108 Security Product jobs in the United Kingdom
Cyber Security Product Owner
London, London
Financial Conduct Authority
Posted today
Job Viewed
Job Description
Overview
Join to apply for the
Cyber Security Product Owner
role at
Financial Conduct Authority .nSign in to access AI-powered advice and other features.nDivision
Division
– Data, Technology and Innovation
Team
– Technology Resilience
Salary
– National (Edinburgh and Leeds) ranging from £72,100 to £17,100 and London from 9,300 to 28,800 per annum (salary offered will be based on skills and experience)nAbout the FCA
The FCA regulates the conduct of 45,000 firms in the UK to ensure our financial markets are honest, fair and competitive. The Cyber Security team is responsible for protecting the organisation’s critical systems and data. Within the team, the Product Owner plays a key role in managing the delivery of all changes to Enterprise Security products. This includes coordinating configuration development, infrastructure updates, service improvements and the resolution of technical debt across platforms and in-scope systems. Working closely with engineers, stakeholders and service teams, you will ensure security solutions are delivered effectively and aligned with business priorities. It's a collaborative, fast-paced environment focused on innovation, resilience and continuous improvement in the face of evolving cyber threats.nWhat will you be doing?
Driving change and operational excellence across large-scale, complex Enterprise Security productsnLeading the full lifecycle delivery of robust technical and security solutions aligned with service acceptance standardsnChampioning agile methodologies and DevOps practices to enable efficient, high-quality product outcomesnOwning the strategic direction and lifecycle management of multiple security productsnCollaborating across a diverse, cross-functional Product team to deliver impactful and measurable resultsnWhat will you get from the role?
Chance to work in small, autonomous, and collaborative cross-functional teams that value both achievement and enjoymentnA culture that encourages smart, effective working practices while supporting a healthy work-life balancenA clear sense of purpose, with your contributions driving meaningful outcomes that make a real differencenA high-trust environment where individuals are empowered to take ownership without micro-managementnAn inclusive workplace that embraces and celebrates diversity in all its formsnLeadership that prioritizes emotional intelligence, collaboration and innovation over rigid structuresnSkills and qualifications
Disability Confident
Employer statement is noted. Disabled people or individuals with long-term conditions who best meet the minimum criteria for a role will go through to the next stage of the recruitment process.nMinimum
Experience of working as a Product Owner or Project Manager in cyber security, with a strong track record of delivering changenExperience of managing technical teams and service providers within a security-focused environmentnExperience of working with Security Posture Management tooling and/or Secure Service Edge solutionsnEssential
Proven ability to manage the backlog and delivery of cyber security products, ensuring alignment with strategic goalsnSkilled in end-to-end project or product delivery using Agile frameworks such as Kanban or ScrumnAccountable for overseeing technology components and platforms within complex environmentsnQuick to understand and align with organisational business drivers and core operational processesnStrong collaboration and communication skills for engaging effectively with cross-functional teams and stakeholders at all levelsnValues & Diversity
We are proud to be an inclusive employer and our ambition is to cultivate a culture for all employees that respects their individual strengths, views, and experiences. We believe that our differences and similarities enable us to be a better organisation – one that makes better decisions, drives innovation, and delivers better regulation. We encourage applications from women, minority ethnic, disabled, and neurodivergent candidates.nBenefits
28 days holiday per year plus bank holidaysnHybrid working (work from home up to 60% of your time)nPrivate healthcare with BupanA non-contributory Pension of at least 8%nLife assurancenIncome protectionnWe also have a competitive flexible benefits scheme which gives you the opportunity to create a personalised benefits package, tailored to suit your lifestyle.nApplication Support
We are dedicated to removing barriers and ensuring our application process is accessible to everyone. We offer a range of adjustments to make your application experience as comfortable and straightforward as possible. If you have an accessibility need, disability, or condition requiring changes to the recruitment process, please contact your recruiter using the details below.nUseful Information and Timeline
This role is graded – Technical Specialist – RegulatorynSC Clearance is required for this role (SC Guidance) - you will hold or be required to obtain Security Check (SC) level vettingnAdvert Closing: 18 September (applications accepted until 11:59 PM on 17 September)nCV Review/Shortlist: 18-19 Septembern1st Stage Interview: w/c 22 Septembern2nd Stage Interview: w/c 6 OctobernYour Recruiter will discuss the process in detail with you during screening for the role, therefore, please make them aware if you are going to be unavailable for any date during this time.nGot a question?nIf you are interested in learning more about the role, please contact must be submitted through our online portal. Applications sent via email will not be accepted.nSeniority level
Mid-Senior levelnEmployment type
Full-timenJob function
Product Management and Marketing
#J-18808-Ljbffrn
Join to apply for the
Cyber Security Product Owner
role at
Financial Conduct Authority .nSign in to access AI-powered advice and other features.nDivision
Division
– Data, Technology and Innovation
Team
– Technology Resilience
Salary
– National (Edinburgh and Leeds) ranging from £72,100 to £17,100 and London from 9,300 to 28,800 per annum (salary offered will be based on skills and experience)nAbout the FCA
The FCA regulates the conduct of 45,000 firms in the UK to ensure our financial markets are honest, fair and competitive. The Cyber Security team is responsible for protecting the organisation’s critical systems and data. Within the team, the Product Owner plays a key role in managing the delivery of all changes to Enterprise Security products. This includes coordinating configuration development, infrastructure updates, service improvements and the resolution of technical debt across platforms and in-scope systems. Working closely with engineers, stakeholders and service teams, you will ensure security solutions are delivered effectively and aligned with business priorities. It's a collaborative, fast-paced environment focused on innovation, resilience and continuous improvement in the face of evolving cyber threats.nWhat will you be doing?
Driving change and operational excellence across large-scale, complex Enterprise Security productsnLeading the full lifecycle delivery of robust technical and security solutions aligned with service acceptance standardsnChampioning agile methodologies and DevOps practices to enable efficient, high-quality product outcomesnOwning the strategic direction and lifecycle management of multiple security productsnCollaborating across a diverse, cross-functional Product team to deliver impactful and measurable resultsnWhat will you get from the role?
Chance to work in small, autonomous, and collaborative cross-functional teams that value both achievement and enjoymentnA culture that encourages smart, effective working practices while supporting a healthy work-life balancenA clear sense of purpose, with your contributions driving meaningful outcomes that make a real differencenA high-trust environment where individuals are empowered to take ownership without micro-managementnAn inclusive workplace that embraces and celebrates diversity in all its formsnLeadership that prioritizes emotional intelligence, collaboration and innovation over rigid structuresnSkills and qualifications
Disability Confident
Employer statement is noted. Disabled people or individuals with long-term conditions who best meet the minimum criteria for a role will go through to the next stage of the recruitment process.nMinimum
Experience of working as a Product Owner or Project Manager in cyber security, with a strong track record of delivering changenExperience of managing technical teams and service providers within a security-focused environmentnExperience of working with Security Posture Management tooling and/or Secure Service Edge solutionsnEssential
Proven ability to manage the backlog and delivery of cyber security products, ensuring alignment with strategic goalsnSkilled in end-to-end project or product delivery using Agile frameworks such as Kanban or ScrumnAccountable for overseeing technology components and platforms within complex environmentsnQuick to understand and align with organisational business drivers and core operational processesnStrong collaboration and communication skills for engaging effectively with cross-functional teams and stakeholders at all levelsnValues & Diversity
We are proud to be an inclusive employer and our ambition is to cultivate a culture for all employees that respects their individual strengths, views, and experiences. We believe that our differences and similarities enable us to be a better organisation – one that makes better decisions, drives innovation, and delivers better regulation. We encourage applications from women, minority ethnic, disabled, and neurodivergent candidates.nBenefits
28 days holiday per year plus bank holidaysnHybrid working (work from home up to 60% of your time)nPrivate healthcare with BupanA non-contributory Pension of at least 8%nLife assurancenIncome protectionnWe also have a competitive flexible benefits scheme which gives you the opportunity to create a personalised benefits package, tailored to suit your lifestyle.nApplication Support
We are dedicated to removing barriers and ensuring our application process is accessible to everyone. We offer a range of adjustments to make your application experience as comfortable and straightforward as possible. If you have an accessibility need, disability, or condition requiring changes to the recruitment process, please contact your recruiter using the details below.nUseful Information and Timeline
This role is graded – Technical Specialist – RegulatorynSC Clearance is required for this role (SC Guidance) - you will hold or be required to obtain Security Check (SC) level vettingnAdvert Closing: 18 September (applications accepted until 11:59 PM on 17 September)nCV Review/Shortlist: 18-19 Septembern1st Stage Interview: w/c 22 Septembern2nd Stage Interview: w/c 6 OctobernYour Recruiter will discuss the process in detail with you during screening for the role, therefore, please make them aware if you are going to be unavailable for any date during this time.nGot a question?nIf you are interested in learning more about the role, please contact must be submitted through our online portal. Applications sent via email will not be accepted.nSeniority level
Mid-Senior levelnEmployment type
Full-timenJob function
Product Management and Marketing
#J-18808-Ljbffrn
This advertiser has chosen not to accept applicants from your region.
0
Product Security Architect
Bristol, South West
ARM
Posted 7 days ago
Job Viewed
Job Description
Product Security Architect
Permanent role
Based in Bristol
Offering circa 80,000
Do you have experience in Security Infrastructure?
Do you have experience in Secure by Design?
Do you want to work with an industry-leading company?
If your answers are yes to these, then this could be the role for you!
As the Product Security Architect, you will be working alongside a market-leading Defence and Aerospace company who are constantly growing and developing. They are always looking to bring on new talents such as yourself and further develop your skills to enable you to grow within the company and industry!
Some of what you will be involved in:
- Identify security requirements and ensure the integration of security controls during the product development lifecycle
- Develop and implement risk management strategies
- Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified
- Collaborate with the development teams to ensure the adoption of Secure by Design principles
- Identify security risks that arise from potential solution architectures, advising and assuring alternate solutions or counter-measures to mitigate identified information risks.
- Collaborate with the product development teams to integrate security best practices ensuring Secure by Design
- Identify and mitigate security vulnerabilities and risks in products
- Develop and maintain security guidelines, documentation, and training materials
- Participate in incident response and remediation efforts for security breaches affecting products
Your skillset may include:
- Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139)
- An understanding of MOD ISN 23/09 Secure by Design
- Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP
- Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53)
If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further!
Product Security Architect
Permanent role
Based in Bristol
Offering circa 80,000
Disclaimer:
This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
This advertiser has chosen not to accept applicants from your region.
1
Product Security Architect
Bristol, South West
£75000 - £85000 Annually
ARM
Posted 7 days ago
Job Viewed
Job Description
Product Security Architect
Permanent role
Based in Bristol
Offering circa 80,000
Do you have experience in Security Infrastructure?
Do you have experience in Secure by Design?
Do you want to work with an industry-leading company?
If your answers are yes to these, then this could be the role for you!
As the Product Security Architect, you will be working alongside a market-leading Defence and Aerospace company who are constantly growing and developing. They are always looking to bring on new talents such as yourself and further develop your skills to enable you to grow within the company and industry!
Some of what you will be involved in:
- Identify security requirements and ensure the integration of security controls during the product development lifecycle
- Develop and implement risk management strategies
- Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified
- Collaborate with the development teams to ensure the adoption of Secure by Design principles
- Identify security risks that arise from potential solution architectures, advising and assuring alternate solutions or counter-measures to mitigate identified information risks.
- Collaborate with the product development teams to integrate security best practices ensuring Secure by Design
- Identify and mitigate security vulnerabilities and risks in products
- Develop and maintain security guidelines, documentation, and training materials
- Participate in incident response and remediation efforts for security breaches affecting products
Your skillset may include:
- Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139)
- An understanding of MOD ISN 23/09 Secure by Design
- Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP
- Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53)
If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further!
Product Security Architect
Permanent role
Based in Bristol
Offering circa 80,000
Disclaimer:
This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
This advertiser has chosen not to accept applicants from your region.
2
Product Security Consultant
Digital Waffle
Posted today
Job Viewed
Job Description
Embedded Product Security Consultant (Contract – Fully Remote) Location: Remote (UK/EU based preferred) Rate: Competitive day rate We are seeking an experienced Embedded Product Security Consultant to undertake in-depth security reviews and assessments across embedded, mobile and IoT platforms. This role involves low-level security analysis, vulnerability assessment, and providing expert guidance on secure system design for both hardware and software components. Key Responsibilities: Review low-level C code (FreeRTOS, Android, Linux kernel drivers) and protocol parsers. Assess and advise on sandboxing and isolation policies (SELinux/SE Android, seccomp, Linux namespaces, Minijail/Firejail). Conduct cryptographic implementation reviews, particularly secure boot and code-signing mechanisms. Analyse Android applications (Java) and system-level components. Examine and debug ARM 32/64-bit assembly. Reverse engineer firmware and embedded systems. Carry out hardware and embedded system hacking exercises. Perform wireless protocol security testing (Wi-Fi, Bluetooth) Deliver vulnerability assessments, penetration testing, and exploit proof-of-concepts. Work with development teams using Git/GitHub workflows. Essential Skills & Experience: Strong background in embedded security and low-level programming. Hands-on experience with FreeRTOS, Linux kernel drivers, and Android internals. Deep understanding of cryptography and secure system design. Proven experience in reverse engineering and vulnerability research. Knowledge of wireless protocol security testing. Excellent written and verbal communication skills.
This advertiser has chosen not to accept applicants from your region.
3
Product Security Consultant
Digital Waffle
Posted 1 day ago
Job Viewed
Job Description
Embedded Product Security Consultant (Contract – Fully Remote)
Location: Remote (UK/EU based preferred)
Rate: Competitive day rate
We are seeking an experienced Embedded Product Security Consultant to undertake in-depth security reviews and assessments across embedded, mobile and IoT platforms. This role involves low-level security analysis, vulnerability assessment, and providing expert guidance on secure system design for both hardware and software components.
Key Responsibilities:
- Review low-level C code (FreeRTOS, Android, Linux kernel drivers) and protocol parsers.
- Assess and advise on sandboxing and isolation policies (SELinux/SE Android, seccomp, Linux namespaces, Minijail/Firejail).
- Conduct cryptographic implementation reviews, particularly secure boot and code-signing mechanisms.
- Analyse Android applications (Java) and system-level components.
- Examine and debug ARM 32/64-bit assembly.
- Reverse engineer firmware and embedded systems.
- Carry out hardware and embedded system hacking exercises.
- Perform wireless protocol security testing (Wi-Fi, Bluetooth)
- Deliver vulnerability assessments, penetration testing, and exploit proof-of-concepts.
- Work with development teams using Git/GitHub workflows.
Essential Skills & Experience:
- Strong background in embedded security and low-level programming.
- Hands-on experience with FreeRTOS, Linux kernel drivers, and Android internals.
- Deep understanding of cryptography and secure system design.
- Proven experience in reverse engineering and vulnerability research.
- Knowledge of wireless protocol security testing.
- Excellent written and verbal communication skills.
This advertiser has chosen not to accept applicants from your region.
4
Security Engineer - Product & Production Infrastructure / Product Security Remote - United Kingdom
London, London
Wiz
Posted today
Job Viewed
Job Description
Security Engineer - Product & Production Infrastructure
Remote - United Kingdom | Product Security
Come join the company that is reinventing cloud security and empowering businesses to thrive in the cloud. As the fastest-growing startup ever, Wiz is on a mission to help organizations secure cloud environments that will accelerate their businesses. Trusted by security teams all over the world, we have a proventrack record of success and a culture that values world-class talent.nOur Wizards from over 20 countries work together to protect the infrastructure of our hundreds of customers, including over 45% of the Fortune 100, who trust us to scan and secure over 230 billion files daily. We’re the leading player in a massive and growing market, but it’s still early enough for you to make a significant impact. At Wiz, you’ll have the freedom to think creatively, dream big, and use your full range of skills to contribute to our record growth. Come join our team and help us create secure cloud environments that allow the best companies to move faster.nSUMMARYnWiz is looking for a Security Engineer for Product & Production Infrastructure who has experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. You’ll get to collaborate with our software development and DevOps teams to secure Wiz’s products, CI/CD infrastructure, and production infrastructure. You’ll also have the opportunity to influence our product roadmap by utilizing Wiz-for-Wiz to assess, monitor, and harden our environments.nWHAT YOU’LL DOnLead threat modeling and security review exercises across Wiz’s production and CI/CD environments – identifying and mitigating risks in our products and the cloud services that support themnDrive vulnerability management and remediation efforts – prioritizing issues, implementing mitigations, and designing strategic preventative controlsnExtend our detection and response capabilities – building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidentsnBuild deep functional partnerships with Wiz’s engineering and operations teams – helping them deliver secure-by-design solutionsnWHAT YOU’LL BRINGn5+ years of experience in security engineering or security operations work in cloud environments, with a focus on a combination of the below:nAWS platforms and services (we will also consider equivalent experience in Azure and GCP)nKubernetes (AWS EKS) and container infrastructurenIAM and managing cloud identities at-scalenSecure development and application of IAC solutions (Terraform, Helm)nCloud-native observability and management toolsnDevelopment experience in Go, Python and RustnPREFERRED QUALIFICATIONSnBachelor's degree in computer science or a related field and / or candidates with equivalent job experience in lieu of a degreenExperience working with remote, globally distributed teamsnExperience working in organizations that develop software and / or operate managed infrastructure and technology services for their own customersnExperience with CNAPP, CSPM, or CIEM solutionsnApplicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship. This role does not offer visa sponsorship .nWiz is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.nBy submitting your application, you acknowledge that Wiz will process your personal data in accordance with Wiz's Privacy Policy.
#J-18808-Ljbffrn
Remote - United Kingdom | Product Security
Come join the company that is reinventing cloud security and empowering businesses to thrive in the cloud. As the fastest-growing startup ever, Wiz is on a mission to help organizations secure cloud environments that will accelerate their businesses. Trusted by security teams all over the world, we have a proventrack record of success and a culture that values world-class talent.nOur Wizards from over 20 countries work together to protect the infrastructure of our hundreds of customers, including over 45% of the Fortune 100, who trust us to scan and secure over 230 billion files daily. We’re the leading player in a massive and growing market, but it’s still early enough for you to make a significant impact. At Wiz, you’ll have the freedom to think creatively, dream big, and use your full range of skills to contribute to our record growth. Come join our team and help us create secure cloud environments that allow the best companies to move faster.nSUMMARYnWiz is looking for a Security Engineer for Product & Production Infrastructure who has experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. You’ll get to collaborate with our software development and DevOps teams to secure Wiz’s products, CI/CD infrastructure, and production infrastructure. You’ll also have the opportunity to influence our product roadmap by utilizing Wiz-for-Wiz to assess, monitor, and harden our environments.nWHAT YOU’LL DOnLead threat modeling and security review exercises across Wiz’s production and CI/CD environments – identifying and mitigating risks in our products and the cloud services that support themnDrive vulnerability management and remediation efforts – prioritizing issues, implementing mitigations, and designing strategic preventative controlsnExtend our detection and response capabilities – building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidentsnBuild deep functional partnerships with Wiz’s engineering and operations teams – helping them deliver secure-by-design solutionsnWHAT YOU’LL BRINGn5+ years of experience in security engineering or security operations work in cloud environments, with a focus on a combination of the below:nAWS platforms and services (we will also consider equivalent experience in Azure and GCP)nKubernetes (AWS EKS) and container infrastructurenIAM and managing cloud identities at-scalenSecure development and application of IAC solutions (Terraform, Helm)nCloud-native observability and management toolsnDevelopment experience in Go, Python and RustnPREFERRED QUALIFICATIONSnBachelor's degree in computer science or a related field and / or candidates with equivalent job experience in lieu of a degreenExperience working with remote, globally distributed teamsnExperience working in organizations that develop software and / or operate managed infrastructure and technology services for their own customersnExperience with CNAPP, CSPM, or CIEM solutionsnApplicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship. This role does not offer visa sponsorship .nWiz is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.nBy submitting your application, you acknowledge that Wiz will process your personal data in accordance with Wiz's Privacy Policy.
#J-18808-Ljbffrn
This advertiser has chosen not to accept applicants from your region.
5
Markets Product Security Engineer
London, London
ION
Posted today
Job Viewed
Job Description
Overview
Join to apply for the Markets Product Security Engineer role at ION. This is an amazing opportunity to work with Information Security and Compliance Team at ION. As a Product Security Engineer, you would be the key enabler of secure and compliant products. You should have knowledge of attack paths across the technology stack, including tactics, techniques and procedures (TTPs) used by adversaries to exploit vulnerabilities. You will be trusted advisor throughout the product development lifecycle, incorporating knowledge of emerging threats, business goals and system design to improve platform security posture. You will be responsible for aligning the Markets security strategy, security design and controls engineering to product roadmap. You will also be responsible for providing transparency to leadership on product control performance and associated risk.nKey Responsibilities
Within the Product Security Team as part of the ION Markets CISO function, you will deal with the following activities:nMonitor and identify security events and emerging threats associated with the product line you are managing and any dependencies;nAct as the interface between CSIRT and Product teams as part of security incident activities;nDeliver threat modelling and hunting to identify vulnerabilities in product design and provide control recommendations to mitigate those risks;nEngage in architecture and design reviews to ensure product alignment with Security strategy and industry best practices;nStay up to date with industry trends, best practices and regulatory standards that may impact product implementations;nSupport the engineering of control solutions where existing offerings are not available;nProvide security expertise during incident and problem management;nProduce threat intelligence briefings and other work products to share information across the organisation;nRespond to ad-hoc requests for platform security related guidance;nThis role may require some overnight, weekend and on-call activities.nRequired Skills, Qualifications And Experience
Knowledge of working within the financial services industry, or other highly regulated industries in a technical role.nInformation security management, governance, and compliance principles, practices, laws, rules and regulations, e.g. NIST, ISO, NIS, DORA and GDPR.nInformation technology systems and processes, network infrastructure, data architecture, data processes and protocols.nCyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration, e.g. CIS, CSF.nSecurity Tooling: Proficiency in common security tools, such as SIEMs, vulnerability scanners, firewalls and EDR products.nScripting: Proficiency in scripting languages like Python, BASH, or PowerShell.nSecurity Incident Management: Ability to assist with the detection, response, and recovery of escalated security incidents and manage backlog/lessons learned actions.nRisk Assessment: Proficiency in conducting security risk assessments and providing thorough post-event analyses.nSecurity Expertise: Providing security expertise during incident and problem management.nCommunication: Strong communication skills to explain complex security issues to both technical and non-technical audiences.nAbility to:nEffectively communicate technical issues to diverse audiences, both in writing and verbally;nHandle sensitive and confidential matters, situations, and data;nUnderstand and follow broad and complex instructions;nComprehend technical language and to confer, analyse and write in an objective, lucid manner;nWork independently and prioritize multiple tasks and adapt to needed changes;nRemain calm under high pressure/difficult situations.nPreferred Certifications
GCIHnCSECnCSSLPnCISSPnCASP+nAbout Us
We’re a diverse group of visionary innovators who provide trading and workflow automation software, high-value analytics, and strategic consulting to corporations, central banks, financial institutions, and governments. Founded in 1999, we’ve achieved tremendous growth by bringing together some of the best and most successful financial technology companies in the world.nION is a rapidly expanding and dynamic group with 13,000 employees and offices in more than 40 cities around the globe. Our ever-expanding global footprint, cutting edge products, and over 40,000 customers worldwide provide an unparalleled career experience for those who share our vision.nION is committed to maintaining a supportive and inclusive environment for people with diverse backgrounds and experiences. We respect the varied identities, abilities, cultures, and traditions of the individuals who comprise our organization and recognize the value that different backgrounds and points of view bring to our business.nION adheres to an equal employment opportunity policy that prohibits discriminatory practices or harassment against applicants or employees based on any legally impermissible factor.nJob Details
Seniority level: Mid-Senior levelnEmployment type: Full-timenJob function: Information TechnologynIndustries: Software Development
#J-18808-Ljbffrn
Join to apply for the Markets Product Security Engineer role at ION. This is an amazing opportunity to work with Information Security and Compliance Team at ION. As a Product Security Engineer, you would be the key enabler of secure and compliant products. You should have knowledge of attack paths across the technology stack, including tactics, techniques and procedures (TTPs) used by adversaries to exploit vulnerabilities. You will be trusted advisor throughout the product development lifecycle, incorporating knowledge of emerging threats, business goals and system design to improve platform security posture. You will be responsible for aligning the Markets security strategy, security design and controls engineering to product roadmap. You will also be responsible for providing transparency to leadership on product control performance and associated risk.nKey Responsibilities
Within the Product Security Team as part of the ION Markets CISO function, you will deal with the following activities:nMonitor and identify security events and emerging threats associated with the product line you are managing and any dependencies;nAct as the interface between CSIRT and Product teams as part of security incident activities;nDeliver threat modelling and hunting to identify vulnerabilities in product design and provide control recommendations to mitigate those risks;nEngage in architecture and design reviews to ensure product alignment with Security strategy and industry best practices;nStay up to date with industry trends, best practices and regulatory standards that may impact product implementations;nSupport the engineering of control solutions where existing offerings are not available;nProvide security expertise during incident and problem management;nProduce threat intelligence briefings and other work products to share information across the organisation;nRespond to ad-hoc requests for platform security related guidance;nThis role may require some overnight, weekend and on-call activities.nRequired Skills, Qualifications And Experience
Knowledge of working within the financial services industry, or other highly regulated industries in a technical role.nInformation security management, governance, and compliance principles, practices, laws, rules and regulations, e.g. NIST, ISO, NIS, DORA and GDPR.nInformation technology systems and processes, network infrastructure, data architecture, data processes and protocols.nCyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration, e.g. CIS, CSF.nSecurity Tooling: Proficiency in common security tools, such as SIEMs, vulnerability scanners, firewalls and EDR products.nScripting: Proficiency in scripting languages like Python, BASH, or PowerShell.nSecurity Incident Management: Ability to assist with the detection, response, and recovery of escalated security incidents and manage backlog/lessons learned actions.nRisk Assessment: Proficiency in conducting security risk assessments and providing thorough post-event analyses.nSecurity Expertise: Providing security expertise during incident and problem management.nCommunication: Strong communication skills to explain complex security issues to both technical and non-technical audiences.nAbility to:nEffectively communicate technical issues to diverse audiences, both in writing and verbally;nHandle sensitive and confidential matters, situations, and data;nUnderstand and follow broad and complex instructions;nComprehend technical language and to confer, analyse and write in an objective, lucid manner;nWork independently and prioritize multiple tasks and adapt to needed changes;nRemain calm under high pressure/difficult situations.nPreferred Certifications
GCIHnCSECnCSSLPnCISSPnCASP+nAbout Us
We’re a diverse group of visionary innovators who provide trading and workflow automation software, high-value analytics, and strategic consulting to corporations, central banks, financial institutions, and governments. Founded in 1999, we’ve achieved tremendous growth by bringing together some of the best and most successful financial technology companies in the world.nION is a rapidly expanding and dynamic group with 13,000 employees and offices in more than 40 cities around the globe. Our ever-expanding global footprint, cutting edge products, and over 40,000 customers worldwide provide an unparalleled career experience for those who share our vision.nION is committed to maintaining a supportive and inclusive environment for people with diverse backgrounds and experiences. We respect the varied identities, abilities, cultures, and traditions of the individuals who comprise our organization and recognize the value that different backgrounds and points of view bring to our business.nION adheres to an equal employment opportunity policy that prohibits discriminatory practices or harassment against applicants or employees based on any legally impermissible factor.nJob Details
Seniority level: Mid-Senior levelnEmployment type: Full-timenJob function: Information TechnologynIndustries: Software Development
#J-18808-Ljbffrn
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Security product Jobs in United Kingdom !
6
Senior Product Security Engineer
London, London
Caspian One
Posted today
Job Viewed
Job Description
Overview
We are seeking an exceptional Product Security Engineer with deep crypto/DeFi expertise to join our technology-driven quantitative investment team. This is a unique opportunity to work with cutting-edge financial technology in a fast-paced, high-stakes environment.nYou'll be the go-to security consultant for our crypto and digital assets operations, providing strategic guidance on security implementations while working with sophisticated trading infrastructure and multi-cloud platforms. This role combines hands-on technical work with high-level security consulting across our crypto ecosystem.nKey Responsibilities
Crypto Security Leadership : Advise and implement security strategies specifically for crypto, DeFi protocols, and smart contract environmentsnSecurity Architecture : Design and implement robust security controls for low-latency trading systems handling digital assetsnAutomation & Integration : Integrate SAST, DAST, and other security tools into CI/CD pipelines using Terraform and other infrastructure-as-code toolsnRisk Assessment : Conduct comprehensive threat modeling and vulnerability assessments for crypto trading infrastructurenTechnical Consulting : Provide expert guidance to engineering teams on security best practices in crypto environmentsnMulti-Cloud Security : Secure hybrid infrastructures across AWS, Azure, and on-premise systemsnCrypto Background : Proven experience in crypto/DeFi security, smart contracts, or digital assets within a fund/trading environmentnProgramming Skills : Strong proficiency in Python OR C++ (either is acceptable)nCloud Expertise : Experience with AWS and/or Azure (both preferred, one acceptable)nSecurity Tools : Hands-on experience with SAST, DAST, and security scanning toolsnInfrastructure : Terraform experience for CI/CD integrationnHolistic Security Mindset : Ability to see the big picture and provide strategic security guidancenWhat We Offer
Top Contract Rates : We understand the premium for top crypto security talentnFlexible Hybrid Working : 3 days per week in our premium office spacenExceptional Workplace : Google office vibes with communal spaces, games room, and rooftop terracenGourmet Dining : Complimentary lunch and dinner prepared by our French chefnTop-Tier Technology : Work with cutting-edge systems and infrastructurenIdeal Candidate Profile
You're a security expert who thrives in the crypto space and can operate at the highest technical levels. You have the expertise to question and challenge existing approaches while providing practical, implementable solutions. You're comfortable working with highly technical teams and can communicate complex security concepts clearly.nWe’re looking for top 1% profiles only — if you're reading this and thinking "that’s me," we want to hear from you.nReady to join a team where your crypto security expertise will directly impact global financial markets?nThis role offers the opportunity to work with a scientific approach to investing, combining data, research, technology and trading expertise in a collaborative environment focused on solving complex challenges and delivering high-quality returns.nSeniority level
Mid-Senior levelnEmployment type
ContractnJob function
Information TechnologynIndustries
Investment BankingnSoftware DevelopmentnFinancial Services
#J-18808-Ljbffrn
We are seeking an exceptional Product Security Engineer with deep crypto/DeFi expertise to join our technology-driven quantitative investment team. This is a unique opportunity to work with cutting-edge financial technology in a fast-paced, high-stakes environment.nYou'll be the go-to security consultant for our crypto and digital assets operations, providing strategic guidance on security implementations while working with sophisticated trading infrastructure and multi-cloud platforms. This role combines hands-on technical work with high-level security consulting across our crypto ecosystem.nKey Responsibilities
Crypto Security Leadership : Advise and implement security strategies specifically for crypto, DeFi protocols, and smart contract environmentsnSecurity Architecture : Design and implement robust security controls for low-latency trading systems handling digital assetsnAutomation & Integration : Integrate SAST, DAST, and other security tools into CI/CD pipelines using Terraform and other infrastructure-as-code toolsnRisk Assessment : Conduct comprehensive threat modeling and vulnerability assessments for crypto trading infrastructurenTechnical Consulting : Provide expert guidance to engineering teams on security best practices in crypto environmentsnMulti-Cloud Security : Secure hybrid infrastructures across AWS, Azure, and on-premise systemsnCrypto Background : Proven experience in crypto/DeFi security, smart contracts, or digital assets within a fund/trading environmentnProgramming Skills : Strong proficiency in Python OR C++ (either is acceptable)nCloud Expertise : Experience with AWS and/or Azure (both preferred, one acceptable)nSecurity Tools : Hands-on experience with SAST, DAST, and security scanning toolsnInfrastructure : Terraform experience for CI/CD integrationnHolistic Security Mindset : Ability to see the big picture and provide strategic security guidancenWhat We Offer
Top Contract Rates : We understand the premium for top crypto security talentnFlexible Hybrid Working : 3 days per week in our premium office spacenExceptional Workplace : Google office vibes with communal spaces, games room, and rooftop terracenGourmet Dining : Complimentary lunch and dinner prepared by our French chefnTop-Tier Technology : Work with cutting-edge systems and infrastructurenIdeal Candidate Profile
You're a security expert who thrives in the crypto space and can operate at the highest technical levels. You have the expertise to question and challenge existing approaches while providing practical, implementable solutions. You're comfortable working with highly technical teams and can communicate complex security concepts clearly.nWe’re looking for top 1% profiles only — if you're reading this and thinking "that’s me," we want to hear from you.nReady to join a team where your crypto security expertise will directly impact global financial markets?nThis role offers the opportunity to work with a scientific approach to investing, combining data, research, technology and trading expertise in a collaborative environment focused on solving complex challenges and delivering high-quality returns.nSeniority level
Mid-Senior levelnEmployment type
ContractnJob function
Information TechnologynIndustries
Investment BankingnSoftware DevelopmentnFinancial Services
#J-18808-Ljbffrn
This advertiser has chosen not to accept applicants from your region.
7
Product Security Engineer (University Grad)
London, London
Meta
Posted 17 days ago
Job Viewed
Job Description
**Summary:**
Meta's Product Security team is seeking a passionate hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over three billion people. You will be relied upon to provide engineering and product teams with the web security expertise necessary to make confident product decisions. Come help us make life hard for the bad guys.
**Required Skills:**
Product Security Engineer (University Grad) Responsibilities:
1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more
2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities
3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products
4. Research, develop, and apply mitigations to products so that vulnerabilities cannot be turned into exploits
**Minimum Qualifications:**
Minimum Qualifications:
5. Currently has, or is in the process of obtaining a Bachelor's or Masters degree in Computer Science, Computer Engineering, relevant technical field, or equivalent practical experience. Degree must be completed prior to joining Meta
6. Experience finding vulnerabilities in php, javascript, python
7. Knowledge of secure code development
8. Experience with exploiting common web security vulnerabilities (e.g. SQLi, XSS, permission bypass vulnerabilities)
**Preferred Qualifications:**
Preferred Qualifications:
9. Track record of participation in capture the flag (CTF) competitions
10. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.)
**Industry:** Internet
Meta's Product Security team is seeking a passionate hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over three billion people. You will be relied upon to provide engineering and product teams with the web security expertise necessary to make confident product decisions. Come help us make life hard for the bad guys.
**Required Skills:**
Product Security Engineer (University Grad) Responsibilities:
1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more
2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities
3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products
4. Research, develop, and apply mitigations to products so that vulnerabilities cannot be turned into exploits
**Minimum Qualifications:**
Minimum Qualifications:
5. Currently has, or is in the process of obtaining a Bachelor's or Masters degree in Computer Science, Computer Engineering, relevant technical field, or equivalent practical experience. Degree must be completed prior to joining Meta
6. Experience finding vulnerabilities in php, javascript, python
7. Knowledge of secure code development
8. Experience with exploiting common web security vulnerabilities (e.g. SQLi, XSS, permission bypass vulnerabilities)
**Preferred Qualifications:**
Preferred Qualifications:
9. Track record of participation in capture the flag (CTF) competitions
10. Contributions to the security community (public research, blogging, presentations, bug bounty, etc.)
**Industry:** Internet
This advertiser has chosen not to accept applicants from your region.
8
Product Security Architecture - Cybersecurity Analyst
London, London
Visa
Posted today
Job Viewed
Job Description
Company Description
Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.nMake an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.nJob Description
Cybersecurity is at the heart of our culture. Our diligence and expertise are what makes us the undisputed leader in electronic payments. We’ve made it our priority to create a top-tier Security Architecture team, poised to defend us against any potential cyber threats.nWe are seeking a talented and motivated Product Security Architecture - Cybersecurity Analyst to join our security architecture and engineering team. The successful candidate will work closely with senior security architect consultants to assess, implement, and improve security controls for Visa’s applications, APIs, cloud environments, and development pipelines including GenAI services.nThis role is hands-on, requiring good coding skills, familiarity with modern cloud platforms, and practical experience with Generative AI (GenAI) technologies. You will contribute to threat modelling, security reviews, and the integration of security best practices for all services and systems reviewed.nEssential Functions:nSupport security architecture reviews for web, API, and backend applications, working alongside senior security staff.nAssist in security assessments during the development lifecycle, including contributing to scoping discussions, performing threat modelling, and participating in peer reviews.nHelp implement security controls within application frameworks, ensuring alignment with Visa’s security standards.nContribute to the identification and analysis of application on prem and cloud security vulnerabilities, recommending appropriate mitigations.nApply coding skills to review source code where applicable, develop proof-of-concept security tools or scripts, and automate security checks.nSupport security evaluations and help monitor ongoing security advisories.nGain experience in the security implications of infrastructure as code (IaC) technologies (Terraform, Ansible, AWS CloudFormation) and CI/CD pipelines.nAssist in the security review of AI/ML and GenAI-related services, including prompt injection risks, data privacy, and model security controls.nStay informed about current and emerging cybersecurity threats, security testing tools, and AI-driven security solutions.nCollaborate with cross-functional and geographically distributed teams to ensure security requirements are understood and implemented.nHelp maintain and update security documentation, technical guidelines, and reference architectures.nThis is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager.nQualifications
Basic Qualifications:nDemonstrable coding skills in at least one modern language (Python, Java, Go, or similar).nPractical experience working with Generative AI (GenAI) technologies or AI/ML systems, with the ability to explain key security considerations, risks, and basic control approaches for AI-driven systems. (Deep implementation expertise not required at this level, but a strong foundational understanding is essential).nWorking knowledge of cloud platforms (AWS, Azure, GCP) and common security patterns for cloud-native applications.nFamiliarity with security principles for on-premise network, application security and cloud environments.nUnderstanding of threat modelling and vulnerability assessment processes.nAwareness of common security standards and frameworks (PCI-DSS, NIST, ISO 27001).nPreferred Qualifications:nExposure to security controls in GenAI platforms (e.g., LLMs, AI/ML pipelines).nExposure to container technologies (Docker, Kubernetes) and associated security tools.nFamiliarity with DevOps practices and security automation.nExperience with vulnerability management solutions.nAwareness of regulatory and compliance requirements relevant to the payments industry (e.g., PCI, GDPR).nAdditional Information
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
#J-18808-Ljbffrn
Visa is a world leader in payments and technology, with over 259 billion payments transactions flowing safely between consumers, merchants, financial institutions, and government entities in more than 200 countries and territories each year. Our mission is to connect the world through the most innovative, convenient, reliable, and secure payments network, enabling individuals, businesses, and economies to thrive while driven by a common purpose – to uplift everyone, everywhere by being the best way to pay and be paid.nMake an impact with a purpose-driven industry leader. Join us today and experience Life at Visa.nJob Description
Cybersecurity is at the heart of our culture. Our diligence and expertise are what makes us the undisputed leader in electronic payments. We’ve made it our priority to create a top-tier Security Architecture team, poised to defend us against any potential cyber threats.nWe are seeking a talented and motivated Product Security Architecture - Cybersecurity Analyst to join our security architecture and engineering team. The successful candidate will work closely with senior security architect consultants to assess, implement, and improve security controls for Visa’s applications, APIs, cloud environments, and development pipelines including GenAI services.nThis role is hands-on, requiring good coding skills, familiarity with modern cloud platforms, and practical experience with Generative AI (GenAI) technologies. You will contribute to threat modelling, security reviews, and the integration of security best practices for all services and systems reviewed.nEssential Functions:nSupport security architecture reviews for web, API, and backend applications, working alongside senior security staff.nAssist in security assessments during the development lifecycle, including contributing to scoping discussions, performing threat modelling, and participating in peer reviews.nHelp implement security controls within application frameworks, ensuring alignment with Visa’s security standards.nContribute to the identification and analysis of application on prem and cloud security vulnerabilities, recommending appropriate mitigations.nApply coding skills to review source code where applicable, develop proof-of-concept security tools or scripts, and automate security checks.nSupport security evaluations and help monitor ongoing security advisories.nGain experience in the security implications of infrastructure as code (IaC) technologies (Terraform, Ansible, AWS CloudFormation) and CI/CD pipelines.nAssist in the security review of AI/ML and GenAI-related services, including prompt injection risks, data privacy, and model security controls.nStay informed about current and emerging cybersecurity threats, security testing tools, and AI-driven security solutions.nCollaborate with cross-functional and geographically distributed teams to ensure security requirements are understood and implemented.nHelp maintain and update security documentation, technical guidelines, and reference architectures.nThis is a hybrid position. Expectation of days in office will be confirmed by your Hiring Manager.nQualifications
Basic Qualifications:nDemonstrable coding skills in at least one modern language (Python, Java, Go, or similar).nPractical experience working with Generative AI (GenAI) technologies or AI/ML systems, with the ability to explain key security considerations, risks, and basic control approaches for AI-driven systems. (Deep implementation expertise not required at this level, but a strong foundational understanding is essential).nWorking knowledge of cloud platforms (AWS, Azure, GCP) and common security patterns for cloud-native applications.nFamiliarity with security principles for on-premise network, application security and cloud environments.nUnderstanding of threat modelling and vulnerability assessment processes.nAwareness of common security standards and frameworks (PCI-DSS, NIST, ISO 27001).nPreferred Qualifications:nExposure to security controls in GenAI platforms (e.g., LLMs, AI/ML pipelines).nExposure to container technologies (Docker, Kubernetes) and associated security tools.nFamiliarity with DevOps practices and security automation.nExperience with vulnerability management solutions.nAwareness of regulatory and compliance requirements relevant to the payments industry (e.g., PCI, GDPR).nAdditional Information
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.
#J-18808-Ljbffrn
This advertiser has chosen not to accept applicants from your region.
9