(Senior) Product Security Engineer

London, United Kingdom

Full Time Senior-level / Expert USD 100K - 160K *
SumUp logo


Grow your business by accepting credit and debit cards with SumUp Card Readers! Easy, secure, and affordable small business card payment solutions.

View all employer listings

Apply now Apply later

(Senior) Security Engineer - Product Security


As a Security Engineer, you’ll  help us ensure that we’re taking all the required steps to build a secure product set and protect our production environments from ever-evolving cyber threats. You'll play a key role in our product engineering ecosystem and partner with engineers from various tribes and squads to oversee the security of our products and features. You’ll be influencing implementation of cutting-edge measures to minimise exposures and vulnerabilities while actively training and educating the engineers on security best practices and latest developments. We will look toward your unique skills to approach and solve problems in your own way while ensuring alignment with our global strategic directions. Whether engineering a system to address a technical security hurdle, protecting the customers' data, or consulting on a wide range of security topics, you are fully empowered to autonomously drive the engagement and promote security best practices cross-functionally.



What you’ll do

  • Own and drive engagement with our engineering tribes while ensuring continuous security posture improvements across the product landscape
  • Proactively detect security deficiencies and flaws in our products and features across software development stages, drive the remediation and improvements and ensure knowledge sharing
  • Perform architectural design reviews and threat modelling exercises of SumUp web/API/mobile solutions and advise on security best practices
  • Perform vulnerability assessments and security testing
  • Provide subject matter expertise on all areas of security and privacy throughout the software development lifecycle
  • Liaise with software development teams for design, code reviews and education and be a security go-to person
  • Implement and review controls to protect data and systems
  • Assist in company-wide security initiatives



You’ll be great for this role if

  • You have a proven and strong depth of expertise in cyber and information security. ideally with hands-on experience in web and mobile security for critical 24/7 applications
  • You’re experienced with security in a DevOps environment and have knowledge of agile methodologies (e.g. sprints, Kanban).
  • You have a comprehensive knowledge of Web/API application security, and cloud and containers technology (Kubernetes, AWS).
  • Experience of using AWS is essential for this position.
  • You have experience in penetration testing and security tooling (Burp proxy, Web/Network Scanners, Static code analysers, etc.).
  • You’ve performed security design reviews, threat modelling and risk assessments.
  • You carry good analytical and reasoning skills with a  passion for technology, the internet economy and mobile applications.
  • You have extensive knowledge of Internet security issues, cloud architectures, and threat landscape.



Why you should join SumUp

  • We’re a truly global team of 3000+ people from 60+ countries, spread across 3 continents.
  • You'll have the opportunity to make an impact as we work in flat hierarchies.
  • You'll attend global offsites and regular team events.
  • You’ll receive a budget for attending conferences and external training. 



About SumUp

We believe in the everyday hero.

Small business owners are at the heart of all we do, so we're creating tools that help them run their businesses. With a founder’s mentality and a 'team-first’ attitude, our diverse teams across Europe, South America and the United States work together to ensure that the small business owners we partner with can be successful doing what they love. 



Job Application Tip

We recognise that candidates (especially female candidates) feel they need to meet 100% of the job criteria in order to apply for a job. Please note that this is only a guide. If you don’t tick every box, it’s ok too because it means you have room to learn and develop your career at SumUp.

* Salary range is an estimate based on our salary survey at salaries.infosec-jobs.com
Job region: Europe
Job country: United Kingdom
Job stats:  6  0  0
  • Share this job via
  • or

Other jobs like this

Explore more Cyber Security career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.