Rodeo
ResourcesPartnersSign in

Complexio

Platform Security Engineer

London
Posted 4 months ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Platform Security Engineer

About Complexio

Complexio is the intelligence layer for enterprise AI. Our platform builds a connected understanding of how businesses actually operate - across people, processes, and systems.

Our Event Knowledge Graph ingests structured and unstructured data to create a living map of how an organisation truly works - every task, interaction, and dependency. Built on this foundation, our Automated Automations Engine discovers, designs, and executes workflows autonomously, while Stevie, our conversational AI assistant, gives teams a natural way to interact with enterprise data and processes.

Complexio is a joint venture between Hafnia and Símbolo, backed by leading maritime partners including Marfin Management, C Transport Maritime, Trans Sea Transport, and BW Epic Kosan. We started in maritime and are now scaling rapidly across industries.

We're a global team working on one of the hardest problems in enterprise tech: building AI that truly understands how businesses work, and acts on it. If that sounds like your kind of challenge, read on.

The Role

We are looking for a Platform Security Engineer (Senior+) to join our Product Security domain. This role exists because the scope and importance of our work has outgrown the capacity of a single person.

Our platform underpins multiple products and handles sensitive, high-value data. At its core sits a large, graph-based data store that powers downstream systems. Building and securing access to that data, correctly and pragmatically, is critical to the company.

This is a hands-on engineering role. You will design, build, and ship production-grade security and privacy controls, not just define policies or review designs from the sidelines.

What You’ll Be Working On

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

You will take ownership of platform-level trust and safety concerns, including:

  • Designing and implementing authentication and authorization for a large, graph-based database (hundreds of thousands of nodes)
  • Building and evolving secure OAuth-based AuthN/AuthZ flows, including token handling, permission models, and enforcement
  • Making concrete improvements to production security posture
  • Auditing, understanding, and improving data flows and data-privacy controls, ensuring sensitive data does not end up where it shouldn’t
  • Acting as a security and privacy gatekeeper in reviews — asking hard questions and requiring changes when needed
  • Improving and maintaining supply-chain security, including SAST, SCA, container scanning, and CI/CD hardening

This role is intentionally broad. You will not be a single-domain specialist, and you will not be shielded from complexity.

What Success Looks Like

After ~90 days, a successful hire will have:

  • Shipped meaningful, production-level security improvements
  • Taken ownership of parts of the AuthN/AuthZ model and implementation
  • Developed a solid mental model of our data flows and privacy risks
  • Earned trust across teams as someone who can say “this is not okay” — and explain why, with facts
  • Reduced risk in practical ways, not through security theatre

Requirements

How you’ll work

This is a high-autonomy role. You are expected to scope problems yourself when needed.

  • You will collaborate closely with engineers across the company, not operate as a silo.
  • Disagreement is normal — decisions should be backed by reasoning, data, and threat modeling, not ego.
  • Blocking a release on security or privacy grounds is possible when warranted, with clear escalation paths.
  • If you see a problem, even outside your direct domain, you are expected to help fix it.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Required

What we’re looking for:

  • Strong proficiency in Python (our primary language)
  • Deep understanding of authentication and authorization concepts, including OAuth, JWTs, permission models, and secure token handling
  • Experience designing and securing non-trivial data systems
  • Ability to reason about risk, trade-offs, and real-world constraints
  • A track record of shipping real security improvements, not just writing policy

Strongly Preferred

  • Experience with graph databases, ideally Neo4j or similar
  • Experience with CI/CD and supply-chain security (SAST, SCA, container scanning, pipeline hardening)
  • Experience with Go or Rust
  • Some familiarity with frontend or React (not required, but useful for end-to-end thinking)

What This Role Is Not

  • Not a policy-only or advisory role
  • Not a role with pre-defined, perfectly scoped tasks
  • Not about chasing tools without understanding the problems they solve
  • Not security theatre

If you need everything spelled out, or prefer to avoid ambiguity, this role will be frustrating.

Seniority & growth

This role is intentionally levelled as Senior+. We are open to hiring at different seniority levels if the fit is right. Titles matter less than ownership, judgment, and impact.

Why Join

You’ll work on core platform security problems that directly affect how data is accessed, protected, and trusted. You’ll have real influence, real responsibility, and the space to do things properly, without losing sight of pragmatism.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Python
Authentication
Authorization
OAuth
JWTs
Permission Models
Secure Token Handling
Data Systems
Risk Assessment
Supply-Chain Security
SAST
SCA
Container Scanning
CI/CD
Graph Databases
Go

Location

London, England, United Kingdom

Sign up to applySee more jobs like this