Senior DevOps Engineer (Security)

  • DevOps
  • Permanent
  • United Kingdom

We're open to hearing from fully/partially remote or London-based candidates, as we work from everywhere in Europe within GMT +2 hours

About us

Bloom & Wild is re-inventing the $60B global flower industry. Over a billion flower exchanges take place every year and industry satisfaction levels are low. We are using technology and data science to build the world’s leading and most loved flower company. We’ve seen impressive traction to date - we are Europe’s largest direct-to-consumer flower company, are growing at 100% year on year, and are in a strong position financially (and have been extremely fortunate to see growth remain strong during the Covid-19 crisis).

We’ve raised multiple rounds of venture capital and private equity funding, have been named one of the 5 fastest-growing tech companies in Europe, and are alumni of Tech Nation’s Future Fifty. We were also one of the Sunday Times Top 100 Small Companies to Work For 2020.

Technology at Bloom & Wild

Our Technology team is 35 people strong and growing! We are split into squads - multi-functional, agile teams each passionate about the development and delivery of products and features on our platform. As our business scales, we are maturing our approach towards our web infrastructure security. Introducing this role is an important step for us to reach our goal of prioritizing, resolving, and preferably preventing security issues before they arise.

We operate a modern e-commerce platform written in Ruby on Rails alongside an Angular web front-end and native iOS and Android apps. This stack is integrated with many SaaS products used by B&W teams every day. We are using Fargate and Docker to get our software deployed and run in AWS Cloud.

You can read more about our technology and culture over on our tech blog - Code & Wild

The role and ways of working

Our Operations Engineers are largely deployed across various software development teams called squads. They are responsible for ensuring our infrastructure stays up and running and our systems are performing well as we build new features and scale. As a member of our Operations Engineering team focused on our Web Infrastructure Security you will not be embedded in any one squad, but instead, you will operate across all of them, collaborating directly with engineers across the entire Bloom & Wild architecture. You will be responsible for selecting, implementing, and supporting tools and solutions that keep our systems secure at all times and at a level expected of a modern e-commerce business.

Key Responsibilities:

  • Testing, investigating, and discovering live and future threats and security vulnerabilities in our infrastructure, and raising them within the core security backlog and/or with the affected squads.
  • Bringing in good practices and expertise from outside of Bloom & Wild, advising the squads on how best to mitigate their security issues and what tools to use to reduce the risks going forward.
  • With the help of Tech Leadership, building and owning our infrastructure security backlog. Driving implementation efforts across the backlog together with other Operations Engineers and our IT Manager.
  • Keeping up to date on the latest security updates across our infrastructure. You will take ownership of our security incident management process and you will be taking on the role of incident manager as needed, running interactions with various members of the incident response team.

Across the wider Technology team, you’ll work with other engineers to define and implement best in class operations procedures and industry-standard methodologies for our internal and external customer-facing systems across the entire platform. You will actively help to implement and roll-out our PaaS solutions, build self-service tooling, improve processes and infrastructure to support other teams across B&W, always ensuring that we are considering security at the planning and implementation stages of our work.

About You

  • You have professional experience in a hands-on infrastructure security role or an operations engineering role that works closely with infrastructure security.
  • You are very familiar with AWS Cloud infrastructure and you are up to date with its security tooling and monitoring solutions, as well as Identity and Access Management roles. You are comfortable working in a hybrid technology stack with a mixture of SaaS products and bespoke code operating at scale.
  • You have familiarity with various forms of encryption and hashing, and their appropriate use cases. You worked with identity and Access Management systems like Okta and authentication integration via SAML, LDAP, and OAuth. You have a good understanding of network security techniques.
  • You have the ability to participate in off-hours handling of incidents.
  • As a keen collaborator, you’ll enjoy working with various software and ops engineers as well as our IT Manager helping support and manage B&W infrastructure & tooling and building and maintaining our platform with a focus on security, resilience, performance, and efficiency.
  • You'll have good interpersonal skills and the ability to clearly explain your work to engineers and non-technical team members alike.
  • You’ll naturally and actively seek to improve the process, tooling, and architecture of the underlying infrastructure and capabilities to give our customers a great experience.
  • You have experienced DevOps culture and processes.
  • You have a good understanding of Agile Software Development practices.
  • You have commercial experience with Terraform or other infrastructure-as-code /gitops tooling.

Nice to have

  • Experience with testing and securing web infrastructures in a scale-up environment.
  • Experience working with companies manufacturing or fulfilling physical products.
  • Commercial experience with Docker & Fargate.
  • Experience in using Test Driven Development practices.
  • Familiarity with Python and/or Ruby development languages.
  • Previous experience working for an e-commerce business.

Working Environment

Currently, our full team is working from home and adapting quickly to being totally remote. In addition to our normal perks and benefits, we’re supporting each other and maintaining our culture remotely through:

  • Twice weekly online yoga class and access to ClassPass workout content
  • Birthdays, anniversaries, and special occasions celebrated with the team
  • Weekly ‘team drinks trolley’, activities and opportunities to socialize
  • Remote lunch and learns
  • Wellbeing support through online coaching sessions and employee assistance program
  • New slack channels and ways of creating community remotely
  • Specialist online support to talk about the challenges we are facing in the current environment
  • Spill - sessions to qualified therapists for mental health support

We apply our five key values of delight, customer first, care, innovation, and pride in our day to day activities (find out more here) and reward those who are encompassing them exceptionally. Everyone is friendly and sociable, with regular company-wide events.

Return to work and our new normal

The safety and wellbeing of our team is our primary concern during this period, and our return to our beautiful, flower-filled office will be gradual, considered, and only when our team feels safe to do so.

Whilst recognising that some of our team will prefer to work in our office, this period has proven that our team can embrace remote work extremely successfully and our plan moving forward is to find ways of continuing to incorporate remote work into our ways of working.

When we’re in the office:

Our lovely, light, and spacious office is conveniently located close to Vauxhall and Oval stations in London. We have an informal, startup culture, with employee-friendly policies such as:

  • 25 days holiday, with an additional day off for your birthday, plus bank holidays, totaling 34 days, per annum. There is also the option to buy an extra 5 days holiday
  • Choose your laptop and any extra equipment you need to do your best work
  • Free breakfast, snacks, and team lunches
  • Season ticket loan
  • Childcare Vouchers
  • Health cash plan through Simplyhealth
  • Personal Development Budget
  • Family Friendly Policy - including enhanced family friendly packages and a salary sacrifice childcare scheme
  • Pension Contribution
  • Cycle to Work Scheme
  • Lunch & Learns
  • Discounted blooms
  • Bloom & Go Wild trips - most recently we went to Paris!

See more on what it’s like to work at Bloom & Wild here.

Our Recruitment Process

Given the current situation in the UK due to COVID-19 the interview process will be conducted remotely. This will involve an interview with the hiring manager, Principal Developer and data scientists.

Your application experience is important to us and we’re keen to adapt to make every interaction even better. We welcome feedback on our recruitment process and would love to hear from you directly on how we can improve. If you have any suggestions please feel free to let us know here.

We really care about creating a diverse and inclusive team - so we welcome people from all backgrounds, with different perspectives, ideas and experiences to work with us. In our team, everyone has the freedom to give their opinion, grow in their career and be part of a genuinely caring and inclusive team.