Propeller Overview
Propeller is on a mission to reduce wasted fuel, time, and money in delivering services through the power of maps. Our customers use Propeller's integrated hardware and software products to capture accurate 3D versions of their worksites. With over 50,000 worksites worldwide using Propeller's smart survey technology, we empower project teams to map, measure, and manage site activity.
Your Mission
As our first security hire, you will shape how the function grows from here. You'll lead security across our infrastructure, application, and corporate environments. Partnering closely with the Infrastructure Manager and Principal Architect, you will deepen the security craft, making engineering faster and safer, not slower.
Day to day responsibilities
* Setting and driving the security engineering roadmap across cloud infrastructure and IT, the application stack, and the SDLC.
* Building security into how engineering teams ship, through tooling, paved roads, training, and security reviews.
* Defining how we secure AI in the product and across the company, from the ML pipelines behind our imagery and processing, to how all teams adopt AI coding assistants and third‐party model APIs safely.
* Owning and addressing infrastructure security issues, implementing vulnerability management, secure architecture review, and threat modelling end‐to‐end.
* Owning security incident response end‐to‐end: playbooks, on‐call posture, and post‐incident learning.
* Running our annual third‐party penetration test, translating findings into shipped fixes, and building out an internal penetration testing function.
* Defining the security metrics that matter and reporting on where we're improving and where we're not.
* Owning security compliance and reporting across our certifications, including SOC 2 Type II, and driving future certifications such as ISO 27001, UK Cyber Essentials+, and FedRAMP.
* Representing Propeller in customer security reviews and trust conversations.
Requirements
* Cloud and infrastructure security at production scale: AWS, Crowdstrike, Terraform, Kubernetes, containers, Linux and networking fundamentals.
* Application security across the SDLC: threat modelling, secure design review, and shift‐left tooling (SAST/DAST/SCA) integrated into CI/CD.
* Detection and response: defining good logging, alerting, and incident handling in a cloud‐native environment.
* Compliance fluency: experience with SOC 2, GDPR, ISO, and translating controls into operational reality.
* Code and tooling: proficient in Python, TypeScript or bash, automating security work as needed.
* Identity and secrets: IAM design and secrets management.
* Communication and influence: ability to work with engineering teams, write clearly, and lead consensus on security priorities.
* Pragmatism: balancing risk and velocity, designing controls that teams can adopt and not resist.
Bonus points for
* Extensive experience with SOC 2 Type II, ISO, UK Cyber Essentials+, or FedRAMP.
* Extensive experience in Linux and network security.
* Proficiency with web application development and continuous monitoring tools such as Datadog or Prometheus.
* Familiarity with OWASP Top10, CWE, or NIST frameworks.
* Certifications such as CISSP, CCNA, CCNP, AWS Cloud Security, RedHat certifications or similar.
Benefits
* Employee share options
* Career development budget and leave
* The opportunity to take part in our mentorship program
* Mental health resources
* Monthly telephone and/or internet allowance
* Paid primary & secondary parental leave policies
* Hybrid work arrangements and WFH equipment provided
About Propeller
Propeller is for everyone, so come as you are. We value all types of experience, skill, and ability. If you don't think you meet all the requirements, but still think this role would be a good fit, we'd love to hear from you. Diversity makes our team more creative, fun, and effective, so bring your whole self to the application process, and we will too! If you're interested in what life at Propeller is like, check out our employee‐owned Medium blog page!
#J-18808-Ljbffr