Senior Product Security Engineer - London/Hybrid

Senior Product Security Engineer - London

£520 per day (Inside IR35) - 2 days per week in the City of London (Bank/Cannon St tubes) - 6 months rolling

A global leading financial payments provider is seeking an experienced Senior Product Security Engineer to join their ever evolving Cyber team to help them unleash the potential of every business.

About the Senior Product Security Engineer:

The product security team is seeking a dynamic and motivated individual to join their new and growing team. The product team will be instrumental at defining the vision to help secure the company going forward. You will work closely with development teams to secure applications by identifying, mitigating, and preventing security risks throughout the software development life cycle.

    Role Overview for the Senior Product Security Engineer: 

    • The Senior Product Security Engineer is the primary partner for embedding security into every phase of the product life cycle.
    • From design and development to deployment and maintenance.
    • You will work closely with engineering, product management, and compliance teams to ensure products are secure by design and resilient in production.
    • You will define and implement security policies, manage vulnerability backlogs, and lead threat modelling and incident response efforts.

    Responsibilities for the Senior Product Security Engineer:

    • Define and implement security policies and tooling across the product life cycle, from design and development to deployment and maintenance.
    • Lead threat modelling for new and existing applications, guiding teams and ensuring outputs are documented and tracked.
    • Manage the product vulnerability backlog, prioritizing remediation of high and critical vulnerabilities, and tracking key metrics such as open vulnerabilities, SLA compliance, and average age of vulnerabilities.
    • Coordinate bug bounty findings and ensure timely remediation.
    • Conduct root cause analysis (RCA) for security incidents and systemic vulnerabilities, using insights to drive developer training and systemic fixes.
    • Drive incident response efforts as Investigation Lead or Incident Commander, including facilitating tabletop exercises to test and improve incident readiness.

    What you bring as the Senior Product Security Engineer:

    • Deep expertise in vulnerability management, threat modelling, security architecture, and secure SDLC practices.
    • Strong background in incident response, root cause analysis, and bug bounty program management.
    • Excellent communication and stakeholder management skills, with experience driving cross-functional initiatives.
    • Experience with third-party risk management, security assessments, and regulatory compliance.
    • Experience working with CI/CD teams to implement new security technologies in the pipeline. Including SAST, DAST, and SCA tools.
    • Experience partnering with cross-functional teams to deliver impactful security initiative.

    Senior Product Security Engineer - London

    £520 per day (Inside IR35) - 2 days per week in the City of London (Bank/Cannon St tubes) - 6 months rolling

    Apply Now
    Apply Now

    Job Details

    Company
    REAL Technical Solutions Limited
    Location
    London, United Kingdom
    Hybrid / Remote Options
    Employment Type
    Contract
    Salary
    GBP Daily
    Posted