Companies you'll love to work for

Everywhere Ventures
291
companies
593
Jobs

Senior SDLC-focused Security Engineer

Wise

Wise

London, UK
Posted on Sep 18, 2024

Company Description

Wise is a global technology company, building the best way to move and manage the world’s money. Min fees. Max ease. Full speed.

Whether people and businesses are sending money to another country, spending abroad, or making and receiving international payments, Wise is on a mission to make their life easier and save them money.

As part of our team, you will be helping us create an entirely new network for the world's money. For everyone, everywhere.

More about our mission.


Job Description

About the role

We are looking for a Security Engineer with a focus on the SDLC, with interest in all aspects of cyber security.

You will be joining in an embedded role in the Developer Enablement Squad, working within our CI, CD and Engineering Experience teams. The role will also involve being a conduit to various Security teams (e.g. Application Security, Security Engineering, amongst others).

As Wise continues to grow, our systems and complexity increases. We face an increasing need to ensure that malicious attackers or threats are mitigated with best-in-class technology, tooling and processes. The SDLC is how we deliver changes quickly to our customers, and ensuring this is done securely is an increasingly important part of managing cybersecurity risk.

Wise operates globally, and our working practices must meet the standards of the various regulatory requirements of the jurisdictions in which we operate. But that does not mean we have to do exactly what larger and older banks do. Security will always have trade-offs, and we need to make sure that we also balance this with developer productivity and teams’ understanding of best practices..

How we work

We operate on a strong belief in automation, programmatic implementation and reusable design. We’re looking for people who can step back and think holistically about the ecosystem but also follow through and help implement the design, drawing on the resources across the rest of the platform tribe.

Initially, you will be working in an individual team within the squad. As we grow, the role will expand and you will work across all teams in the squad. focusing on long-term projects aimed to improve our security posture in the SDLC. We want you to be able to consider parts where we need better guardrails, automation or processes, where we make it easy to do the right thing for all of our engineers at Wise. We’re looking for an engineer that is looking to work at the intersection of cutting-edge software supply-chain technologies, such as SLSA and OpenSSF standards, and rolling that out across Wise’s large engineering estate. As you get more familiar with Wise, we expect you to be able to analyse complex requirements and deliver simple solutions to help our teams achieve our mission with speed and confidence.

What will you be working on?

  • Working closely with Platform and Security engineers, in order to secure the SDLC;

  • Able to threat model across various CI/CD systems and processes;

  • Design, build and collaborate on technologies and solutions for improving software supply chain posture;

  • Understand how teams use various languages (Java, Python, nodejs), what best practices look like when developers use build chains, tooling and ecosystem;

  • Understanding security requirements from regulators and compliance at a global level, and designing/help build scalable solutions

What do you need?

We are fully aware that it is uncommon for a candidate to have all skills required and we fully support everyone in learning new skills with us. So if you have some of those listed below and are eager to learn more, we do want to hear from you!

  • You are passionate about the SDLC, with knowledge of application security and surrounding topics.

  • You have worked within a production environment and understand the security risk regarding Continuous Integration/Delivery.

  • You have solid development experience with various languages, e.g. Java, Python and Go.

  • You have worked with or experienced various security exercises; for example, penetration testing, security researching, red teaming or bug bounty programs.

  • You are able to consider and reason about risks and controls, especially in the security domain.

  • Great communication and negotiation skills.

  • Ability to articulate complex technical concepts to other Wisers.

  • Are able to run your projects in collaboration with other teams and find the path for success.

Interested? Find out more:

What do we offer:

#LI-AB3 #LI-Hybrid


Additional Information

For everyone, everywhere. We're people building money without borders — without judgement or prejudice, too. We believe teams are strongest when they are diverse, equitable and inclusive.

We're proud to have a truly international team, and we celebrate our differences.
Inclusive teams help us live our values and make sure every Wiser feels respected, empowered to contribute towards our mission and able to progress in their careers.

If you want to find out more about what it's like to work at Wise visit Wise.Jobs.

Keep up to date with life at Wise by following us on LinkedIn and Instagram.