Senior Security Engineer

London, England, United Kingdom

Applications have closed

Kroo

Who you bank with matters. Kroo Home Page.

View company page

We’re on a mission to build the world’s greatest social bank. We believe that banking needs to change for the better. When money is used correctly, it can transform our daily lives and positively impact the planet. We’re searching for an Assistant Company Secretary. The Kroo is growing and we’d love to hear from you if you’re interested in joining us on our journey!

About the Team

We are a multi-disciplined team of experienced technology, banking, customer experience, marketing, and legal professionals who share a passion for the company’s mission and believe in a collaborative approach to creating the greatest social bank. We are building a diverse team of inquisitive people who want to understand customer needs and behaviour so we can develop innovative products that change people’s lives for good. We are looking for a Senior Security Engineer to help us design and implement our mobile applications, services and websites to the highest security standards.

Requirements

Your primary areas of accountability will include:

  • Analyse security systems and seek improvements on a continuous basis,
  • Identify, assess and remediate security vulnerabilities,
  • Automate security processes and procedures,
  • Identify, define and document system security requirements and recommend solutions to management,
  • Develop best practices and security standards for the organisation,
  • Help design robust security for web/ mobile front ends, micro-service architecture,
  • Help teams ensure products and services are secure by design, within the risk appetite, and meet compliance requirements, group standards and policies,
  • Collaborate with relevant stakeholders to ensure alignment to the cybersecurity strategy and securing the bank’s technology,
  • Help teams ensure compliance with internal audit and external regulators.


To be successful in this role you should have skills and experience in multiple domains, such as application security, network security or security operations. You need to have programming experience and the ability to proactively seek out efficient and repetitive solutions to security challenges.

At a minimum, you have at least 3 years of experience in system, network or application security.

You should also have a proven experience and knowledge with any combination of the following:

  • Threat modelling and risk assessments,
  • Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS…),
  • Experience with designing and administering identity management (authentication and authorization including policy enforcement points, token services, protocols such as OAuth2),
  • Working knowledge of cryptography including encryption, signing and digital certificates,
  • Principles of securing mobile applications and web services,
  • Docker or kubernetes and infrastructure as code,
  • Event driven streaming technologies,
  • Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs,
  • Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform),
  • Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes,
  • Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP),
  • Security certification such as CISSP, CCP, SANS, GAIC, Ethical Hacker,
  • Experience in working in regulated company, preferably with a FinTech/ banking background and experience in DevOps,
  • Excellent oral, written communication and presentation skills.

Benefits

What we offer:

  • 25 days holidays + UK Bank holidays + Kroo Bank holiday (24th June) + you’ll also get your birthday on us.
  • 3 x personal health days
  • All new starters are granted options in our company share options scheme so you can benefit from growing Kroo
  • Access to our workplace pension with a 3% employer contribution
  • All the equipment you need to work effectively, usually a Macbook Pro as standard.
  • Access to a modern, bustling office in Holborn, Central London with a free gym.
  • Cycle to work scheme
  • Salary Sacrifice Electric Vehicle scheme through Octpus EV
  • Access to a leading UK mental health support through Spill.chat
  • Extended parental leave
  • 4 hours per month to support charities you believe in
  • High degree of autonomy with support from an experienced and supportive team
  • Room to grow and excel within a fast paced, high grow growing start-up
  • An ethically conscious company that is truly trying to change what’s most broken about the industry


Office/remote working

We operate under a hybrid policy allowing individuals and teams a high degree of autonomy to use the office as and when it will be most productive. We have a beautiful office in Holborn, which, when used for the right things, can be a useful and powerful tool. Currently we see a blended model of working 1-2 days a week in the office, so candidates that are able to travel in occasionally are the best fit for our current working practices.

Diversity

We are firmly committed to creating and maintaining a diverse and inclusive workplace in which all employees are valued, respected, safe, supported, and listened to without judgement or prejudice. These principles apply to all, regardless of race or ethnicity, age, gender, gender identity or expression, national origin, sexual orientation, mental or physical ability, religion, appearance, political beliefs, educational background, class, and position or tenure within the company. Diversity, Equity, and Inclusion are central to the direction we take at Kroo, and are considered across all aspects of our business.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile Application security AWS Banking CI/CD CISSP Cloud Compliance Cryptography DAST DevOps DevSecOps DNS Docker Encryption FinTech Firewalls GCP IAST Kubernetes Monitoring Network security OWASP Risk assessment SANS SAST SDLC Strategy Terraform Vulnerabilities

Perks/benefits: Career development Equity Gear Health care Parental leave Startup environment

Region: Europe
Country: United Kingdom
Job stats:  13  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.