Security Engineer

What you will be doing

We are looking for a driven, talented Security Engineer with knowledge to help us build our SaaS-based anti-money laundering solutions, which help organisations fight financial crime! We are building cutting edge solutions that help reveal the truth for a safer world and stop money ending up in the hands of terrorists. You will join the Security Engineering Team, being involved in technical security analysis to ensure the security of our software supply chain.

As a Security Engineer, you will be 

• Assessing the security of our SDLC and deployed products to help prioritise security engineering work.
• Engaging with engineers and product owners to carry out threat modelling, privacy and security by design activities.
• Working with engineering teams to assess and manage security risk within their codebase and suggest mitigation strategies.
• Working with the Site Reliability Engineering team and the wider engineering community to build automated security assurance tools into our CI/CD pipeline.
• Creating and evangelising best practice and security policies across the business.
• Ensuring ongoing compliance with SOC 2, ISO 27001 and related security programmes. 
• Building and maintaining security infrastructure through Infrastructure as Code tools such as Terraform.
• Building out our security operations capabilities, including automating monitoring, alerting and response. 
• Responding to security alerts raised to ensure speedy remediation and root cause analysis.

Our Tech Stack

Our multi-cloud stack is organised around Java/Kotlin, Go, or Python for our backend languages and TypeScript/ES6+React for our frontend stack. Finally, we also use an event-sourcing model powered by Kafka for our communication bus and gRPC for our intra-service communication protocol. 

We have a strong emphasis on engineering excellence and strive to ship the best possible code and the best possible solutions to our customers.

About you

As a Security Engineer, you will have

• Previous roles focussed on cloud infrastructure and SaaS security.
• Knowledge of information/cyber security standards, e.g. SOC 2, ISO 27001, CIS Controls, CSA STAR, OWASP ASVS, BSIMM.
• Experience with securing the SDLC and CI/CD/CO pipeline.
• Solid understanding of the majority of the following technologies: Windows, Mac, Linux, containerisation, relational and NoSQL databases, SSO, DHCP, DNS, SSH, PKI.
• Experience of audit processes and the need for good record keeping.
• An aptitude for technology with previous roles working in a technical discipline, such as IT Operations, software development or network/security operations.
• Excellent communication skills with the ability to translate complex, technical matters into plain English.
• Demonstrable ability to empathise with stakeholders to present security in a positive light.

Nice to haves:

• Experience with applying formal threat modelling frameworks such as STRIDE or MITRE.
• Experience with infrastructure automation, using Terraform or similar.
• Experience with implementing Security Operations Centre infrastructure and practices.
• Experience with some or all of Docker, Kubernetes,Kafka, Istio, Ambassador, Gitlab
• Software development or scripting experience using open source languages such as Python, PHP, TypeScript etc.

The impact you will have

Building a security culture, processes and tooling is a complex, multi-disciplinary challenge. The role necessitates getting involved in all areas of the business, often working with a mix of senior technical and non-technical stakeholders to establish Security Engineering as a business enabler - finding simple solutions to security problems. 

About us 

ComplyAdvantage is the financial industry’s leading source of AI-driven financial crime risk data and detection technology. Our mission is to neutralise the risk of money laundering, terrorist financing, corruption, and other financial crime. 

More than 1000 companies rely on us to understand the risk of who they’re doing business with through the world’s only global, real-time database of people and companies. Our solutions identify thousands of risk events daily from millions of structured and unstructured data points.

We have four global hubs in New York, London, Singapore, and Cluj-Napoca and are backed by Goldman Sachs, Ontario Teachers, Index Ventures, and Balderton Capital. 

Since 2014, we have raised over $100 million in funding, and in 2022 alone grew by over 40% to over 500 people globally. Over the next 12 months, as our revenue increases, we plan to increase to 600.

No fight against crime is complete without the right values, and we take ours very seriously!

 Focus on the Team - We're Collaborative, Human and Humble

 Kaizen - We're Curious, Proactive, and Agile

 Deliver Results - We're Tenacious, Accountable, and Focused

We can only defeat financial crime if we have the right people with the right values in place, and we're committed to investing in passionate people who are experts in their field. Our culture and working environment are second to none. Don't believe us? See what our employees have to say on Glassdoor.

What’s in it for you?

• Equity as we want you to have a part of what we are building 
• Unlimited Time Off Policy- A work life balance and focus on our wellbeing are critical to keep us performing at our best.
• Hybrid working- We want you to strike a balance and be where you do your best work.  You will work with your manager to agree what is best for you and your team.
• You will also get an annual budget of £215 to kit out your home office
• Opportunity to work on innovative projects with smart like-minded people, who are keen to share their knowledge and continuously improve
• Annual learning budget to drive your performance and career development
• Enhanced parental leave and childcare benefits
• Life Insurance to protect your loved ones 
• Medical insurance through Vitality with pre-existing conditions covered
• Pension contribution through The Peoples Pension

What will happen next

• Your application will be reviewed
• Telephone Interview with the Talent Team
• Hiring Manager Interview 
• Coding Exercise 
• Final Interview 
• Offer 
• Pre-Employment Checks 
• You will start at ComplyAdvantage! 

At ComplyAdvantage diversity fuels our rocket ship and our commitment to inclusion across race, gender, age, religion, identity and experience drives us forward every day. We encourage everyone to apply and aspire to consider every application fairly.

We will handle your information in accordance with our Privacy Policy. For further information, please click here.

We anticipate that all new applications will be reviewed after the new year as the Talent Team are taking advantage of our unlimited annual leave policy and taking some well deserved time off. This will not impact your hiring process as many of our hiring managers also take an extended break. Please feel free to apply and someone from the Talent Team will be in touch in January. Happy Holidays!