you'll Need to Succeed: Strong foundations in software engineering. Minimum of 7 years of technical experience with any combination of the following: threat modeling experience, securecoding, identity management and authentication, software development, cryptography, system administration and network security. Minimum 2 years experience with Software Development Life Cycle in one or more languages (Rust, Python, Go More ❯
teams. Offer technical guidance, advocate for automation, evaluate designs, and lead our security teams to empower engineering partners with cutting-edge tools, techniques, and methodologies to naturally build secure products. What you'll Need to Succeed/Role Requirements: Strong foundations in secure design reviews, threat modeling experience, code reviews, pen-testing Minimum of 3 years of technical experience with any combination of the following: threat modeling experience, securecoding, identity management and authentication, software development, cryptography, system administration and network security. Minimum 2 years experience with Software Development Life Cycle in one or more languages ( Go, Python, Nodejs … and change management. Experience in running assessments using OWASP MASVS and ASVS. Working knowledge on exploiting and fixing application vulnerabilities. Proven expertise in architectural threat modeling and conducting secure design reviews. In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10 or SANS top 25). Familiarity with automated dynamic scanners, fuzzers, and proxy tools. An More ❯
cases for these requirements. Performing architectural assessments. Creating unified development standards across engineering with input from relevant stakeholders. Participating in code reviews and promoting best practice in relation to coding standards. Creating solutions that are scalable and improve performance, are based on securecoding guidelines which prevent common vulnerabilities (OWASP) and are HIPAA and HiTrust compliant. More ❯
governance or compliance function. It’s about deep technical engagement with the codebase, systems, and application architecture. You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and … vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and securecode reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design from a security-first lens Contributing … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in securecoding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity More ❯
governance or compliance function. It’s about deep technical engagement with the codebase, systems, and application architecture. You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and … vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and securecode reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design from a security-first lens Contributing … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in securecoding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity More ❯
governance or compliance function. It’s about deep technical engagement with the codebase, systems, and application architecture. You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and … vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetration testing, threat modelling, and securecode reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design from a security-first lens Contributing … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in securecoding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity More ❯
