
Sentinel42 Ltd is a Manchester-based cyber security and AI governance consultancy, founded and run by a practitioner with 16+ years in the field. Alongside the consulting practice we've built and launched Sentinel42 — a multi-framework ISMS platform at isms27001.live covering ISO 27001, SOC 2, ISO 42001 (AI), ISO 9001, DORA, NIS2 and the NCSC CAF. It's live, it has a pricing model, and it has a sales pipeline being built around it right now. What it needs next is an engineer to take it from a rapid-build stack to production-grade infrastructure.
The platform was built at speed on Lovable (React front end with a Supabase back end). It works — but a compliance product sold to security-conscious buyers needs infrastructure that matches the pitch. Your job is to move it to AWS properly, then own it:
– Migrate — re-platform the application from Lovable to AWS — architecture of your design, justified to us in plain English
– Harden — make the infrastructure something an ISO 27001 auditor would nod at: IAM least-privilege, encryption at rest and in transit, backups, logging and monitoring, UK/EU data residency
– Maintain — own releases, dependency updates, uptime and the small stream of product improvements that come from client feedback
You'll work directly with the founder. No committees, no ticket bureaucracy — you propose, we agree, you build.
Equity is released as milestones are delivered and accepted — a structure mirroring how we reward our commercial partners. Indicative shape (final scope and percentages agreed in the contract):
Milestone (delivered and accepted)
Equity released
1
Technical audit of the current build plus target AWS architecture and migration plan
Tranche 1
2
AWS foundations stood up: environments, IaC, CI/CD pipeline, database migration path proven
Tranche 2
3
Full migration and cutover — isms27001.live served from AWS with zero client data loss
Tranche 3 (largest)
4
Security hardening and evidence pack: monitoring, backups/DR, IAM review — audit-ready
Tranche 4
5
Sustained maintenance: agreed release cadence and uptime over the following months
Tranche 5 (time-based)
No deadlines imposed on you — milestones are sequenced, not scheduled. Deliver M1 in a fortnight of evenings or over two months; the equity is the same. The contract includes a long-stop date, good/bad-leaver terms and IP assignment, and you'll be advised to take independent tax advice on the equity
– Full-stack confidence — React/TypeScript and Postgres — you can read a Lovable/Supabase codebase and know what to keep, wrap or rewrite
– Real AWS experience — you've run production workloads and can design within the Well-Architected Framework: VPC, IAM, RDS, S3, CloudFront, ECS/Lambda, Terraform or CDK
– Security instincts — you don't need to be a CISO — you're joining one — but least-privilege, encryption and audit logging should be reflexes, not chores
– Self-direction — you can own a roadmap without being managed, and communicate trade-offs in plain English
– Bonus — experience with compliance tooling, multi-tenant SaaS, or taking a no-code/low-code build to production
– Genuine equity in a launched, revenue-model SaaS — not options in a pitch deck — a stake in a live product with paying-customer pricing and an active global sales push
– Founding-engineer authority — the AWS architecture will be yours; every future hire inherits your decisions
– A security education money can't buy — work alongside a CISM-qualified ISO 27001/42001 lead auditor building the product he uses with real clients
– Your pace, in writing — the own-pace, milestone-based structure is in the contract, not a verbal promise
Click apply 'Founding Engineer' No CV theatre needed — send three things:
– A short note on how you'd approach a Lovable/Supabase to AWS migration (five sentences is plenty)
– A link to something you've built or run in production — repo, case study or write-up
– Roughly how much time you could give it, so we can sanity-check the milestones together
We'll reply to everyone. First conversation is an informal 30-minute video call — you assess us as much as we assess you
16 Whitby Close, BL8 2TX, Bury

SME Cyber & AI Compliance Subscriptions • 1-10 empleados
En JOB TODAY desde julio, 2026
Sentinel42 is a London-based cyber security and AI governance consultancy helping organisations achieve and maintain compliance with frameworks including ISO 27001, ISO 42001, SOC 2 and Cyber Essentials. We are launching subscription packag
Publica una oferta y contrata