £63,000 - £93,000
Team: Security Engineering Team
Reporting To: Security Engineering Manager
This role is based in the Bristol, London or Edinburgh and requires existing right to work in the UK.
At this time, we are not able to offer visa sponsorship for this role. We are committed to building a diverse, global team and our sponsorship policy is evaluated on a role-by-role basis. We encourage you to keep an eye on our careers site to stay informed about future opportunities where we are able to offer visa sponsorship.
Kaluza is the Energy Intelligence Platform, turning energy complexity into seamless coordination. We help energy companies overcome today’s challenges while accelerating the shift to a clean, electrified future.
Our platform orchestrates millions of real-time decisions across homes, devices, markets and grids. By combining predictive algorithms with human-centred design, Kaluza makes clean energy dependable, affordable and adaptive to everyday life.
With teams across Europe, North America, Asia and Australia, and a joint venture with Mitsubishi Corporation in Japan, we power leading companies including OVO, AGL and ENGIE, as well as innovators like Volvo and Volkswagen.
Where in the world of Kaluza will I be working?
You’ll be joining the Information & Cyber Security team, which is a core part of our Platform & Security Engineering organisation. Security at Kaluza isn't a silo; you’ll work alongside specialists across identity and access management, cloud security, security operations, and security architecture.
Beyond the security team, you’ll be closely aligned with our colleagues in SRE, Platform Engineering, and Developer Experience. Our goal is to make the "secure path" the easiest path for our developers. As we shift toward becoming an AI-enabled development team, you will lead the way in ensuring tools like Claude and GitHub Copilot are used safely, while having the autonomy to experiment with AI to automate vulnerability triage and remediation.
What you’ll be doing
- AI-Driven Security: Helping our engineers safely adopt AI tools and experimenting with AI to automate the "heavy lifting" of security, such as automated remediation and risk assessment.
- Automated Security Scanning: Implementing and tuning SAST/DAST/SCA tools across the SDLC. You’ll focus on increasing fidelity and reducing noise, ensuring security data flows into engineering workflows to maintain developer "flow state."
- Vulnerability Management: Embedding modern vulnerability management practices within engineering teams. You’ll consult on triage and leverage AI tools to accelerate detection, risk assessment, and remediation.
- Secure Design & Threat Modeling: Partnering with architects, product managers, and engineers to incorporate security early. You’ll lead Threat Modeling sessions and develop secure-by-design principles to guide design thinking.
- Supply Chain Security: Developing robust standards and tooling to safeguard our software against open-source dependency threats and supply chain attacks.
- Security Culture & Champions: Partnering with our Security Champions throughout Kaluza to promote a security-first culture and increase engagement across the technology community.
Is this the job for me? We are looking for an experienced AppSec professional who is as comfortable reading code as they are discussing architecture. Ideally, you’ll have:
- Deep Security Knowledge: Strong familiarity with the OWASP Top 10, API Security (REST/GraphQL), and secure SDLC practices.
- Developer Mindset: You are comfortable working with modern languages - specifically TypeScript & Go - and understand how to secure cloud-native environments.
- Automation Experience: You have implemented security tools within CI/CD pipelines (e.g., GitHub Actions) and prefer automation over manual checklists.
- Consultative Approach: You can explain complex security risks to non-security stakeholders and guide teams toward pragmatic, scalable solutions.
- AI Curiosity: You are interested in both the security risks and the defensive opportunities provided by GenAI.
|
Kaluza Values
Here at Kaluza we have five core values that guide us as a business:
Play to win, Solve the real problem, Build trust every day, Own the outcome, Go further together
|
|
From us you’ll get
- Pension Scheme
- Discretionary Bonus Scheme
- Private Medical Insurance + Virtual GP
- Life Assurance
- Access to Furthr - a Climate Action app
- Free Mortgage Advice and Eye Tests
- Perks at Work - access to thousands of retail discounts
- 5% Flex Fund to spend on the benefits you want most
- 26 days holiday
- Flexible bank holidays, giving you an additional 8 days which you can choose to take whenever you like
- Progressive leave policies with no qualifying service periods, including 26 weeks full pay if you have a new addition to your family
- Dedicated personal learning and home office budgets
- Flexible working — we trust you to work in a way that suits your lifestyle
- And more…
Even better? You’ll have access to these benefits from day 1 when you join.
|
|
We want the best people
We’re keen to meet people from all walks of life — our view is that the more inclusive we are, the better our work will be. We want to build teams which represent a variety of experiences, perspectives and skills, and we recognise talent on the basis of merit and potential.
We understand some people may not apply for jobs unless they tick every box. But if you're excited about joining us and think you have some of what we're looking for, even if you're not 100% sure, we'd still love to hear from you.
Find out more about working at Kaluza on our careers page and LinkedIn.
You can also find our Applicant Data Protection Policy here.
|
