Software Engineer, Security

We're putting together a talented team to build the #1 training platform for Runners

We help everyday runners become outstanding by providing world-class training, coaching and community for everyone, whether you're improving your 5k time or training for your first marathon. To date we have built iOS, Android and Apple watch apps that help people achieve their goals by coaching them through the full journey and syncing to their favourite fitness devices.

We’re growing extremely fast and in November 2023 closed a new £5M funding round led by JamJar with participation from Eka Ventures, Venrex and Creator Ventures. We want to grow as fast as we can into the future and are looking for individuals who will help us get there. For more about our background and growth check out our Careers Page!

We’re now looking ahead to the future and the people who want to help us build and scale Runna. Our aim is to reach millions of subscribers in the next 5 years and be the go-to training platform for any runner. Now is a magical time to join, we're still small, and everyone makes a foundational difference.

Who we’re looking for

We are looking for a talented, creative, and proactive Security Engineer to join our highly skilled cross-functional engineering team and take ownership of security across the entire organisation. As the first security engineer, you’ll lead efforts to ensure our cloud infrastructure, applications, and internal processes meet the highest security standards. You’ll work closely with the engineering, product, and leadership teams to establish a strong security culture while also ensuring compliance with relevant regulations.

You will partner with our CTO and founders to shape the future of security at Runna and play a critical role in safeguarding our product as we scale. As our first dedicated security hire, you’ll have the freedom and support to build a security roadmap from the ground up.

As a Security Engineer, your role will include:

• Lead the effort to secure our cloud infrastructure, ensuring secure deployments, access controls, and robust incident response strategies.
• Establish security monitoring and alerting to detect, respond to, and mitigate potential threats in real-time.
• Own and drive compliance initiatives (such as GDPR, Cyber essentials) to ensure our organisation meets the required standards.
• Implement and enforce best practices for encryption, identity and access management (IAM), and network security across the platform.
• Partner with product, engineering, and business teams to ensure security is embedded in all stages of development and product lifecycle.
• Create and manage a bug bounty program to incentivise external researchers to identify and report security vulnerabilities.
• Educate and train the wider team on security best practices, fostering a security-first mindset across the organisation.
• Stay ahead of emerging threats and technologies, ensuring we adopt the latest tools and practices to maintain a secure environment.
• Collaborate with external security firms for audits, penetration testing, and other assessments to validate our security posture.

Software Engineer Interview Process

Our aim is to keep the interview process as straightforward and enjoyable as possible, and will consist of the following stages:

1. Kick off! (apply below)
2. Introductory chat (30-minute video call)
3. 1-hour technical interview

Once the process is finished, we promise to let you know our decision as soon as possible.

Requirements

What experience we’re looking for

If you don’t quite meet all of the below skills, we’d still love to hear from you as we might be able to tweak the role slightly or offer you a position better suited for you. You can apply directly below or contact us if you’re still unsure.

Your key experience:

• 3+ years in a Security Engineering role or similar
• 2+ years working with cloud infrastructure (preferably AWS) or as a platform engineer
• You’ve led the development and implementation of key security projects
• Experience with security frameworks, policies, and compliance standards (e.g., SOC 2, GDPR, ISO 27001)
• Familiarity with penetration testing, vulnerability assessments, and incident response gained through practical experience

Your key skills:

• Experience with securing cloud infrastructure, ideally within AWS (e.g., VPC, IAM, Security Groups, CloudTrail, GuardDuty).
• Experience with encryption, key management, and identity and access management (IAM).
• Hands-on experience with infrastructure as code tools (e.g., CloudFormation, Terraform) and CI/CD pipelines.
• Experience with security monitoring and observability tools (e.g., AWS CloudWatch, Aikido, Datadog).
• A pragmatic mindset, with excellent communication and collaboration skills
• Able to work within a highly-skilled engineering team in a fast-paced, iterative environment

Bonus points if you:

• Have implemented or managed a bug bounty program.
• Have experience with serverless architectures
• Are familiar with DevSecOps principles and integrating security into the CI/CD pipeline.
• Have a strong interest in health/fitness technologies or have worked in a similar tech environment.

Our tech stack

Below you can find a small reflection of our current tech stack:

Frontend:

• React Native (iOS and Android)
• Typescript
• GraphQL (Apollo Client)
• Fastlane
• SwiftUI (Apple Watch)
• Maestro E2E tests

Backend:

• Serverless (AWS)
• Lambdas (NodeJS & Python)
• AWS AppSync
• DynamoDB, S3, SQS, SNS, EventBridge, SageMaker
• Postman API tests

All the other good stuff:

• Sentry
• GitHub Actions
• Intercom, Mixpanel
• RevenueCat
• App Store Connect / Play Store
• Figma

Benefits

We offer a salary of £42,500 - £100,000 (depending on experience), plus equity in the form of Runna stock options.

** Based on years of direct, relevant experience. Software Engineer I £42.5k, Software Engineer II £47.5-60k, Software Engineer III £60-75k, Software Engineer IV £77.5-92.5k, Software Engineer V £95k+

We'll be growing our package of benefits over time. We currently offer:

• Flexible working (we typically work 2-3 days in our office in Vauxhall)
• Salary reviews every 6 months or whenever we raise more investment
• 25 days of holiday plus bank holidays
• A workplace pension scheme where if you pay 5% we pay 3%
• A brand new Macbook, a running watch of your choice, and anything else you need to do your best work
• Private health insurance
• Enhanced family care policy (3 months fully paid leave when a new Runna joins the family, fertility support & other benefits)
• An hour slot each week (during work time) to do a Runna workout

At Runna we have a limited number of employment visas that we are able to sponsor and are limited by govt. guidelines so cannot guarantee a visa sponsorship to all applicants. Please do apply though as we will consider all applicants.