Job Title: Security Engineer Salary: £80,000 to £100,000

We are seeking a Security Engineer, for a fast-growing FinTech firm, specialising in Wealth Management and Financial Advisory. You'll play a pivotal role in establishing and fortifying the firm's cybersecurity infrastructure. As the first dedicated cybersecurity professional, you'll have the unique opportunity to shape and implement security measures from the ground up in a rapidly growing organisation.

Reporting directly to the CTO and collaborating closely with key stakeholders, including Engineering, Head of Platforms, and Head of Compliance, you'll be the go-to expert for all security matters. Your responsibilities will span a wide range of tasks, from reviewing and improving existing processes to championing security-by-design principles across technology disciplines.

Your technical expertise should encompass programming/Scripting languages (Python), industry frameworks, cloud computing, and network security, among other areas.

In addition to your technical prowess, we require strong communication skills and a collaborative mindset. You'll have the opportunity to educate and coach both technology and business groups on cybersecurity best practices, fostering a culture of heightened awareness and responsibility across the organisation.

If you're passionate about cybersecurity, eager to make a tangible impact, and thrive in a fast-paced, innovative environment, we'd love to hear from you.

Responsibilities:

• Lead the implementation of cybersecurity measures, serving as the primary point of contact for all security-related matters.
• Collaborate closely with engineering teams to embed security-by-design principles into development processes.
• Conduct thorough reviews of existing tools and processes, identifying gaps and implementing enhancements to strengthen our security posture.
• Perform security scanning and vulnerability management, taking proactive measures to reduce operational risks.
• Monitor security alerts and implement mitigations to safeguard against potential threats and attacks.
• Develop and deploy tools and automation to streamline common security operations tasks.
• Introduce and integrate tools to enhance internal capabilities for routine security testing activities.
• Drive the development and enhancement of our cybersecurity strategy, with a focus on achieving industry certifications.
• Provide cybersecurity education and coaching to technology and business groups, fostering a culture of heightened awareness and responsibility.
• Collaborate with external cybersecurity consultants for reviews, audits, and assessments.

Required Experience:

• 5+ years of experience as a professional cybersecurity engineer.
• Proficiency in programming/Scripting languages such as Python, PowerShell, etc.
• Familiarity with industry-recognized frameworks (eg, CIS, ISO) and regulatory guidelines (eg, GDPR).
• Experience with intrusion detection, prevention, and management (eg, SIEM).
• Strong understanding of cloud computing and application of security controls in cloud architectures.
• Knowledge of containerization (eg, Docker) and Kubernetes-based service deployment and management.
• Familiarity with distributed event stores such as Apache Kafka.
• Deep understanding of OWASP principles and web application security, as well as security practices for native mobile apps (iOS and Android).
• Proficiency with operating systems (eg, Linux) and command-line interfaces.
• Experience with network security, incident management, and penetration testing.
• Familiarity with automated cloud-based CI/CD pipelines and secure software design principles.
• Experience with project management tools such as Confluence and Jira.