Senior Threat and Vulnerability Engineer

About ENSEK

We help retailers lower operating costs, improve billing accuracy for consumers, and enhance customer experience through automation and AI‑driven insight, all underpinned by modern, cloud‑native architecture.

ENSEK is at an exciting inflection point as we scale at pace towards new international horizons. If you’re driven by solving complex, real‑world problems and want to build modern technology that accelerates the global energy transition, you’ll feel right at home with us.

About the role

3 line snapshot of the scope

Key responsibilities:

People:

• Demonstrate a growth mindset, actively seeking feedback and opportunities to improve.

• Foster psychological safety by welcoming diverse opinions and contributing respectfully.

• Take ownership of assigned tasks, ensuring proactive communication and follow-through.

• Demonstrate resilience and adaptability when facing challenges.

Product:

• Understand product purpose and customer value, incorporating this understanding into daily work.

• Use threat and vulnerability data to inform technical decisions, strategic direction and remediation

plans.

• Maintain awareness of the commercial and security landscape, ensuring solutions are cost-conscious

and proportionate.

Security & Compliance:

• Leverage external and internal threat intelligence to proactively inform design decisions, incident

response, and remediation planning.

• Translate threat landscape intelligence into actionable plans, ensuring appropriate horizon scanning

aligned with company growth objectives.

• Support and continuously improve Security Incident processes to enable the organisation to respond at

pace.

• Drive improvement in ENSEK's vulnerability management programme and associated processes.

Information Security & Risk Management

• Communicate threats and risks clearly to non-technical stakeholders, enabling streamlined and

prioritised remediation

• Continuously identify evolving threats to the organisation's security perimeter.

• Continuously identify evolving threats to the organisation's security perimeter.

• Assess technical designs using threat modelling methodologies (STRIDE, PASTA, DREAD, etc.) to embed

security at the design stage of the Secure Software Delivery Life Cycle.

• Drive ENSEK's Vulnerability Management Assessment processes to meet complex and evolving

regulatory requirements

Experience required:

Security

• Ability to interpret complex threat intelligence to disseminate to technical and non-technical stakeholders.

• Strong commitment to security best practices and alignment with internal policies and regulatory

requirements.

• Proven ability to perform in-depth technical threat and vulnerability assessments across infrastructure and

application code.

•

Vulnerability Management

• Experience proactively utilising internal tooling and industry knowledge to identify vulnerabilities across

on-premises infrastructure and SaaS offerings.

• Ability to determine and prioritise appropriate remediation pathways for vulnerabilities, weaknesses, and

threats.

• Ownership of end-to-end vulnerability management — from identification through remediation to

eradication.

Threat Intelligence

• Actively collect, interpret, and disseminate relevant threat intelligence in real time.

• Provide horizon-scanning insights that support ENSEK's ambitious growth plans.

• Communicate with internal and external stakeholders on threats relevant to ENSEK's environment.

• Upskill the wider team and organisation on evolving threats and assessment methodologies.

• Growth Mindset: Role models continuous learning, embraces feedback, and fosters a culture of

improvement and innovation.

• Ownership: Demonstrates high accountability, sets clear expectations, and creates a safe-to-fail

environment.

• Psychological Safety: Champions inclusivity defines values and practices that promote diversity and sets

goals for diverse teams.

• Challenge & Support: Creates an environment of high support and high challenge, encouraging respectful

debate and broad thinking.

• Resilience: Recognises and removes stressors, role models positivity, and galvanises the organisation

during setbacks.

Company Benefits

• 25 days’ holiday + bank holidays

• Option to buy or sell 5 extra annual leave days per year

• Vitality Health Insurance, including private healthcare, virtual GP access, mental‑health support and wellbeing perks (50% off gym memberships -Virgin Active, Nuffield, PureGym)

• Pension with 5% matched contribution

• Regular team‑wide and company‑wide events

• 2 volunteering days per year to give back

• Remote‑first working environment with offices in London and Nottingham