Security Engineer

Be Part of Something Real

Join a leading UK data and software company shaping the future of geospatial and security innovation.

Envitia is a UK-based software and services company that helps organisations unlock the full value of their data to make better, faster decisions. With over 30 years of experience, we specialise in delivering innovative software products, solutions, and consultancy services that transform complex data challenges into actionable insights.

Our mission is to empower customers across defence, government, and national security sectors to harness the power of data — from geospatial intelligence to advanced analytics and AI integration. We are proud to be a trusted partner to UK defence and government organisations, delivering technology that drives smarter, data-driven outcomes.

We’re also delighted to have been named one of The Sunday Times Top 100 Medium-Sized Companies to Work For 2025 — a recognition of our commitment to innovation, collaboration, and creating an outstanding workplace where people can thrive.

The Role

Envitia is recruiting a Security Engineer to join our growing Engineering department, initially working on our largest defence programme.

As part of the hosting engineering team, the successful candidate will specialise in the design, enhancement, and implementation of technical security controls across multi-tenant cloud hosting platforms that underpin our defence clients’ digital strategies.

The role combines the delivery of new security features with the ongoing operation and support of live services. You will also work closely with new tenants to securely transition their applications onto the hosting environment. The platform is already operational, fully approved for use, and deployed across multiple security domains.

This is a hands-on security engineering role and is not focused on security accreditation or assurance activities. Instead, you will be responsible for specifying, configuring, implementing, and testing technical security measures that protect and strengthen the hosting platform.

Responsibilities

• Provide security engineering services as a member of the overall platform engineering service team
• Secure all cloud infrastructure from both a deployment and detection standpoint.
• Coordinate and advise other team members on security approaches and industry best practices
• Coordinate with MOD Security Authorities on risks and appropriate technical control options

·        Design, implement, manage and continually improve service-wide cloud security controls using the inherent / new security products and features provided on the existing hosting platform(S)

·        Architect and enforce Zero Trust and least-privilege models (RBAC, PBAC), restrictions, and platform security controls

·        Monitor security control effectiveness and drive continuous improvement of cloud hosting security governance

·        Ensure all technical security measures from the boundary to the tenant applications are optimal and exceed the MOD specified minimum base security requirements

Experience Required

Security Event Monitoring & Incident Response

• Experience with on-premise Security Information and Event Management (SIEM) systems (e.g., Vmware Aria Operations, Fortinet, Splunk).
• Ability to enhance, operate, and manage SIEM services for multi-tenant cloud platforms.
• Skills in event triage, escalation, and incident investigation, including collaboration with tenants and central SOC teams.
• Familiarity with real-time threat detection, monitoring, and alerting across network, boundary, hosting, and application layers.

Secure Cloud & Infrastructure Engineering

• Hands-on experience with VMware Cloud Foundation (Incl. Aria operations and NSX-T) and related technologies in air-gapped or restricted environments.

·       Security best practices, system and OS level security hardening (CISCAT, NIST benchmarking etc) security vulnerability scanning tools such as Nessus

• Experience with infrastructure as code (IaC) tools (e.g., Terraform, Ansible, Packer) and containerization (e.g., Kubernetes, Tanzu).
• In-house security assessment and testing (e.g. proactive testing before formal 3^rd party pen-tests)

MOD & UK Government Security Standards

• Understanding of MOD security compliance, including UK Security Levels, Secure by Design and NIST frameworks.
• Experience in delivering and supporting accredited solutions at multiple classification levels.
• Ability to assist with Business Continuity Planning, Risk and Asset management and AI Security is desirable

Secure Development & DevSecOps

• Secure development lifecycle practices.
• CI/CD pipeline security and DevSecOps methodologies.
• Container hardening and IaC scanning tools.

Security Clearance Requirements

The successful candidate must be eligible to obtain and maintain a SC level security clearance, DV clearance is preferred.

Location

The role will require travel to Corsham 1 day a week and occasional site visits to Portsmouth and Horsham.

What it's like to work at Envitia

At Envitia, we believe that our greatest asset is our people. We’re committed to fostering a work environment where every employee feels valued, supported, and motivated to excel. Our comprehensive benefits package is designed to enhance both your professional and personal wellbeing, including:

• Annual Leave: 25 days plus your birthday off, with the ability to buy or sell up to five additional days
• Private Healthcare: Comprehensive coverage with additional options for family members
• Training & Skills Development: Ongoing learning opportunities to help you advance your career
• Fitness Reimbursement: Support for gym memberships or fitness-related expenses
• Life Assurance: Extensive life insurance coverage for peace of mind
• Pension Contribution: Competitive options to help you plan for a secure financial future
• Perkbox Subscription: Discounts on a wide range of products and services
• Flexible Work Arrangements: Designed to support work-life balance and personal commitments
• Internal Reward Schemes: Recognition initiatives to celebrate your contributions and achievements
• Community Engagement & Volunteering: Opportunities to support meaningful causes through company-sponsored programs

Inclusion at Envitia

At Envitia, we celebrate diversity and are committed to creating an inclusive environment for all employees. We welcome applicants from all backgrounds and walks of life. We believe that our strength lies in our differences, and we are dedicated to fostering a workplace where everyone feels valued, respected, and empowered.

We encourage applications from people of all abilities, ages, genders, sexual orientations, races, ethnicities, and religions. We strive to support a culture of inclusion, accessibility, and work-life balance.

If you require any accommodations during the application or interview process, please let us know.