About Flo Health
Flo is the world’s #1 health app focused on building a better future for female health, backed by a $200M investment and valued at $1B in 2024.
With over 400 million downloads, 75 million monthly users, and 6 million paid subscribers, Flo has the highest-rated experience in the App Store’s health category.
We are building the next generation of digital health—AI-powered, privacy-first, clinically backed.
The job
As a Senior Security Engineer, you will play a pivotal role in supporting Flo Health’s security posture, protecting applications and infrastructure, managing vulnerabilities, responding to incidents, and implementing security measures at scale.
You will develop custom tooling and embed security best practices into the product lifecycle to stay ahead of emerging threats.
Responsibilities
- Develop regular touchpoints with key stakeholders.
- Manage vulnerabilities by triaging, investigating risks, verifying fixes, and driving remediation across teams.
- Implement security measures such as configuring WAF rules, setting rate limits, and deploying controls to protect the environment.
- Develop and maintain custom security tooling for enhanced capabilities and automation.
- Support product security assessments, threat modeling, and penetration testing.
- Enhance secure development lifecycle (SDLC) security gates.
- Dive into emerging security challenges flexibly as part of a small team with big responsibilities.
- Investigate and triage security alerts and incidents.
- Gather, curate, and communicate threat intelligence.
- Advise business stakeholders on cybersecurity issues.
- Generate reports for technical and non-technical audiences.
Qualifications
- At least 7 years of experience in information security.
- Hands-on experience with AWS or similar cloud platforms and Cloudflare.
- Proficiency with Infrastructure as Code tools such as Terraform.
- Strong knowledge of vulnerabilities including OWASP Top 10.
- Ability to read code in Python, Scala, and proficiency with Git.
- Experience with SIEM and vulnerability scanning tools.
- Nice to have: Certifications like CISSP, OSCP.
- Experience supporting ISO27001 audits.
- Knowledge of security risk management frameworks (ISO31000) and control frameworks (CIS, NIST800-53, ISO27001).
- Familiarity with iOS or Android security.
Working at Flo
We are a mission-led, product-driven team that moves fast, stays focused, and takes ownership.
We value commitment, resilience, and purpose-driven work to improve health outcomes.
Benefits
- Competitive salary (£90,000-£110,000 GBP) with annual reviews.
- Performance incentive scheme participation.
- Paid holiday, sick leave, and female health leave.
- Enhanced parental leave and pay.
- Opportunities for professional growth and learning support.
- Flexible hybrid work setup with office and home, plus up to 2 months working abroad.
- 5-week fully paid sabbatical after 5 years.
- Flo Premium for friends & family, plus health, pension, and wellbeing perks.
Diversity, Equity, and Inclusion
We are an equal opportunity employer committed to hiring based on merit and skills.
Applicants from all backgrounds, communities, and identities are welcome.