3 days/week at home

A little flex time

Job Description

The opportunity

We are seeking an accomplished Application Security Engineer to join the Information Security team at Shieldpay. You will take a lead role in upholding the security of Shieldpay’s products, from early stages in their design to completion and go-live.

We are an ambitious company, processing funds in excess of £30 Billion, with global partners trusting us to securely deliver monies to the right people at the right time. As a result, we are looking for an individual with a natural curiosity for understanding how something works with a view to making continuous security improvements part of the company landscape.

You will be key in designing and helping to implement technical architecture for new opportunities, ensuring security is built into every step of the application lifecycle and ensuring a ‘security first’ approach.

What you’ll be doing

  • You will be the subject matter expert and provide technical expertise and guidance for Shieldpay developers around the secure development of their products.
  • Implementing secure tooling such as SAST and DAST to allow the developer teams to produce reports for your review.
  • Performing vulnerability assessments both internal and external to actively look for possible security threats and to ensure compliance to PCI DSS.
  • Further develop the secure application development lifecycle, integrating security tooling early into the continuous delivery pipeline, shifting ‘security left’.
  • Contribute towards the broader company technical strategy, to push it in a more secure direction from a development perspective.
  • Actively test the effectiveness of current controls to ensure continuous improvement.
  • Provide information for various reports, such as penetration testing remediations and application vulnerability reports.
  • Keep up to date with evolving InfoSec trends, emerging risks, and growing industry-wide technological shifts.
  • Promote the importance of Information Security throughout the organisation.
  • Work with the rest of the organisation to build security into everyday functions and promote good practice rather than ‘security as a blocker’.

What we’re looking for in you

  • Knowledge of secure coding practices and tooling for examples NIST and BSIMM standards.
  • The ability to implement, review and action vulnerabilities identified within SAST and DAST (e.g. BurpSuite or OWASP ZAP) reports from the developer teams.
  • An understanding of Windows, Mac and Linux systems.
  • A wider understanding of application and network protocols which could introduce security vulnerabilities.
  • Experience in a Security Engineer role or similar.
  • A desire for continuous improvement as security threats evolve.

If possible, we'd also love you to have:

  • A natural enthusiasm for all things application security.
  • Experience of the risks faced by FinTech companies.
  • Experience with SAST, DAST, vulnerability and pen testing products.
  • Experience with cloud computing providers such as AWS.
  • Relevant certifications in security engineering or the general information security space, e.g. one or any of OSCP, OSWE, GPEN, GWAPT, GMOB, CRT, PenTest+

Our promise

Shieldpay is an equal opportunities employer. For Shieldpay building a fair and transparent workforce begins with the recruitment process that does not discriminate on the grounds of gender, sexual orientation, marital or civil partner status, pregnancy or maternity, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.

Company benefits

Flexible working week
Open to compressed hours
Open to part-time employees
Mental health days
Unlimited annual leave
Enhanced maternity leave
Enhanced paternity leave
Cycle to work scheme
Annual pay rises
Share options
Matched pension contribution
Life assurance
Personal development budgets
Employee assistance programme
Mental health platform access
Dental coverage
Health insurance
Adoption leave
Work from home allowance
Open to part time work for some roles
Season ticket loan
Shared parental leave
Fully stocked snack cupboard
Hackathons
Teambuilding days
L&D budget
Lunch and learns
Location
91%
Employees are very happy with their working location freedom
Hours
91%
Employees are very happy with the flexibility in the hours they work
Benefits
82%
Employees are very happy with the benefits their company offers
Work-life balance
82%
Employees feel that they can find the perfect balance of life and work
Role modelling
88%
Employees feel that flexible working is part of the culture
Autonomy
88%
Employees feel they have complete autonomy over getting their work done

Working at Shieldpay

Company employees

106

Gender diversity (male:female:non-binary)

59:39:2

Office locations

Fleet Street, London

Funding levels

£34mil

Hiring Countries

United Kingdom

Awards & Achievements

Most flexible companies

Most flexible companies

Flexa100 2024
3rd – Finance & Insurance

3rd – Finance & Insurance

Industry awards 2023