Senior Security Engineer

About us

Bondsmith is a fast growing digital cash savings platform focused on helping customers make the most of their money by offering access to a wide range of savings products.

We work with financial institutions like wealth managers, fintechs, banks, and advisors, providing them with tools to get better returns on cash, engage more effectively with clients, and simplify their operations. Our goal is to help savers get the most out of their cash.

At Bondsmith, our core values are rapid and continuous improvement, delivering good customer outcomes, and taking end to end ownership. Our team is made up of experienced professionals who are passionate about delivering excellent service and finding new ways to solve challenges in financial services. Joining us means working in a fast-paced environment where you will be making an impact on the financial lives of thousands of savers.

We’re regulated by the Financial Conduct Authority in the UK.

As a Senior Security Engineer, you will play a key role in protecting our systems, networks, and data while ensuring compliance with industry leading security standards such as ISO 27001. Your contributions will be essential in maintaining customer trust and safeguarding critical information assets.

This role sits within the Platform Engineering Team and requires a strong technical background, hands-on experience with security tools, and a collaborative mindset to work effectively across teams. The role will involve platform engineering activities, contributing to the design, implementation, and optimisation of scalable infrastructure. If you're motivated by solving complex problems in a dynamic, fast-paced environment, this position is for you.

What you will do:

• Develop and implement proactive security strategies, policies, and procedures to protect our systems, networks, and data assets.
• Lead regular security assessments, including vulnerability scans and penetration tests, identifying risks and driving remediation efforts.
• Monitor infrastructure for security incidents or unauthorised activity, responding swiftly to mitigate potential threats.
• Investigate security breaches and incidents, and develop robust incident response plans to ensure timely and effective resolution.
• Collaborate with cross-functional teams to design, implement, and manage security controls and configurations across a range of platforms and systems.
• Oversee compliance efforts for key regulatory frameworks such as ISO 27001, ensuring adherence to all relevant standards.
• Stay informed on industry trends, emerging threats, and new technologies to anticipate risks and continuously strengthen our security posture.
• Deliver security awareness training and develop educational materials to foster a culture of security across the organisation.
• Support the evaluation and implementation of security tools, solutions, and vendors to enhance and maintain our security infrastructure.
• Contribute to the development and upkeep of disaster recovery and business continuity plans, ensuring operational resilience.

Who you are:

• A degree in Computer Science, Information Security, or a related field; a Master’s degree is a strong advantage.
• Proven experience as a Security Engineer or in a similar role, with deep understanding of the threat landscape, ideally in fintech environments.
• Hands-on expertise with security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools.
• Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP).
• Relevant security certifications, such as Security+, IAT II/III level, or equivalent.
• Strong capability in risk assessment, vulnerability management, and data informed decision-making.
• Solid understanding of incident response procedures, including containment, eradication, and recovery from cybersecurity events.
• Advanced proficiency in AWS, with experience in multi-region and hybrid cloud architectures
• Strong grasp of networking protocols, including TCP/IP, and core network security principles.
• Proficiency in scripting and programming (i.e., Python) to support automation and integrate with security tooling.
• Excellent analytical and problem solving skills, with the ability to leverage data and metrics to guide decisions and measure outcomes.
• Clear and effective communication skills, capable of conveying complex security concepts to both technical and non-technical audiences.
• A proactive, self-motivated approach, with a history of taking initiative, owning projects, and delivering tangible results.

Ideally You Would Be

• Confident, and able to take initiative in a delivery-focused environment
• Independent, autonomous working style
• Able to learn quickly in a dynamic fast-paced industry
• Enjoy working as part of a high-performance team
• Hard-working, innovative and taking pride in their work
• Passionate about creating innovative solutions for customers
• Proficient in English.

What makes Bondsmith unique

• Early-stage startup: You will join an early-stage startup with less than 50 members. This means you’ll have an opportunity to make a real impact and shape the future of Bondsmith.
• Customer demand: Unlike other startups who are still finding their way and pivoting on products, we have strong demand from our enterprise clients for our products, we just need to keep building them.
• Next fintech growth story: We are doubling in headcount year on year and hiring across a range of positions

Company Benefits

• Competitive salary 💸
• Hybrid working (average of 3 days a week expected in office)
• Healthcare 🏥
• Pension scheme 💰
• Share scheme participation 📈
• All the right equipment to make sure you’re working at your best 💻
• Fun and social office in Shoreditch 🏢
• Deliveroo for working late in the office 🍔