Security Engineer

We’re on a mission to build the world’s greatest social bank. We believe that banking needs to change for the better. When money is used correctly, it can transform our daily lives and positively impact the planet. We’re searching for a Security Engineer. The Kroo is growing and we’d love to hear from you if you’re interested in joining us on our journey!

About the Team

We are a multi-disciplined team of experienced technology, banking, customer experience, marketing, and legal professionals who share a passion for the company’s mission and believe in a collaborative approach to creating the greatest social bank. We are building a diverse team of inquisitive people who want to understand customer needs and behaviour so we can develop innovative products that change people’s lives for good. We are looking for a Security Engineer to help us design and implement our mobile applications, services and websites to the highest security standards.

Your primary areas of accountability will include:

• Analyse security systems and seek improvements on a continuous basis,
• Identify, assess and remediate security vulnerabilities,
• Automate security processes and procedures,
• Identify, define and document system security requirements and recommend solutions to management,
• Develop best practices and security standards for the organisation,
• Help design robust security for web/ mobile front ends, micro-service architecture,
• Help teams ensure products and services are secure by design, within the risk appetite, and meet compliance requirements, group standards and policies,
• Collaborate with relevant stakeholders to ensure alignment to the cybersecurity strategy and securing the bank’s technology,
• Help teams ensure compliance with internal audit and external regulators.

Requirements

To be successful in this role you should have skills and experience in multiple domains, such as application security, network security or security operations. You need to have programming experience and the ability to proactively seek out efficient and repetitive solutions to security challenges.

At a minimum, you have at least 3 years of experience in system, network or application security.

You should also have a proven experience and knowledge with any combination of the following:

• Threat modelling and risk assessments,
• Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS…),
• Experience with designing and administering identity management (authentication and authorization including policy enforcement points, token services, protocols such as OAuth2),
• Working knowledge of cryptography including encryption, signing and digital certificates,
• Principles of securing mobile applications and web services,
• Docker or kubernetes and infrastructure as code,
• Event driven streaming technologies,
• Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs,
• Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform),
• Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes,
• Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP),
• Security certification such as CISSP, CCP, SANS, GAIC, Ethical Hacker,
• Experience in working in regulated company, preferably with a FinTech/ banking background and experience in DevOps,
• Excellent oral, written communication and presentation skills.

Benefits

What we offer:

At our cutting-edge fintech company, we know that attracting and retaining the best talent means offering top-notch benefits that help our employees thrive both in and outside of work. Check out what we currently offer:

• Generous holiday time: 25 days annual leave, 8 bank holidays, 1 Kroo bank holiday (June 24th), and 1 day off during the week of your birthday.
• Personal days: We know that life can be unpredictable, so we offer 3 personal days to use as needed.
• Employer-sponsored volunteer program: We're passionate about giving back to our community, and we support our employees in doing the same with up to 4 hours per month of employer-sponsored volunteer time.
• Mental health support: We care about the mental health of our team members and offer access to Spill, our mental health support partner.
• Workplace pension: We want you to feel secure about your future, so we offer a workplace pension with a 5% employee contribution and a 3% employer top-up.
• Learning and development: After 1 year of service, you'll have access to £500 from the Kroo Learning Fund to invest in your career development.
• Top-notch equipment: We provide top-of-the-line equipment necessary for smooth hybrid work, including a MacBook laptop. Additionally, we also offer support in establishing your home office by contributing towards your setup if required.
• Modern office: When you're in the office, you'll enjoy access to our modern, bustling workspace in Holborn, Central London, which includes a full gym.
• Cycle to Work scheme: We encourage sustainable transportation with our Cycle to Work scheme.
• Electric Car scheme: We're committed to reducing our carbon footprint, and our Electric Car scheme makes it easy for our employees to do the same.
• Enhanced parental leave: We know that family comes first, and we offer an enhanced parental leave policy to support our employees in starting and growing their families.
• Room for growth: As a fast-paced, high-growth start-up, we're dedicated to providing our employees with room to grow and excel.
• You get full healthcare for you and your nuclear family via Vitality.

Hybrid Working:

At Kroo Bank, we have a hybrid policy that gives both individuals and teams a lot of freedom when it comes to using the office space to boost productivity. Our London office is a great resource when used effectively. So, employees who can occasionally come to the office are a good fit for how we work right now. Keep in mind that this job involves working from Monday to Friday, with a mix of remote and office work, so you won't need to be on-site all the time.

Diversity and Inclusion:

We wholeheartedly uphold our commitment to fostering a diverse and inclusive workplace. Every employee is highly regarded, respected, and supported without any form of judgement or prejudice. We consider Diversity, Equality, and Inclusion as fundamental pillars guiding our path in all aspects of our bank. We also ensure that reasonable adjustments are made available to all candidates throughout the recruitment process.

To all Recruitment Agencies:

At Kroo Bank, agency resumes are strictly prohibited. Do not submit agency resumes or forward them to our job advertisements or Kroo Bank employees. Be aware that Kroo Bank will not assume any responsibility for fees incurred due to unsolicited resumes.

To ensure a fair and efficient application process, all candidates are kindly requested to submit their applications directly through the advertised platform. We kindly ask that you refrain from reaching out to the company or its employees via email, LinkedIn, or any other communication channels for inquiries or updates. Please note that any attempts to contact us through these channels will not receive a response. Thank you for your understanding and cooperation.