We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Senior Security Engineer at Kroo Bank Ltd. At Kroo Bank, we are charting the future of banking with our groundbreaking technological innovations and unique digital services. The rapid advancements in the fintech sector necessitate ongoing evolution in the roles and responsibilities of our bank to effectively tackle new business opportunities and challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation.. How you will contribute and key responsibilities: . As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: . Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices.. Vulnerability Management: Proactively identify, assess, and remediate security vulnerabilities to maintain the integrity and confidentiality of our customer data.. Security Automation: Automate security processes and procedures to enhance efficiency and effectiveness, reducing the risk of human error.. Security Requirements and Solutions: Identify, define, and document system security requirements, providing well-considered recommendations to management.. Development of Security Standards: Develop and maintain best practices and security standards for the organisation, guiding teams in the implementation of secure coding practices.. Secure Design: Collaborate with development teams to ensure that web and mobile front-ends, as well as microservice architectures, are designed with robust security measures in mind.. Cloud security and secure infrastructure: Assist teams in diagnosing and addressing gaps in infrastructure security, aligning the organisation with industry security posture standards.. Cybersecurity Collaboration: Work closely with stakeholders across the organisation to align security measures with our overarching cybersecurity strategy and protect the bank’s technology infrastructure.. Regulatory Compliance: Support teams in meeting compliance requirements for internal audits and external regulators, safeguarding against potential fines and reputational damage.. To be successful in this role you should have skills and experience in multiple domains, such as application security, network security or security operations. You need to have programming experience and the ability to proactively seek out efficient and repetitive solutions to security challenges. At a minimum, you should have at least 3 years of experience in system, network or application security. You should also have a proven experience and knowledge with any combination of the following:. . Threat modelling and risk assessments,. . Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS…),. . Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2),. . Working knowledge of cryptography including encryption, signing and digital certificates,. . Principles of securing mobile applications and web services,. . Docker or kubernetes and infrastructure as code,. . Event driven streaming technologies,. . Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs,. . Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform),. . Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes,. . Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP),. . Security certification such as CISSP, CCP, SANS, GAIC, Ethical Hacker,. . Experience in working in regulated company, preferably with a FinTech/ banking background and experience in DevOps,. . Excellent oral, written communication and presentation skills.. . Company Location: United Kingdom.